Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D399EE76210B11F0BCC7CF88DAE4EC9C.roa
File: D399EE76210B11F0BCC7CF88DAE4EC9C.roa (raw, json)
Hash identifier: kUTRyQ9+R2zBub6HPJarV03VtxV0tk6AP3YelrvQ7SA=
Subject key identifier: 83:5D:92:86:48:8A:2A:7D:80:8E:46:64:BD:4A:16:4A:83:74:8A:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017ACD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D399EE76210B11F0BCC7CF88DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 12:58:33 +0000
ROA not before: Thu 24 Apr 2025 12:58:27 +0000
ROA not after: Wed 14 May 2025 12:58:27 +0000
asID: 139880
IP address blocks: 154.82.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96973 (0x17acd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 12:58:27 2025 GMT
Not After : May 14 12:58:27 2025 GMT
Subject: CN=680a3579-822a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cc:51:e4:c5:f9:ac:e8:fe:9a:56:37:4f:90:
f9:85:d0:80:ef:e0:4f:f7:24:84:81:67:7c:a6:16:
cc:3b:2d:5a:9a:97:39:51:7e:15:21:68:73:ef:da:
e4:2c:d5:19:4f:91:e2:74:73:84:5f:1b:5c:45:5d:
11:eb:ba:35:e6:13:3f:d1:01:bf:a8:a5:f7:9d:6f:
92:a0:03:a9:45:e3:7a:e6:e2:ed:89:f7:8f:b5:61:
91:f8:a2:35:d8:63:55:a0:23:83:26:dd:64:f7:17:
0a:eb:ab:26:4d:da:f0:be:02:be:b8:7d:e3:c8:50:
eb:5c:d3:a7:4c:b8:fd:96:b0:a0:50:8d:39:5b:5e:
73:76:d2:6d:1f:d3:57:60:02:09:ae:b1:db:40:98:
56:da:80:17:fd:22:cc:ae:97:9c:80:f1:9c:ac:bb:
01:77:58:4d:e4:a5:0a:b3:c1:ab:79:62:af:0d:b5:
97:2e:8e:11:95:4d:8a:d9:e2:d8:9f:59:b8:f3:84:
a0:aa:60:ed:a4:fd:a1:ee:e7:92:32:4d:08:7d:64:
63:bc:76:4c:bc:96:fa:39:fa:fe:1f:be:4b:0a:eb:
a0:cd:ce:b0:25:68:0b:14:9b:17:92:01:4c:a5:6d:
f5:80:b5:95:b9:47:08:da:34:16:89:f9:5b:9f:4b:
30:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:5D:92:86:48:8A:2A:7D:80:8E:46:64:BD:4A:16:4A:83:74:8A:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D399EE76210B11F0BCC7CF88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.32.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:09:f3:2e:23:f2:d6:77:2b:67:c8:18:16:e2:79:53:c0:03:
35:9a:99:a1:a8:66:fc:ee:9d:4c:f6:5a:6e:5d:fd:e7:15:27:
85:a8:e0:41:8f:38:14:c0:8a:c7:01:d8:8d:02:8f:37:05:9b:
08:a6:ba:af:74:56:a6:aa:a4:6b:d7:3a:a3:40:c5:ee:bd:48:
ba:d2:5c:2b:b0:36:0e:07:aa:26:75:c8:bc:c8:89:97:f5:6a:
ba:49:3c:d1:0b:7d:3f:5f:35:7b:c9:d7:55:03:a2:45:e9:24:
28:ce:0a:b9:b6:25:55:01:6f:ef:29:fe:5b:fb:0b:1c:64:d8:
d1:84:b7:78:24:66:bd:67:19:66:6e:c4:22:2d:5b:a1:55:66:
71:01:3c:cb:48:8c:d1:92:30:ec:40:1e:81:42:c9:03:83:b1:
d0:1f:0a:0f:b1:52:d2:51:cf:a4:69:14:66:d6:f9:ba:b8:39:
4d:25:ff:0f:c6:2a:c3:30:f5:c5:2a:6d:fd:01:b1:45:b5:cc:
3c:07:72:6f:a3:af:05:9c:d6:61:c9:1b:79:e9:ad:ef:68:36:
a7:ec:5b:b5:31:8f:a5:bb:31:5e:90:43:8c:49:e3:a7:32:a3:
7d:31:b2:1b:24:f7:0e:36:af:30:13:04:a0:95:c1:04:00:36:
8e:b0:59:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXrNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI0MTI1ODI3WhcNMjUwNTE0MTI1ODI3WjAYMRYw
FAYDVQQDEw02ODBhMzU3OS04MjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyMxR5MX5rOj+mlY3T5D5hdCA7+BP9ySEgWd8phbMOy1ampc5UX4VIWhz
79rkLNUZT5HidHOEXxtcRV0R67o15hM/0QG/qKX3nW+SoAOpReN65uLtifePtWGR
+KI12GNVoCODJt1k9xcK66smTdrwvgK+uH3jyFDrXNOnTLj9lrCgUI05W15zdtJt
H9NXYAIJrrHbQJhW2oAX/SLMrpecgPGcrLsBd1hN5KUKs8GreWKvDbWXLo4RlU2K
2eLYn1m484SgqmDtpP2h7ueSMk0IfWRjvHZMvJb6Ofr+H75LCuugzc6wJWgLFJsX
kgFMpW31gLWVuUcI2jQWiflbn0sw+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFINd
koZIiip9gI5GZL1KFkqDdIr9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzk5RUU3NjIxMEIxMUYwQkNDN0NGODhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlIgMA0GCSqGSIb3DQEB
CwUAA4IBAQCqCfMuI/LWdytnyBgW4nlTwAM1mpmhqGb87p1M9lpuXf3nFSeFqOBB
jzgUwIrHAdiNAo83BZsIprqvdFamqqRr1zqjQMXuvUi60lwrsDYOB6omdci8yImX
9Wq6STzRC30/XzV7yddVA6JF6SQozgq5tiVVAW/vKf5b+wscZNjRhLd4JGa9Zxlm
bsQiLVuhVWZxATzLSIzRkjDsQB6BQskDg7HQHwoPsVLSUc+kaRRm1vm6uDlNJf8P
xirDMPXFKm39AbFFtcw8B3Jvo68FnNZhyRt56a3vaDan7Fu1MY+luzFekEOMSeOn
MqN9MbIbJPcONq8wEwSglcEEADaOsFka
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:16:15 2025 by rpki-client