Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8D5EA800D3211F0A20C8E73762E951A.roa
File: D8D5EA800D3211F0A20C8E73762E951A.roa (raw, json)
Hash identifier: g+A0+56Nf2IA8qdh35sJAKHc3JziOGFk5ASn28puZx4=
Subject key identifier: 67:61:21:C3:F3:53:F9:CF:68:F0:46:AE:DD:E5:C6:75:1F:A1:9E:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017705
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8D5EA800D3211F0A20C8E73762E951A.roa
Signing time: Sun 30 Mar 2025 06:47:29 +0000
ROA not before: Sun 30 Mar 2025 06:47:24 +0000
ROA not after: Wed 21 Jan 2026 06:47:24 +0000
asID: 138995
IP address blocks: 154.198.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96005 (0x17705)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 30 06:47:24 2025 GMT
Not After : Jan 21 06:47:24 2026 GMT
Subject: CN=67e8e900-20ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:2b:be:2e:fe:23:85:a6:e7:ab:bc:84:60:
de:bd:29:b6:9f:7e:74:59:a6:ab:47:83:cb:da:b3:
31:49:89:0c:60:22:7e:a5:ce:c1:51:db:d2:20:99:
d9:d3:6f:24:3a:a5:bc:de:8f:99:6a:55:d5:e5:87:
2e:0f:b5:3a:f9:5d:c0:65:e0:6c:8a:72:36:e4:8c:
10:e9:51:9f:cc:ca:f4:a6:40:c3:87:9c:ee:a8:ec:
49:81:3f:11:2a:2d:67:f7:31:54:7b:6f:ba:71:a1:
1d:4e:75:39:a7:4b:28:8c:50:f7:13:f1:cc:5e:ea:
b5:11:2d:99:a2:df:c4:6a:fb:6c:64:2c:63:c2:16:
9a:be:26:81:54:5a:be:9c:bd:32:aa:f2:86:f0:a4:
ad:3b:18:7c:97:a3:c8:5f:d8:67:3f:55:97:e7:bc:
46:bb:10:9f:71:86:51:66:ee:a7:d6:9c:56:b0:28:
67:88:15:d8:05:56:a4:3f:34:fc:ce:62:14:f7:b3:
21:c5:fb:f8:5b:6d:43:a1:7b:ae:f4:f6:f3:5d:dc:
73:7e:ca:e0:b8:36:ee:80:f1:ad:cc:90:1b:7e:19:
fb:71:28:78:58:f5:6f:37:7a:05:8b:76:a7:36:66:
cc:17:a7:ac:aa:09:79:1f:03:f3:de:96:74:71:df:
4e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:61:21:C3:F3:53:F9:CF:68:F0:46:AE:DD:E5:C6:75:1F:A1:9E:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8D5EA800D3211F0A20C8E73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.48.0/21
Signature Algorithm: sha256WithRSAEncryption
77:1a:0a:bc:98:a5:26:50:6d:9f:df:2c:56:67:83:15:b4:47:
04:f4:70:d6:b8:6a:7b:cb:d5:75:35:71:71:c4:d7:7c:46:67:
de:70:9b:38:74:ac:df:32:12:07:db:0a:21:00:ce:2d:e5:7d:
54:87:44:53:60:70:b7:61:e9:12:86:0c:eb:84:25:06:d1:ba:
75:d2:d4:8f:12:3d:88:df:e6:89:da:03:ce:47:30:78:a5:81:
54:ac:e5:e6:95:14:c2:9b:55:5d:d1:01:92:28:05:76:f3:57:
db:cc:72:98:d9:a4:1d:0b:a5:1c:00:b0:b2:94:b7:9d:ad:a2:
88:86:ee:09:1e:9c:66:eb:d7:8d:a3:95:86:5f:49:e9:ab:d8:
08:7f:a5:08:12:53:28:c1:93:94:5e:de:ad:04:69:07:d0:6e:
03:67:30:79:c1:cf:81:1f:55:43:41:44:ed:17:6b:72:f7:61:
35:b4:e2:ac:11:8c:b9:86:0f:74:2f:21:09:8f:92:a1:36:49:
0e:de:58:a3:02:f9:6e:e4:ea:fd:82:30:e1:a8:90:56:b3:ca:
bd:da:b6:75:87:3c:bc:11:9b:29:e7:95:ce:aa:5b:c7:0b:1d:
79:23:07:8f:2d:24:8e:27:6c:2c:9b:19:4b:c8:8e:a5:e8:25:
3e:22:f9:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXcFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzMwMDY0NzI0WhcNMjYwMTIxMDY0NzI0WjAYMRYw
FAYDVQQDEw02N2U4ZTkwMC0yMGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwVArvi7+I4Wm56u8hGDevSm2n350WaarR4PL2rMxSYkMYCJ+pc7BUdvS
IJnZ028kOqW83o+ZalXV5YcuD7U6+V3AZeBsinI25IwQ6VGfzMr0pkDDh5zuqOxJ
gT8RKi1n9zFUe2+6caEdTnU5p0sojFD3E/HMXuq1ES2Zot/EavtsZCxjwhaaviaB
VFq+nL0yqvKG8KStOxh8l6PIX9hnP1WX57xGuxCfcYZRZu6n1pxWsChniBXYBVak
PzT8zmIU97Mhxfv4W21DoXuu9PbzXdxzfsrguDbugPGtzJAbfhn7cSh4WPVvN3oF
i3anNmbMF6esqgl5HwPz3pZ0cd9OKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGdh
IcPzU/nPaPBGrt3lxnUfoZ6BMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOEQ1RUE4MDBEMzIxMUYwQTIwQzhFNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsYwMA0GCSqGSIb3DQEB
CwUAA4IBAQB3Ggq8mKUmUG2f3yxWZ4MVtEcE9HDWuGp7y9V1NXFxxNd8RmfecJs4
dKzfMhIH2wohAM4t5X1Uh0RTYHC3YekShgzrhCUG0bp10tSPEj2I3+aJ2gPORzB4
pYFUrOXmlRTCm1Vd0QGSKAV281fbzHKY2aQdC6UcALCylLedraKIhu4JHpxm69eN
o5WGX0npq9gIf6UIElMowZOUXt6tBGkH0G4DZzB5wc+BH1VDQUTtF2ty92E1tOKs
EYy5hg90LyEJj5KhNkkO3lijAvlu5Or9gjDhqJBWs8q92rZ1hzy8EZsp55XOqlvH
Cx15IwePLSSOJ2wsmxlLyI6l6CU+IvkZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:39:58 2025 by rpki-client