Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59A58F9021B411F08A0C9EF1DAE4EC9C.roa
File: 59A58F9021B411F08A0C9EF1DAE4EC9C.roa (raw, json)
Hash identifier: yjV+yc34J1KvEASZvdObc2PrEwF7XZNRg0I+nl0ftuw=
Subject key identifier: 65:9D:0C:FF:3A:E1:AD:80:D8:2F:4D:C6:4D:CB:8C:38:89:2B:BE:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B05
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59A58F9021B411F08A0C9EF1DAE4EC9C.roa
Signing time: Fri 25 Apr 2025 09:04:53 +0000
ROA not before: Fri 25 Apr 2025 09:04:49 +0000
ROA not after: Fri 02 May 2025 09:04:49 +0000
asID: 140570
IP address blocks: 154.91.5.0/24 maxlen: 24
154.91.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97029 (0x17b05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 09:04:49 2025 GMT
Not After : May 2 09:04:49 2025 GMT
Subject: CN=680b5035-78a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4a:25:6a:db:00:06:ce:b2:21:fd:ed:bf:21:
68:3e:0b:0b:81:5a:11:88:d8:2d:2e:f0:e0:6a:4c:
da:3e:5b:1c:02:50:37:15:d2:f0:78:be:d4:a3:e6:
c7:1e:84:4d:8c:6a:24:5b:da:18:3d:7c:5c:90:ed:
51:d7:f2:63:d2:88:16:70:9f:21:5b:e8:67:cd:38:
38:bf:bb:ba:c8:68:db:9f:b5:9b:2c:0a:00:e1:aa:
6e:18:da:7c:da:b0:7d:b9:b8:66:75:73:e7:2c:e3:
d3:e0:d1:88:d0:1a:55:86:79:67:93:58:ef:f0:e0:
ef:05:de:89:0b:03:20:bd:84:58:ba:fd:74:2f:84:
e4:f8:16:af:8f:6e:fa:16:e7:51:65:94:3a:16:07:
4c:95:07:98:70:2b:d6:c9:f9:c3:9e:dd:72:c8:b0:
d9:2a:f0:68:0c:26:d5:37:e2:fa:6f:2b:21:55:d0:
59:c6:06:87:8b:22:19:07:a4:9d:1b:c3:79:18:80:
50:85:a6:e9:54:73:d6:dd:80:22:8e:9a:5d:ef:87:
8d:8d:5c:8d:d7:74:cf:cf:cb:35:6d:b7:35:cf:8b:
b0:13:d2:4c:20:50:4b:95:cd:78:de:87:11:ef:65:
e4:ac:2e:15:fb:3e:9a:84:48:e7:02:f2:a6:54:9d:
92:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9D:0C:FF:3A:E1:AD:80:D8:2F:4D:C6:4D:CB:8C:38:89:2B:BE:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59A58F9021B411F08A0C9EF1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.5.0/24
154.91.7.0/24
Signature Algorithm: sha256WithRSAEncryption
87:70:1c:e6:1d:b5:f3:3a:d1:2a:b0:13:f2:5f:e0:5e:19:e2:
ac:87:37:53:ba:ba:44:a4:52:e5:2e:b2:ac:e0:f4:a0:55:4f:
f5:e7:af:b4:27:12:74:8e:05:e5:76:fd:f3:fd:92:bf:41:6e:
b5:db:c7:62:6f:31:29:1a:c7:f4:eb:76:e0:f8:eb:18:13:59:
e8:92:5d:78:30:bb:c2:2d:94:86:ed:fa:01:51:af:c3:b8:70:
33:fd:d3:97:3a:4e:5e:ae:71:2d:54:23:90:42:d8:b0:95:cf:
c0:4a:c8:6c:ca:41:cb:53:e1:06:64:ce:e7:02:f2:88:91:ab:
89:02:58:52:2b:0e:1e:ff:f3:a2:0d:e9:bd:87:fc:b9:b8:30:
fa:89:c5:b9:f4:94:96:63:8f:7d:84:e6:f7:c9:5e:94:a5:96:
bc:20:0b:1a:68:65:9f:07:1a:8b:5d:30:41:c8:a3:bd:75:01:
a5:5b:e3:b0:84:2f:d6:59:df:7b:9c:da:6f:b3:ba:6a:fa:b4:
f9:12:b5:74:1b:b8:80:41:68:2d:ec:93:76:f1:fe:80:a2:10:
c5:08:79:b3:81:d7:e4:d9:7c:24:4e:8a:6f:ea:ad:f2:d9:d9:
90:f3:22:96:66:c2:30:65:5c:f6:80:74:5e:ec:21:95:4c:86:
90:8f:f0:ae
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXsFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDkwNDQ5WhcNMjUwNTAyMDkwNDQ5WjAYMRYw
FAYDVQQDEw02ODBiNTAzNS03OGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv0olatsABs6yIf3tvyFoPgsLgVoRiNgtLvDgakzaPlscAlA3FdLweL7U
o+bHHoRNjGokW9oYPXxckO1R1/Jj0ogWcJ8hW+hnzTg4v7u6yGjbn7WbLAoA4apu
GNp82rB9ubhmdXPnLOPT4NGI0BpVhnlnk1jv8ODvBd6JCwMgvYRYuv10L4Tk+Bav
j276FudRZZQ6FgdMlQeYcCvWyfnDnt1yyLDZKvBoDCbVN+L6byshVdBZxgaHiyIZ
B6SdG8N5GIBQhabpVHPW3YAijppd74eNjVyN13TPz8s1bbc1z4uwE9JMIFBLlc14
3ocR72XkrC4V+z6ahEjnAvKmVJ2S3wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGWd
DP864a2A2C9Nxk3LjDiJK778MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OUE1OEY5MDIxQjQxMUYwOEEwQzlFRjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlsFAwQAmlsHMA0GCSqG
SIb3DQEBCwUAA4IBAQCHcBzmHbXzOtEqsBPyX+BeGeKshzdTurpEpFLlLrKs4PSg
VU/156+0JxJ0jgXldv3z/ZK/QW6128dibzEpGsf063bg+OsYE1nokl14MLvCLZSG
7foBUa/DuHAz/dOXOk5ernEtVCOQQtiwlc/ASshsykHLU+EGZM7nAvKIkauJAlhS
Kw4e//OiDem9h/y5uDD6icW59JSWY499hOb3yV6UpZa8IAsaaGWfBxqLXTBByKO9
dQGlW+OwhC/WWd97nNpvs7pq+rT5ErV0G7iAQWgt7JN28f6AohDFCHmzgdfk2Xwk
Topv6q3y2dmQ8yKWZsIwZVz2gHRe7CGVTIaQj/Cu
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:20:25 2025 by rpki-client