Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EBE99EA1F5911F08999DAB2DAE4EC9C.roa
File: 3EBE99EA1F5911F08999DAB2DAE4EC9C.roa (raw, json)
Hash identifier: 4RjcQfFF74tm/9ZSiK743VWzFNihdPmfnWsyulNI6cc=
Subject key identifier: F3:82:79:DE:98:EE:76:B6:EF:F9:4B:4D:83:69:0C:E7:C8:76:7F:75
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A82
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EBE99EA1F5911F08999DAB2DAE4EC9C.roa
Signing time: Tue 22 Apr 2025 09:07:42 +0000
ROA not before: Tue 22 Apr 2025 09:07:37 +0000
ROA not after: Mon 02 Jun 2025 09:07:37 +0000
asID: 174
IP address blocks: 154.202.105.0/24 maxlen: 24
154.202.134.0/24 maxlen: 24
154.202.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96898 (0x17a82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 09:07:37 2025 GMT
Not After : Jun 2 09:07:37 2025 GMT
Subject: CN=68075c5e-c507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:83:26:9f:75:25:31:fa:7b:6f:ad:d1:6a:0d:
9e:2e:69:31:22:dc:3c:7a:82:e9:1c:b3:11:16:82:
ce:1d:35:ad:05:68:ad:3d:af:2b:8d:37:5d:6e:8e:
0b:1a:0d:69:ab:7a:74:fe:be:13:33:93:47:dd:20:
01:19:9a:c8:fa:39:f5:3b:98:6e:f4:53:eb:1f:70:
67:4e:c6:a6:2a:48:b8:e7:e0:0e:30:dc:3f:df:c7:
37:3e:28:a8:59:9c:6f:30:67:b9:ea:ab:a4:17:07:
ba:35:93:3f:af:94:f9:f8:dd:82:f6:e4:9e:15:09:
e2:9c:d2:6f:36:d1:b3:85:9c:4b:9e:22:fb:5c:f4:
4c:3f:8f:2c:f1:db:d3:14:cb:a0:2a:e9:49:87:9b:
6c:f4:f5:48:72:37:1b:cc:64:cf:eb:a5:57:08:25:
62:f0:df:cc:8d:99:ac:d0:d6:48:85:5b:a8:6d:77:
94:a0:88:be:4d:4a:d7:17:94:2b:4e:de:58:1e:3a:
4e:f9:5c:cf:a6:63:4b:b6:e5:24:3b:c9:95:60:01:
be:23:ce:be:a9:32:76:54:06:9f:ef:cb:b3:e0:02:
98:92:f9:b0:c2:46:5d:51:ed:64:fd:14:97:50:22:
36:89:33:11:22:c1:c9:d9:06:9f:fb:12:49:f8:1f:
77:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:82:79:DE:98:EE:76:B6:EF:F9:4B:4D:83:69:0C:E7:C8:76:7F:75
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EBE99EA1F5911F08999DAB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.105.0/24
154.202.134.0/23
Signature Algorithm: sha256WithRSAEncryption
44:c0:c6:8a:82:2f:cc:71:1d:ab:23:74:12:6b:e8:79:27:5a:
1b:0e:ce:8b:02:82:b4:06:8b:d3:45:65:24:b8:ff:34:43:3c:
1c:e6:21:c4:4a:96:12:ac:87:9c:ec:ac:71:03:a8:56:2d:b8:
71:d8:8b:53:a9:15:ff:95:85:91:44:a0:37:23:62:f2:b6:c1:
89:04:0e:55:99:3f:d8:98:21:84:9a:81:a5:2c:60:dd:0b:58:
06:9f:1c:ef:24:2e:c0:72:49:03:4d:24:82:61:96:76:03:43:
79:75:5d:3b:e5:93:50:f1:e7:cb:58:5a:b3:88:47:4e:dd:c2:
e2:54:c5:a0:bd:db:8c:1f:91:ae:c1:dc:5f:29:c9:da:cf:0c:
6d:9a:1a:9a:d7:c4:17:c3:ff:c2:a5:24:7b:b8:66:d0:c3:4a:
d7:28:c1:7b:f8:fe:43:cc:8d:06:02:d1:61:90:4b:e9:12:bb:
a7:39:a2:6f:eb:0f:2a:0c:3b:c0:ea:36:73:4b:af:01:ef:01:
ac:36:1b:9f:ed:a6:8f:ca:d6:c8:90:88:91:06:db:a9:f4:43:
70:38:3c:88:f5:91:f5:08:e4:ab:b0:32:46:bf:ba:bb:b4:ba:
60:09:17:2f:d5:0a:9c:fd:d0:68:34:87:47:22:24:07:84:0c:
2e:1e:e0:60
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXqCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIyMDkwNzM3WhcNMjUwNjAyMDkwNzM3WjAYMRYw
FAYDVQQDEw02ODA3NWM1ZS1jNTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA24Mmn3UlMfp7b63Rag2eLmkxItw8eoLpHLMRFoLOHTWtBWitPa8rjTdd
bo4LGg1pq3p0/r4TM5NH3SABGZrI+jn1O5hu9FPrH3BnTsamKki45+AOMNw/38c3
PiioWZxvMGe56qukFwe6NZM/r5T5+N2C9uSeFQninNJvNtGzhZxLniL7XPRMP48s
8dvTFMugKulJh5ts9PVIcjcbzGTP66VXCCVi8N/MjZms0NZIhVuobXeUoIi+TUrX
F5QrTt5YHjpO+VzPpmNLtuUkO8mVYAG+I86+qTJ2VAaf78uz4AKYkvmwwkZdUe1k
/RSXUCI2iTMRIsHJ2Qaf+xJJ+B93gQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPOC
ed6Y7na27/lLTYNpDOfIdn91MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRUJFOTlFQTFGNTkxMUYwODk5OURBQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsppAwQBmsqGMA0GCSqG
SIb3DQEBCwUAA4IBAQBEwMaKgi/McR2rI3QSa+h5J1obDs6LAoK0BovTRWUkuP80
Qzwc5iHESpYSrIec7KxxA6hWLbhx2ItTqRX/lYWRRKA3I2LytsGJBA5VmT/YmCGE
moGlLGDdC1gGnxzvJC7AckkDTSSCYZZ2A0N5dV075ZNQ8efLWFqziEdO3cLiVMWg
vduMH5GuwdxfKcnazwxtmhqa18QXw//CpSR7uGbQw0rXKMF7+P5DzI0GAtFhkEvp
ErunOaJv6w8qDDvA6jZzS68B7wGsNhuf7aaPytbIkIiRBtup9ENwODyI9ZH1COSr
sDJGv7q7tLpgCRcv1Qqc/dBoNIdHIiQHhAwuHuBg
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:26:42 2025 by rpki-client