Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B197B861C5111F09AB9A2E5DAE4EC9C.roa
File: 2B197B861C5111F09AB9A2E5DAE4EC9C.roa (raw, json)
Hash identifier: bDZUu3I8ny+aOHSWbVUtKSd0H05Ib2Y3X39FTPjy908=
Subject key identifier: 9D:77:16:BB:A2:48:31:53:7E:0A:99:D8:96:6E:83:11:D0:2C:55:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017979
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B197B861C5111F09AB9A2E5DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 12:32:19 +0000
ROA not before: Fri 18 Apr 2025 12:32:15 +0000
ROA not after: Thu 15 May 2025 12:32:15 +0000
asID: 44486
IP address blocks: 154.193.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 01 May 2025 07:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96633 (0x17979)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 12:32:15 2025 GMT
Not After : May 15 12:32:15 2025 GMT
Subject: CN=68024653-95e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:74:1e:21:89:03:00:7b:02:8e:89:3a:0d:df:
cc:15:e8:a1:e3:40:cb:ce:40:61:36:f7:6e:7e:4f:
4a:31:05:92:06:76:7d:39:7e:6d:ac:2e:b0:21:6f:
91:8c:bd:39:4b:b2:fe:a0:4a:0b:fb:97:ee:b6:c4:
26:f5:bf:ee:22:6f:b2:99:24:5d:f7:af:3d:3e:e2:
cc:45:0c:47:da:3e:18:83:60:88:1c:75:3c:e0:70:
6d:47:e0:eb:d4:4e:e8:b2:ba:54:f2:a4:ce:1b:61:
42:c2:19:e1:bc:bf:f4:42:78:1e:3a:68:9e:b3:4f:
bb:b2:d6:22:dc:8f:91:46:88:17:bb:5d:43:fa:ca:
e1:f5:80:20:9c:25:3f:02:14:e4:7a:32:06:76:17:
39:15:af:14:c9:83:0d:85:cc:23:eb:db:ab:59:70:
a9:65:8b:e9:ff:1e:e4:6e:05:f3:c4:b1:7b:9b:ca:
1f:7d:85:b2:4e:91:05:1c:af:62:4b:4c:88:e1:0f:
c8:98:09:9b:fa:22:36:2a:40:b6:ac:2c:02:77:5f:
e4:95:22:e1:9a:f6:cd:67:1e:d2:e9:b9:a9:5c:65:
29:da:5c:6f:4d:ab:ce:fe:bd:ff:4a:59:0e:8d:b6:
a0:bf:67:78:93:05:8f:66:24:4e:71:12:6b:2d:c3:
5f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:77:16:BB:A2:48:31:53:7E:0A:99:D8:96:6E:83:11:D0:2C:55:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B197B861C5111F09AB9A2E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.188.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:81:cd:ed:d9:c8:60:cf:3a:e8:2e:c1:e8:83:6d:93:23:b5:
bf:9a:26:1f:8f:1e:a5:67:e4:e5:b6:2e:9d:15:94:32:ae:f3:
05:9c:d9:98:58:49:1f:7c:89:91:19:3a:eb:df:39:66:8f:78:
3a:fe:6e:04:c1:82:ac:1e:3b:0e:ae:8c:e0:80:a0:42:60:24:
89:9b:c1:9d:81:6f:d8:a9:c8:27:40:5a:94:43:9b:0c:16:a8:
f9:3f:f1:de:3a:3b:9e:54:b3:5e:61:51:cc:47:14:c9:fa:ea:
15:33:51:36:1d:fa:a8:18:f1:7f:d8:13:c4:ee:1b:40:a2:78:
2b:10:50:c8:f3:59:e3:29:15:65:f0:c8:f8:27:dd:57:8f:11:
0b:75:99:9e:50:1e:a3:bc:12:0e:7f:6f:7a:9a:5d:3f:1d:fd:
af:6e:e4:66:39:e6:66:eb:2a:85:34:94:af:20:d2:eb:75:6c:
9a:ae:8f:60:db:78:e0:57:3d:d0:40:ed:ed:5d:17:c0:ef:d1:
71:1a:76:57:6f:77:41:ba:b6:f6:97:8a:96:13:a2:93:c0:32:
40:7c:1d:1a:ee:8d:14:45:7e:88:6b:48:78:d8:5e:a7:60:50:
01:9e:f4:c9:eb:ac:1f:a5:07:b7:09:b8:0d:dc:0e:5c:a8:2e:
ee:1f:bb:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXl5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTIzMjE1WhcNMjUwNTE1MTIzMjE1WjAYMRYw
FAYDVQQDEw02ODAyNDY1My05NWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2nQeIYkDAHsCjok6Dd/MFeih40DLzkBhNvdufk9KMQWSBnZ9OX5trC6w
IW+RjL05S7L+oEoL+5futsQm9b/uIm+ymSRd9689PuLMRQxH2j4Yg2CIHHU84HBt
R+Dr1E7osrpU8qTOG2FCwhnhvL/0QngeOmies0+7stYi3I+RRogXu11D+srh9YAg
nCU/AhTkejIGdhc5Fa8UyYMNhcwj69urWXCpZYvp/x7kbgXzxLF7m8offYWyTpEF
HK9iS0yI4Q/ImAmb+iI2KkC2rCwCd1/klSLhmvbNZx7S6bmpXGUp2lxvTavO/r3/
SlkOjbagv2d4kwWPZiROcRJrLcNf2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ13
FruiSDFTfgqZ2JZugxHQLFVHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjE5N0I4NjFDNTExMUYwOUFCOUEyRTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsG8MA0GCSqGSIb3DQEB
CwUAA4IBAQBbgc3t2chgzzroLsHog22TI7W/miYfjx6lZ+Tlti6dFZQyrvMFnNmY
WEkffImRGTrr3zlmj3g6/m4EwYKsHjsOrozggKBCYCSJm8GdgW/YqcgnQFqUQ5sM
Fqj5P/HeOjueVLNeYVHMRxTJ+uoVM1E2HfqoGPF/2BPE7htAongrEFDI81njKRVl
8Mj4J91XjxELdZmeUB6jvBIOf296ml0/Hf2vbuRmOeZm6yqFNJSvINLrdWyaro9g
23jgVz3QQO3tXRfA79FxGnZXb3dBurb2l4qWE6KTwDJAfB0a7o0URX6Ia0h42F6n
YFABnvTJ66wfpQe3CbgN3A5cqC7uH7uN
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:26:58 2025 by rpki-client