Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4598D8683C7111F091A87EDDDAE4EC9C.roa
File: 4598D8683C7111F091A87EDDDAE4EC9C.roa (raw, json)
Hash identifier: 7lFEy7c2e4+wAm1bkd/U05T5r1zQ8ueq1MpjXieNq6E=
Subject key identifier: DA:40:A9:96:BF:66:19:55:93:4F:A3:1E:AA:DB:28:A5:1B:18:6E:31
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4598D8683C7111F091A87EDDDAE4EC9C.roa
Signing time: Thu 29 May 2025 09:42:45 +0000
ROA not before: Thu 29 May 2025 09:42:40 +0000
ROA not after: Fri 22 May 2026 09:42:40 +0000
asID: 29802
IP address blocks: 154.196.144.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99246 (0x183ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 29 09:42:40 2025 GMT
Not After : May 22 09:42:40 2026 GMT
Subject: CN=68382c15-c494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cb:02:cf:a3:57:85:b6:3e:b9:79:ff:6e:2a:
97:98:51:aa:f4:10:f5:ee:7b:79:a2:8d:84:9c:f2:
1a:ed:d4:ec:45:62:14:57:db:79:3e:8f:62:7d:f0:
c3:c3:a3:e9:20:65:e8:b4:22:60:b1:86:cf:71:cc:
47:3a:4d:1d:8c:76:5c:8a:17:7f:7f:8f:8a:25:4d:
e1:7a:3f:51:99:cc:72:87:db:ee:c2:06:13:40:24:
1e:e2:cd:3b:af:20:d3:6b:b6:d2:35:0a:0e:1b:1a:
f5:25:c1:5d:00:d5:80:b8:3a:9e:81:0a:3b:9e:d5:
f2:f2:17:0b:cd:28:65:b8:e0:42:7b:77:b8:69:aa:
cc:33:18:f0:42:5b:43:c2:c1:ee:c0:11:1a:e2:5d:
20:04:ea:a0:9a:e5:75:b9:c7:8c:0d:e0:6e:cb:c6:
a4:66:2a:18:0a:6a:2c:1e:98:38:bc:dd:e5:6d:ed:
72:cc:b3:87:37:2d:b2:2c:36:0f:13:ee:8c:c5:28:
1d:79:5e:0a:6c:7b:d7:51:fb:66:c3:04:fb:a3:b5:
19:c4:ba:47:7e:ac:35:b2:7e:b1:05:e4:46:7d:62:
57:b4:2c:53:8b:b4:f6:92:77:c6:2c:67:f9:75:c9:
50:ea:29:25:78:0c:23:1b:43:c0:32:77:af:ce:6f:
5e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:40:A9:96:BF:66:19:55:93:4F:A3:1E:AA:DB:28:A5:1B:18:6E:31
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4598D8683C7111F091A87EDDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.144.0/21
Signature Algorithm: sha256WithRSAEncryption
37:63:96:99:c2:b5:72:ed:be:a2:39:73:2b:43:02:99:bd:c8:
9e:61:9e:61:aa:7e:05:09:a0:2f:21:a5:ed:04:07:1d:b6:78:
33:13:99:f3:69:66:e1:97:d4:0c:c0:9a:52:89:28:13:df:3d:
e2:53:f2:5b:00:61:de:26:da:9c:3e:64:db:ac:38:ea:a6:02:
e3:99:87:3f:e4:19:ac:7f:5d:ee:53:7e:6b:0d:8d:b0:d4:5e:
47:33:19:13:1f:de:06:74:b8:5e:14:2a:72:43:7a:66:78:ae:
9f:bf:84:27:51:da:cd:5b:1f:95:22:a9:d4:5f:1a:ff:44:84:
a6:7f:18:14:70:ce:ab:20:85:3e:78:3e:03:8c:d3:72:69:d0:
9a:ee:85:99:f5:00:a4:0b:72:2b:33:07:1c:b6:5e:69:11:cf:
51:b2:c6:c1:7b:12:a6:a7:13:c4:02:be:01:21:69:50:c5:08:
aa:c5:60:74:38:1d:bf:24:fa:35:54:8e:13:40:c1:e4:39:78:
54:cb:f6:84:ed:88:82:40:42:95:94:c4:00:64:20:1b:52:08:
d9:04:93:77:e2:7e:83:cf:a2:db:69:74:7b:73:f4:c5:32:1f:
69:aa:71:d2:9d:d7:ea:4b:b4:6b:4d:6c:86:be:b3:3d:30:eb:
47:07:48:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYOuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI5MDk0MjQwWhcNMjYwNTIyMDk0MjQwWjAYMRYw
FAYDVQQDEw02ODM4MmMxNS1jNDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8csCz6NXhbY+uXn/biqXmFGq9BD17nt5oo2EnPIa7dTsRWIUV9t5Po9i
ffDDw6PpIGXotCJgsYbPccxHOk0djHZcihd/f4+KJU3hej9Rmcxyh9vuwgYTQCQe
4s07ryDTa7bSNQoOGxr1JcFdANWAuDqegQo7ntXy8hcLzShluOBCe3e4aarMMxjw
QltDwsHuwBEa4l0gBOqgmuV1uceMDeBuy8akZioYCmosHpg4vN3lbe1yzLOHNy2y
LDYPE+6MxSgdeV4KbHvXUftmwwT7o7UZxLpHfqw1sn6xBeRGfWJXtCxTi7T2knfG
LGf5dclQ6ikleAwjG0PAMnevzm9ehQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNpA
qZa/ZhlVk0+jHqrbKKUbGG4xMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NTk4RDg2ODNDNzExMUYwOTFBODdFREREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsSQMA0GCSqGSIb3DQEB
CwUAA4IBAQA3Y5aZwrVy7b6iOXMrQwKZvcieYZ5hqn4FCaAvIaXtBAcdtngzE5nz
aWbhl9QMwJpSiSgT3z3iU/JbAGHeJtqcPmTbrDjqpgLjmYc/5Bmsf13uU35rDY2w
1F5HMxkTH94GdLheFCpyQ3pmeK6fv4QnUdrNWx+VIqnUXxr/RISmfxgUcM6rIIU+
eD4DjNNyadCa7oWZ9QCkC3IrMwcctl5pEc9RssbBexKmpxPEAr4BIWlQxQiqxWB0
OB2/JPo1VI4TQMHkOXhUy/aE7YiCQEKVlMQAZCAbUgjZBJN34n6Dz6LbaXR7c/TF
Mh9pqnHSndfqS7RrTWyGvrM9MOtHB0gf
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:17:07 2025 by rpki-client