Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3558708380C11F0838311BADAE4EC9C.roa
File: A3558708380C11F0838311BADAE4EC9C.roa (raw, json)
Hash identifier: MOF1FFjNcvMQNX9enboCujDUVjUxWw8gtSsy9OEb/n8=
Subject key identifier: 68:09:32:74:62:31:12:69:9C:14:5F:BD:7D:8D:B5:50:DA:40:27:B1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018255
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3558708380C11F0838311BADAE4EC9C.roa
Signing time: Fri 23 May 2025 19:32:18 +0000
ROA not before: Fri 23 May 2025 19:32:13 +0000
ROA not after: Tue 08 Jul 2025 19:32:13 +0000
asID: 5068
IP address blocks: 154.83.71.0/24 maxlen: 24
154.83.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98901 (0x18255)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 19:32:13 2025 GMT
Not After : Jul 8 19:32:13 2025 GMT
Subject: CN=6830cd42-0263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:fa:0e:f1:21:be:54:4d:0c:70:88:b9:c8:
84:93:e9:0b:fc:46:8c:86:b7:30:d4:a6:6a:40:bd:
0f:b3:97:81:81:b2:0a:33:c4:1e:a8:61:3f:a9:e6:
76:a2:81:5f:75:e3:bb:84:4f:d8:90:96:1b:89:89:
1f:b2:7c:9c:95:53:b4:ae:bc:99:24:62:42:c8:83:
1a:6c:9a:d4:ba:86:d9:c1:3c:48:f4:bb:75:00:3d:
60:59:d5:d8:5c:e0:5e:be:e7:90:9f:82:03:1a:17:
82:70:29:3b:aa:cf:e9:9d:55:39:17:f0:09:4b:8f:
60:51:b9:b2:2f:3b:3e:e9:12:c0:36:4e:f3:97:29:
2b:3a:55:e8:2b:04:73:be:00:43:dc:e0:ff:86:cb:
93:8e:04:fa:c0:dd:23:e7:20:c5:86:1c:d5:db:bd:
bc:fe:10:20:39:6f:6b:a7:b4:12:2d:8a:fa:e5:dd:
42:74:9e:b4:fb:94:3e:ae:11:8d:9f:0d:78:28:bd:
15:ee:e4:26:ea:66:0a:19:c7:fe:3b:70:f9:57:a3:
19:47:cd:92:74:e2:c1:fc:97:b5:ca:0a:92:78:34:
ea:ef:0f:78:15:8e:2c:74:20:71:2d:fb:c5:02:dd:
74:aa:a3:7c:c1:a7:d1:a6:43:8c:c5:02:54:23:c7:
cf:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:09:32:74:62:31:12:69:9C:14:5F:BD:7D:8D:B5:50:DA:40:27:B1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3558708380C11F0838311BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.71.0/24
154.83.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:69:ea:65:ae:52:d1:a2:f4:8b:68:d9:73:84:e1:58:d1:86:
03:f7:18:3b:bf:81:a7:df:0f:14:dc:99:bb:68:4b:40:6e:ef:
78:a7:ae:81:80:3e:e2:7a:ad:e4:da:d9:68:ec:2d:96:b2:80:
58:ee:c1:8d:e5:62:09:e7:13:cb:bb:2b:fe:ed:dc:4e:66:2b:
4d:d4:6c:56:58:3d:cc:44:76:49:f7:63:a5:0f:84:e7:18:01:
11:55:2c:03:fe:cc:1e:c5:58:c5:97:b1:de:56:d1:7e:6c:9e:
7a:77:c9:69:00:32:f8:0f:f1:ff:de:c1:66:ee:4d:4c:74:6b:
d8:f7:cf:46:b4:fb:89:83:15:11:e0:42:8f:24:f3:de:a4:be:
fd:78:3c:be:5a:c7:1f:82:c8:76:7a:6c:6b:76:e7:2d:a5:97:
ce:e4:af:1b:9a:1f:a6:7a:5a:90:62:2a:d1:e9:9f:6b:6c:a2:
6e:ae:43:23:15:71:6d:d2:6b:53:9b:3f:1b:d6:7d:77:a9:c5:
6b:51:5a:c6:73:7f:10:63:7d:f5:7a:17:ff:41:b2:56:a9:32:
7f:54:f5:a2:d1:f7:58:11:33:dd:e8:7e:7f:1b:be:bd:93:62:
98:19:6b:6c:45:50:29:ce:1b:7d:49:af:83:06:8d:1e:20:88:
63:a3:ee:c1
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYJVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTkzMjEzWhcNMjUwNzA4MTkzMjEzWjAYMRYw
FAYDVQQDEw02ODMwY2Q0Mi0wMjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArSb6DvEhvlRNDHCIuciEk+kL/EaMhrcw1KZqQL0Ps5eBgbIKM8QeqGE/
qeZ2ooFfdeO7hE/YkJYbiYkfsnyclVO0rryZJGJCyIMabJrUuobZwTxI9Lt1AD1g
WdXYXOBevueQn4IDGheCcCk7qs/pnVU5F/AJS49gUbmyLzs+6RLANk7zlykrOlXo
KwRzvgBD3OD/hsuTjgT6wN0j5yDFhhzV2728/hAgOW9rp7QSLYr65d1CdJ60+5Q+
rhGNnw14KL0V7uQm6mYKGcf+O3D5V6MZR82SdOLB/Je1ygqSeDTq7w94FY4sdCBx
LfvFAt10qqN8wafRpkOMxQJUI8fPbwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGgJ
MnRiMRJpnBRfvX2NtVDaQCexMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzU1ODcwODM4MEMxMUYwODM4MzExQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlNHAwQAmlNOMA0GCSqG
SIb3DQEBCwUAA4IBAQAuaeplrlLRovSLaNlzhOFY0YYD9xg7v4Gn3w8U3Jm7aEtA
bu94p66BgD7ieq3k2tlo7C2WsoBY7sGN5WIJ5xPLuyv+7dxOZitN1GxWWD3MRHZJ
92OlD4TnGAERVSwD/swexVjFl7HeVtF+bJ56d8lpADL4D/H/3sFm7k1MdGvY989G
tPuJgxUR4EKPJPPepL79eDy+Wscfgsh2emxrductpZfO5K8bmh+melqQYirR6Z9r
bKJurkMjFXFt0mtTmz8b1n13qcVrUVrGc38QY331ehf/QbJWqTJ/VPWi0fdYETPd
6H5/G769k2KYGWtsRVApzht9Sa+DBo0eIIhjo+7B
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:52:49 2025 by rpki-client