Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5333509221B011F0BEF7C3D8DAE4EC9C.roa
File: 5333509221B011F0BEF7C3D8DAE4EC9C.roa (raw, json)
Hash identifier: L6+3cYmKvkYz7qymbV5JUDP20ibhwUIJORW3iFtQ5Ek=
Subject key identifier: 1D:D6:AD:74:D8:11:47:A7:B3:0E:76:FE:F4:13:7B:E2:D4:70:31:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AFB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5333509221B011F0BEF7C3D8DAE4EC9C.roa
Signing time: Fri 25 Apr 2025 08:36:05 +0000
ROA not before: Fri 25 Apr 2025 08:35:59 +0000
ROA not after: Fri 16 May 2025 08:35:59 +0000
asID: 135097
IP address blocks: 154.197.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97019 (0x17afb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 08:35:59 2025 GMT
Not After : May 16 08:35:59 2025 GMT
Subject: CN=680b4974-6643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5a:4d:1a:52:98:eb:8b:85:87:c0:39:08:04:
2f:d3:c1:18:1e:3a:ad:50:d8:67:e0:fb:f3:b3:35:
61:84:08:cb:3c:28:cc:bd:09:fd:e4:b0:96:23:0d:
33:6e:72:dc:b3:f3:c8:db:a3:d3:21:ec:fb:58:f2:
a5:49:3f:18:7b:d3:02:02:c8:63:c6:d2:eb:e7:e5:
1a:7b:4b:95:37:fe:2c:03:60:79:61:84:78:47:5a:
c8:49:ab:e4:fb:80:94:90:d9:30:47:40:f9:89:5e:
bb:90:dc:dd:da:e9:a6:19:80:5f:7b:4f:f4:ee:07:
68:6b:10:26:b4:02:3f:4c:08:59:89:03:8a:49:28:
5a:2e:99:ae:fc:dd:69:1d:87:c2:0b:58:3c:c9:81:
8b:37:5b:05:52:03:d1:fe:ce:b7:b6:62:73:20:03:
0b:d8:9e:d1:b0:7d:b0:0b:0e:39:2b:98:00:a6:00:
16:a0:22:a7:03:02:ac:d0:f9:dd:3e:05:39:94:44:
7a:e5:d9:88:d3:fb:c3:9c:31:dd:56:01:a0:ce:fd:
51:cc:a2:38:66:5b:1e:56:e7:81:0a:33:e4:b7:89:
ef:27:53:b4:95:6e:2c:6a:ff:ca:08:25:9b:b2:1a:
22:90:e1:d0:3e:21:e1:14:5e:c6:c8:d0:45:a2:0a:
10:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D6:AD:74:D8:11:47:A7:B3:0E:76:FE:F4:13:7B:E2:D4:70:31:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5333509221B011F0BEF7C3D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.128.0/17
Signature Algorithm: sha256WithRSAEncryption
84:99:85:00:4d:18:0b:1b:46:4c:22:40:26:3e:54:c4:c6:dc:
d7:98:43:d7:11:a1:80:79:2f:bf:22:fa:d9:f7:1a:1f:2c:7f:
be:5c:94:71:cf:8f:3d:20:83:b5:d7:a7:c8:19:e3:92:26:59:
7a:39:62:e3:e4:a5:4b:94:26:00:51:93:ea:b7:e9:bb:3c:da:
e2:8b:22:57:78:95:d8:c0:ae:5b:10:13:48:fc:1c:3d:62:6c:
d2:dc:e0:86:1d:70:8b:28:b1:dd:e2:b7:6d:a6:09:dc:0c:9f:
4b:c2:21:6b:b0:7a:bb:60:71:c7:a2:af:90:11:3f:e7:e3:99:
35:0f:d5:71:9e:38:fa:13:d7:42:f9:01:f1:f3:54:83:4f:75:
e8:c9:c4:fa:6c:32:33:7c:9b:66:7c:53:98:78:c6:cc:09:e5:
39:59:ff:c3:2c:32:14:9d:22:94:35:6a:62:8b:a2:fe:51:72:
91:6e:4f:a8:2f:39:4b:96:82:8e:cd:10:2b:29:29:ab:90:ec:
14:95:b0:be:1c:e8:59:fa:9e:3f:34:73:60:16:bc:b1:75:df:
aa:3f:39:bd:98:5d:ca:98:28:14:0b:87:01:88:57:99:33:ec:
52:e9:20:85:08:42:64:51:00:15:75:4a:d1:5a:50:b2:89:b2:
d6:59:56:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXr7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDgzNTU5WhcNMjUwNTE2MDgzNTU5WjAYMRYw
FAYDVQQDEw02ODBiNDk3NC02NjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8lpNGlKY64uFh8A5CAQv08EYHjqtUNhn4PvzszVhhAjLPCjMvQn95LCW
Iw0zbnLcs/PI26PTIez7WPKlST8Ye9MCAshjxtLr5+Uae0uVN/4sA2B5YYR4R1rI
Savk+4CUkNkwR0D5iV67kNzd2ummGYBfe0/07gdoaxAmtAI/TAhZiQOKSShaLpmu
/N1pHYfCC1g8yYGLN1sFUgPR/s63tmJzIAML2J7RsH2wCw45K5gApgAWoCKnAwKs
0PndPgU5lER65dmI0/vDnDHdVgGgzv1RzKI4ZlseVueBCjPkt4nvJ1O0lW4sav/K
CCWbshoikOHQPiHhFF7GyNBFogoQgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB3W
rXTYEUensw52/vQTe+LUcDGGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzMzNTA5MjIxQjAxMUYwQkVGN0MzRDhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHmsWAMA0GCSqGSIb3DQEB
CwUAA4IBAQCEmYUATRgLG0ZMIkAmPlTExtzXmEPXEaGAeS+/IvrZ9xofLH++XJRx
z489IIO116fIGeOSJll6OWLj5KVLlCYAUZPqt+m7PNriiyJXeJXYwK5bEBNI/Bw9
YmzS3OCGHXCLKLHd4rdtpgncDJ9LwiFrsHq7YHHHoq+QET/n45k1D9Vxnjj6E9dC
+QHx81SDT3XoycT6bDIzfJtmfFOYeMbMCeU5Wf/DLDIUnSKUNWpii6L+UXKRbk+o
LzlLloKOzRArKSmrkOwUlbC+HOhZ+p4/NHNgFryxdd+qPzm9mF3KmCgUC4cBiFeZ
M+xS6SCFCEJkUQAVdUrRWlCyibLWWVYA
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:52:19 2025 by rpki-client