Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65E966C242C611F0AC8DB187DAE4EC9C.roa
File: 65E966C242C611F0AC8DB187DAE4EC9C.roa (raw, json)
Hash identifier: WfzH1qORDunqAzTTfBoAG1ULoZLBuIgmzB4BCEEpDRY=
Subject key identifier: E3:D1:1A:CE:AE:AE:7D:C8:02:92:46:7A:E1:3F:0C:2A:96:B6:90:32
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018518
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65E966C242C611F0AC8DB187DAE4EC9C.roa
Signing time: Fri 06 Jun 2025 11:07:13 +0000
ROA not before: Fri 06 Jun 2025 11:07:08 +0000
ROA not after: Mon 04 Aug 2025 11:07:08 +0000
asID: 328608
IP address blocks: 154.201.48.0/22 maxlen: 24
154.201.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99608 (0x18518)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 6 11:07:08 2025 GMT
Not After : Aug 4 11:07:08 2025 GMT
Subject: CN=6842cbe1-7b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:42:7d:c3:aa:ae:e5:22:69:02:f3:34:46:ab:
3a:99:a2:2e:e2:d6:3d:c0:56:45:11:79:b7:05:8b:
db:87:49:ac:65:6d:fd:62:03:4a:dd:35:18:68:2e:
aa:a2:99:2f:e4:a8:46:5d:d8:14:e9:0d:a9:18:85:
c8:00:91:7b:0d:ff:3f:9e:71:8f:f0:18:b6:c2:bc:
2f:e9:5a:b1:02:c8:2f:a7:a0:f4:7e:f9:36:75:2a:
6a:fd:04:15:71:62:15:ef:ef:9d:33:09:5c:e1:f1:
2c:4f:2f:1e:16:c4:21:30:3f:45:ae:b6:ea:68:e4:
13:88:3a:47:3f:20:9d:6e:22:3d:d8:20:43:86:12:
a5:61:5e:06:94:08:76:e9:25:9e:fa:cd:8a:c2:6b:
20:a4:59:8d:50:4d:2a:49:d6:0d:cd:80:87:0d:ba:
b1:0f:d2:4e:03:ca:b8:d7:c8:bd:fc:b7:42:7c:d3:
30:a4:f9:71:5e:15:07:bd:9d:23:89:ab:22:b8:eb:
e0:c7:5b:02:bc:38:96:49:ed:36:a3:1e:13:38:c2:
47:8b:47:a6:5f:2e:51:60:58:bc:ff:f4:27:c7:8e:
f9:87:2f:e3:48:d6:f1:02:5a:c6:3f:09:a8:28:b9:
e8:ec:13:84:ea:08:f8:89:74:c0:23:07:3a:ec:7f:
ae:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D1:1A:CE:AE:AE:7D:C8:02:92:46:7A:E1:3F:0C:2A:96:B6:90:32
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65E966C242C611F0AC8DB187DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.48.0-154.201.52.255
Signature Algorithm: sha256WithRSAEncryption
84:db:09:2e:4b:de:95:2b:8d:65:6b:70:46:18:57:68:ac:83:
2a:aa:04:39:c2:05:1a:ea:ea:d0:b4:b9:f1:21:6c:70:0d:a5:
18:c6:97:92:0f:2c:0e:d4:ad:15:8f:93:0f:66:e5:39:97:3d:
78:4f:a2:f0:f6:73:61:34:46:e2:9d:f8:9a:8b:7d:01:15:72:
6d:e3:05:45:23:18:d4:23:16:65:64:e8:26:78:7e:0d:7d:4c:
3b:18:d2:ca:4e:48:7b:b4:86:e1:b2:39:88:13:22:42:bb:e8:
7f:42:33:4a:54:ce:41:cb:02:e8:4d:cc:b7:4c:7c:97:c4:cb:
43:d1:84:ff:ce:0b:c6:9e:d6:44:6d:b0:c0:87:14:30:92:1b:
d2:dc:9a:72:3f:18:20:ab:02:03:e1:a9:48:9d:ae:d9:42:86:
fb:1c:51:43:0d:0c:c9:7e:e4:dd:ae:b5:58:e4:33:5f:b6:81:
9d:1f:82:23:03:63:ba:25:bc:ec:97:29:83:48:e7:f6:b1:95:
9b:d6:19:00:d4:2f:5e:30:bb:4d:1c:fd:6e:34:a9:c8:ea:df:
4f:8a:8b:40:d7:bc:3a:2d:b0:c6:06:13:02:69:fe:65:e5:1a:
88:18:10:b9:2c:ce:d4:0b:66:f4:ca:19:a6:87:d4:4a:52:7a:
3a:97:b9:68
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYUYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA2MTEwNzA4WhcNMjUwODA0MTEwNzA4WjAYMRYw
FAYDVQQDEw02ODQyY2JlMS03YjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1UJ9w6qu5SJpAvM0Rqs6maIu4tY9wFZFEXm3BYvbh0msZW39YgNK3TUY
aC6qopkv5KhGXdgU6Q2pGIXIAJF7Df8/nnGP8Bi2wrwv6VqxAsgvp6D0fvk2dSpq
/QQVcWIV7++dMwlc4fEsTy8eFsQhMD9FrrbqaOQTiDpHPyCdbiI92CBDhhKlYV4G
lAh26SWe+s2KwmsgpFmNUE0qSdYNzYCHDbqxD9JOA8q418i9/LdCfNMwpPlxXhUH
vZ0jiasiuOvgx1sCvDiWSe02ox4TOMJHi0emXy5RYFi8//Qnx475hy/jSNbxAlrG
PwmoKLno7BOE6gj4iXTAIwc67H+u/QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOPR
Gs6urn3IApJGeuE/DCqWtpAyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NUU5NjZDMjQyQzYxMUYwQUM4REIxODdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASayTADBACayTQwDQYJ
KoZIhvcNAQELBQADggEBAITbCS5L3pUrjWVrcEYYV2isgyqqBDnCBRrq6tC0ufEh
bHANpRjGl5IPLA7UrRWPkw9m5TmXPXhPovD2c2E0RuKd+JqLfQEVcm3jBUUjGNQj
FmVk6CZ4fg19TDsY0spOSHu0huGyOYgTIkK76H9CM0pUzkHLAuhNzLdMfJfEy0PR
hP/OC8ae1kRtsMCHFDCSG9LcmnI/GCCrAgPhqUidrtlChvscUUMNDMl+5N2utVjk
M1+2gZ0fgiMDY7olvOyXKYNI5/axlZvWGQDUL14wu00c/W40qcjq30+Ki0DXvDot
sMYGEwJp/mXlGogYELksztQLZvTKGaaH1EpSejqXuWg=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:42:47 2025 by rpki-client