Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5311733C479411F0A1A1B5C1DAE4EC9C.roa
File: 5311733C479411F0A1A1B5C1DAE4EC9C.roa (raw, json)
Hash identifier: t2Ken0nuoepGf6DMGvgVDAEx30CDwUe4y21cXIXtzdw=
Subject key identifier: B6:BB:38:0C:37:F3:6E:1C:83:22:AE:A8:91:0D:A6:B6:DE:22:4A:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018634
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5311733C479411F0A1A1B5C1DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 13:51:23 +0000
ROA not before: Thu 12 Jun 2025 13:51:18 +0000
ROA not after: Sat 21 Jun 2025 13:51:18 +0000
asID: 139880
IP address blocks: 154.194.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99892 (0x18634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 13:51:18 2025 GMT
Not After : Jun 21 13:51:18 2025 GMT
Subject: CN=684adb5b-4a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5b:1a:4d:6b:98:f9:c7:e5:32:e3:28:ab:b7:
4e:69:e9:44:52:8b:79:6a:e8:61:64:d2:8b:ef:2e:
f4:61:4b:28:c1:84:d3:73:ba:2d:16:31:76:0a:ef:
da:89:ed:b4:d7:79:de:4b:f7:5e:c3:7f:b2:68:a0:
4b:d4:eb:e0:4f:63:c4:89:45:71:a3:e9:6f:3b:c5:
e2:16:1b:2c:c3:54:d4:10:16:4d:fd:66:50:70:36:
6e:27:c1:95:89:99:32:96:01:26:6a:c1:ae:4d:52:
6d:03:22:1b:33:b0:6e:6e:52:4c:ec:d9:bc:62:58:
5c:7c:a4:01:71:ad:e0:6b:4f:de:20:cf:be:b8:27:
43:08:0d:78:b0:0b:d6:97:e5:df:67:5f:de:1f:db:
7b:1f:b2:72:e7:67:05:87:df:f5:77:4f:14:5f:dd:
1b:29:96:f8:b8:4f:83:77:62:94:03:d9:7c:8b:11:
be:17:69:ff:40:f8:8c:92:d7:d7:29:17:7d:31:34:
36:b0:fc:01:37:2b:34:e9:29:b6:0d:1c:0a:c6:60:
d8:4d:e9:af:ea:11:d3:01:59:89:ba:f9:c0:1f:ef:
35:00:a8:88:31:15:a5:dd:b9:7e:cd:d9:ef:c8:f0:
b5:8e:57:c3:2a:07:9f:9f:47:23:6c:44:26:7b:a8:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BB:38:0C:37:F3:6E:1C:83:22:AE:A8:91:0D:A6:B6:DE:22:4A:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5311733C479411F0A1A1B5C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:f8:a5:97:80:53:6d:8c:bb:46:56:63:98:80:9c:81:65:ee:
03:16:71:56:3b:f8:0a:fe:d0:e5:38:41:02:f1:39:7a:50:1d:
89:bc:1a:80:94:3f:96:11:96:c7:c2:1c:a6:ce:52:88:9a:ae:
8f:28:db:39:ca:6b:ba:94:33:54:94:89:09:fe:3e:17:1c:51:
3b:03:8d:78:2a:b8:5e:43:84:ae:b7:86:16:ed:39:b0:1f:96:
6f:18:f9:c7:5a:0e:0b:63:0a:3d:84:14:f8:a1:4a:84:7d:bf:
c3:c5:69:0c:ed:ed:d9:a1:88:69:d2:26:86:1b:3d:1e:9f:2c:
dc:43:2d:79:b5:12:ba:9c:14:65:69:0e:46:68:d9:1c:1c:ee:
81:3f:b9:73:08:89:23:04:3a:c2:fc:96:29:bc:d4:d6:f0:15:
da:0a:8d:eb:33:14:4e:58:4f:c6:5a:ce:cd:db:50:75:dd:6c:
18:74:57:22:1f:5d:79:6b:86:ad:8b:fb:5f:3a:b8:63:5f:7e:
e4:7a:1b:e2:ef:9b:e2:44:03:2b:5c:f7:5c:d6:09:3f:f3:04:
77:7e:ce:35:aa:23:69:36:e5:8d:b2:f0:a7:d1:04:fb:02:e0:
2d:ae:bd:ea:c3:1e:b2:43:f2:30:c3:f0:d2:b1:f9:7e:b7:02:
0a:0b:21:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYY0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEyMTM1MTE4WhcNMjUwNjIxMTM1MTE4WjAYMRYw
FAYDVQQDEw02ODRhZGI1Yi00YTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0FsaTWuY+cflMuMoq7dOaelEUot5auhhZNKL7y70YUsowYTTc7otFjF2
Cu/aie2013neS/dew3+yaKBL1OvgT2PEiUVxo+lvO8XiFhssw1TUEBZN/WZQcDZu
J8GViZkylgEmasGuTVJtAyIbM7BublJM7Nm8YlhcfKQBca3ga0/eIM++uCdDCA14
sAvWl+XfZ1/eH9t7H7Jy52cFh9/1d08UX90bKZb4uE+Dd2KUA9l8ixG+F2n/QPiM
ktfXKRd9MTQ2sPwBNys06Sm2DRwKxmDYTemv6hHTAVmJuvnAH+81AKiIMRWl3bl+
zdnvyPC1jlfDKgefn0cjbEQme6h84QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLa7
OAw3824cgyKuqJENprbeIkpEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzExNzMzQzQ3OTQxMUYwQTFBMUI1QzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsKAMA0GCSqGSIb3DQEB
CwUAA4IBAQC0+KWXgFNtjLtGVmOYgJyBZe4DFnFWO/gK/tDlOEEC8Tl6UB2JvBqA
lD+WEZbHwhymzlKImq6PKNs5ymu6lDNUlIkJ/j4XHFE7A414KrheQ4Sut4YW7Tmw
H5ZvGPnHWg4LYwo9hBT4oUqEfb/DxWkM7e3ZoYhp0iaGGz0enyzcQy15tRK6nBRl
aQ5GaNkcHO6BP7lzCIkjBDrC/JYpvNTW8BXaCo3rMxROWE/GWs7N21B13WwYdFci
H115a4ati/tfOrhjX37kehvi75viRAMrXPdc1gk/8wR3fs41qiNpNuWNsvCn0QT7
AuAtrr3qwx6yQ/Iww/DSsfl+twIKCyEv
-----END CERTIFICATE-----
Generated at Tue Jun 17 23:05:49 2025 by rpki-client