Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A34B6F1E439911F0A0191AE0DAE4EC9C.roa
File: A34B6F1E439911F0A0191AE0DAE4EC9C.roa (raw, json)
Hash identifier: QdCifTmMWzj6pPIrXnuUHys2k2O5Fqm+tKV1nOQW9Wc=
Subject key identifier: 4E:15:43:D4:E0:31:42:E0:34:59:2C:FE:C5:BD:EB:A6:07:73:B3:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018562
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A34B6F1E439911F0A0191AE0DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 12:19:20 +0000
ROA not before: Sat 07 Jun 2025 12:19:15 +0000
ROA not after: Wed 16 Jul 2025 12:19:15 +0000
asID: 203020
IP address blocks: 154.203.44.0/22 maxlen: 24
154.203.48.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99682 (0x18562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 12:19:15 2025 GMT
Not After : Jul 16 12:19:15 2025 GMT
Subject: CN=68442e48-fa4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e0:d5:7d:ce:16:67:c8:cf:c9:db:f2:48:a8:
7c:76:82:89:58:fc:1e:a3:3d:94:3c:24:50:c2:bf:
dd:00:ba:35:fa:9f:85:94:4c:43:be:0b:d6:31:3a:
d0:05:ee:9e:ff:15:da:28:1e:97:fc:8d:cd:18:cc:
60:29:ba:4d:3d:43:30:cb:0a:17:7a:a4:27:2a:a5:
7a:f4:ad:78:a7:22:66:eb:ee:6d:08:11:16:04:f2:
c1:5b:89:71:79:1c:6b:77:61:9e:ea:b2:2a:3a:35:
57:24:2d:f1:56:75:c9:92:39:58:ad:5d:c3:cb:93:
a5:e5:b1:c8:1c:9b:7d:1d:d4:f4:2f:d3:ef:65:cd:
ab:f5:17:fb:ff:1f:2c:2f:63:8b:d9:cb:7b:d7:77:
94:9f:ae:34:c1:e1:9e:22:a8:ee:ac:2b:5e:de:73:
e9:11:5f:3d:20:c4:6c:cf:a8:5b:82:b6:20:82:ca:
76:15:84:ce:17:90:55:fc:50:84:aa:6d:bb:91:7b:
23:2b:df:34:f9:d1:18:b0:ba:97:d4:39:79:2b:f8:
26:50:31:91:3c:d7:97:f3:31:3d:ed:d8:7d:23:b2:
e1:75:c8:19:2d:d7:9b:a5:6b:34:c2:b4:49:e5:b8:
ae:cb:b4:ed:c9:25:40:46:48:f8:85:6f:9b:61:66:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:15:43:D4:E0:31:42:E0:34:59:2C:FE:C5:BD:EB:A6:07:73:B3:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A34B6F1E439911F0A0191AE0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.44.0-154.203.49.255
Signature Algorithm: sha256WithRSAEncryption
01:b0:5c:6d:44:a0:a3:0b:57:35:16:cb:e9:14:9a:8b:4b:06:
0e:96:e2:d9:da:a8:f9:3b:5f:64:18:a7:f1:76:1a:d4:63:ec:
cc:51:3f:87:e0:a9:cd:94:9b:3d:9c:2c:1d:ad:05:9e:cf:fe:
5a:fb:75:29:e3:82:49:46:a7:28:45:57:65:3d:ab:60:f5:e5:
9e:3c:73:b8:f9:e6:d6:37:3f:93:31:6a:43:d3:6c:a0:ce:34:
5d:46:8c:ad:cf:96:64:6e:50:39:67:c9:e6:a9:40:32:de:2c:
b4:ff:74:90:bf:40:24:5b:e1:19:e1:39:f5:73:5b:84:bf:9f:
11:af:4b:e3:af:7f:9b:ee:93:4f:0c:f0:65:1c:47:62:14:7b:
f0:4a:03:b3:7e:74:1a:a4:1e:6e:8a:2c:45:74:f5:85:70:a9:
e4:21:d8:28:c8:12:2e:ff:3d:dd:d3:88:05:cb:ed:5d:dc:4c:
9e:2b:76:21:8b:0a:e4:50:53:98:b5:f3:87:a6:eb:a2:d7:4e:
5b:3f:45:19:a7:03:b3:59:21:fe:05:74:43:68:a6:79:27:41:
d1:93:2f:f9:5a:26:7b:58:82:7c:f7:26:0c:76:ae:8e:71:5a:
bc:5f:f0:31:f3:93:1a:62:0d:c5:86:e5:c5:8d:05:b2:c3:24:
34:fd:8b:8c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYViMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MTIxOTE1WhcNMjUwNzE2MTIxOTE1WjAYMRYw
FAYDVQQDEw02ODQ0MmU0OC1mYTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAquDVfc4WZ8jPydvySKh8doKJWPweoz2UPCRQwr/dALo1+p+FlExDvgvW
MTrQBe6e/xXaKB6X/I3NGMxgKbpNPUMwywoXeqQnKqV69K14pyJm6+5tCBEWBPLB
W4lxeRxrd2Ge6rIqOjVXJC3xVnXJkjlYrV3Dy5Ol5bHIHJt9HdT0L9PvZc2r9Rf7
/x8sL2OL2ct713eUn640weGeIqjurCte3nPpEV89IMRsz6hbgrYggsp2FYTOF5BV
/FCEqm27kXsjK980+dEYsLqX1Dl5K/gmUDGRPNeX8zE97dh9I7LhdcgZLdebpWs0
wrRJ5biuy7TtySVARkj4hW+bYWaN9wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFE4V
Q9TgMULgNFks/sW966YHc7PqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzRCNkYxRTQzOTkxMUYwQTAxOTFBRTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKayywDBAGayzAwDQYJ
KoZIhvcNAQELBQADggEBAAGwXG1EoKMLVzUWy+kUmotLBg6W4tnaqPk7X2QYp/F2
GtRj7MxRP4fgqc2Umz2cLB2tBZ7P/lr7dSnjgklGpyhFV2U9q2D15Z48c7j55tY3
P5MxakPTbKDONF1GjK3PlmRuUDlnyeapQDLeLLT/dJC/QCRb4RnhOfVzW4S/nxGv
S+Ovf5vuk08M8GUcR2IUe/BKA7N+dBqkHm6KLEV09YVwqeQh2CjIEi7/Pd3TiAXL
7V3cTJ4rdiGLCuRQU5i184em66LXTls/RRmnA7NZIf4FdENopnknQdGTL/laJntY
gnz3Jgx2ro5xWrxf8DHzkxpiDcWG5cWNBbLDJDT9i4w=
-----END CERTIFICATE-----
Generated at Tue Jun 17 09:00:25 2025 by rpki-client