Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A951745E113E11F0B3E0A676762E951A.roa
File: A951745E113E11F0B3E0A676762E951A.roa (raw, json)
Hash identifier: nYjDvjjT6ogT2L59J+DiKbTEX/r/1HpY2Fd1gLr5uUA=
Subject key identifier: E8:0A:5C:3A:98:5B:56:C5:63:8C:46:CF:BB:34:20:3F:79:8A:6E:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A951745E113E11F0B3E0A676762E951A.roa
Signing time: Fri 04 Apr 2025 10:22:07 +0000
ROA not before: Fri 04 Apr 2025 10:22:04 +0000
ROA not after: Sun 11 May 2025 10:22:04 +0000
asID: 401615
IP address blocks: 154.82.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 06 May 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96180 (0x177b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 4 10:22:04 2025 GMT
Not After : May 11 10:22:04 2025 GMT
Subject: CN=67efb2cf-2ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:26:2d:91:37:00:36:46:a1:b3:cc:71:5e:f1:
08:08:7a:5c:8c:60:d1:ee:6d:dc:6e:28:6b:14:b9:
df:67:2b:cb:dc:68:be:73:e0:55:c5:97:7d:da:48:
9d:2f:68:1c:c5:fb:a0:de:60:22:56:ff:77:72:71:
ad:6f:e3:b6:50:9e:80:10:a7:4d:e2:ed:2e:ad:85:
ee:8c:14:df:f3:03:62:64:74:01:84:78:e2:23:b8:
04:ae:a1:05:de:74:8c:4b:b4:73:73:8d:9c:df:78:
b9:d3:7d:95:72:83:be:be:0b:a6:c8:f8:3c:52:68:
c7:3d:64:f1:59:1b:2d:73:02:94:07:1a:a1:b1:19:
0d:3b:53:df:4b:b2:3d:98:58:3c:24:5e:6b:4d:7e:
d8:8a:71:70:f6:47:c5:34:ce:07:34:39:1c:c4:d7:
b5:c0:94:9e:5f:bc:68:0b:84:03:27:aa:d6:49:f4:
bf:cb:eb:59:14:a2:ab:9e:62:4c:04:68:0e:8f:80:
89:2b:b8:83:62:a7:11:80:06:59:22:be:61:93:4a:
ca:ce:18:ec:a7:e4:8f:a9:08:7b:f9:7f:5a:d2:72:
f6:60:84:34:3e:f7:9a:2d:39:1d:69:83:d5:9d:e7:
fa:81:90:ac:93:7c:ee:d1:8d:fe:fc:02:38:98:c1:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0A:5C:3A:98:5B:56:C5:63:8C:46:CF:BB:34:20:3F:79:8A:6E:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A951745E113E11F0B3E0A676762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.136.0/23
Signature Algorithm: sha256WithRSAEncryption
50:ad:b0:8b:30:e4:5b:ac:34:4b:1a:2f:c7:12:9a:1a:cc:62:
15:63:fa:d7:9c:60:5d:8e:80:22:18:b7:b2:46:2f:5f:27:76:
84:e4:37:af:38:a0:a9:77:a1:71:4f:0a:9e:81:71:56:4b:c5:
0b:28:db:a5:23:02:bf:97:94:a2:3d:de:95:e5:29:a4:32:f8:
a6:77:4e:bf:c5:83:ce:89:f2:43:a5:f8:67:91:45:45:95:2a:
1d:33:4b:85:ac:5e:43:88:ae:32:6a:70:20:29:b8:24:2c:9d:
ac:1a:e2:7e:ce:04:fe:aa:fe:eb:b8:95:4c:09:59:24:15:59:
30:46:0c:4c:c2:89:93:6c:72:f3:1a:b2:f3:6c:0a:e0:81:29:
9e:20:d0:f1:6a:50:f1:d7:3f:c4:60:c6:11:5a:f0:f3:e6:b4:
3f:70:15:bd:4c:07:13:e5:da:43:4c:0e:8b:65:16:f7:de:b8:
8a:17:9c:f3:05:ba:03:4a:d5:1f:71:bc:63:ce:40:73:87:ed:
f6:61:c6:aa:f6:cc:c4:bc:b1:de:2c:b6:e2:ad:66:a1:01:ae:
aa:fb:48:9c:25:e9:56:6b:c6:b3:d4:c8:d7:4c:48:2a:e3:32:
af:74:2a:93:76:63:25:3f:c2:bf:d4:ea:25:9d:a2:b8:5a:20:
e9:c2:ed:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXe0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA0MTAyMjA0WhcNMjUwNTExMTAyMjA0WjAYMRYw
FAYDVQQDEw02N2VmYjJjZi0yZWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtyYtkTcANkahs8xxXvEICHpcjGDR7m3cbihrFLnfZyvL3Gi+c+BVxZd9
2kidL2gcxfug3mAiVv93cnGtb+O2UJ6AEKdN4u0urYXujBTf8wNiZHQBhHjiI7gE
rqEF3nSMS7Rzc42c33i5032VcoO+vgumyPg8UmjHPWTxWRstcwKUBxqhsRkNO1Pf
S7I9mFg8JF5rTX7YinFw9kfFNM4HNDkcxNe1wJSeX7xoC4QDJ6rWSfS/y+tZFKKr
nmJMBGgOj4CJK7iDYqcRgAZZIr5hk0rKzhjsp+SPqQh7+X9a0nL2YIQ0PveaLTkd
aYPVnef6gZCsk3zu0Y3+/AI4mMEG9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOgK
XDqYW1bFY4xGz7s0ID95im7cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOTUxNzQ1RTExM0UxMUYwQjNFMEE2NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlKIMA0GCSqGSIb3DQEB
CwUAA4IBAQBQrbCLMORbrDRLGi/HEpoazGIVY/rXnGBdjoAiGLeyRi9fJ3aE5Dev
OKCpd6FxTwqegXFWS8ULKNulIwK/l5SiPd6V5SmkMvimd06/xYPOifJDpfhnkUVF
lSodM0uFrF5DiK4yanAgKbgkLJ2sGuJ+zgT+qv7ruJVMCVkkFVkwRgxMwomTbHLz
GrLzbArggSmeINDxalDx1z/EYMYRWvDz5rQ/cBW9TAcT5dpDTA6LZRb33riKF5zz
BboDStUfcbxjzkBzh+32Ycaq9szEvLHeLLbirWahAa6q+0icJelWa8az1MjXTEgq
4zKvdCqTdmMlP8K/1OolnaK4WiDpwu1B
-----END CERTIFICATE-----
Generated at Sun May 4 12:57:56 2025 by rpki-client