Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5391066413B11F08DA97282DAE4EC9C.roa
File: F5391066413B11F08DA97282DAE4EC9C.roa (raw, json)
Hash identifier: V9CrNdOJ7zC6OzDX61JBNquFJlEzG3091L6ybizvF3U=
Subject key identifier: 67:7E:0C:51:84:80:E0:7B:32:44:0F:4B:06:36:10:4A:0C:E0:73:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0184D4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5391066413B11F08DA97282DAE4EC9C.roa
Signing time: Wed 04 Jun 2025 12:03:42 +0000
ROA not before: Wed 04 Jun 2025 12:03:38 +0000
ROA not after: Fri 11 Jul 2025 12:03:38 +0000
asID: 214143
IP address blocks: 154.81.132.0/22 maxlen: 24
154.81.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99540 (0x184d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 4 12:03:38 2025 GMT
Not After : Jul 11 12:03:38 2025 GMT
Subject: CN=6840361e-3039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:32:67:01:19:66:0d:eb:27:1a:11:d2:d0:28:
74:5e:40:3f:9f:7b:5c:59:fc:09:fc:61:51:31:e1:
1c:71:71:a3:7f:14:13:22:0e:eb:05:7a:85:9c:d4:
33:80:f1:a5:6b:58:55:97:b2:3a:54:f9:bc:d6:69:
82:d3:81:c6:ec:ce:1b:08:a8:22:74:c1:e8:21:5b:
53:6f:a5:98:c6:e0:50:30:bf:80:1e:25:e1:23:2c:
a3:fb:b2:d2:e8:57:71:12:6b:8b:2c:89:bc:0d:e1:
8b:d4:f4:7e:2a:c4:e7:13:03:46:77:64:3c:7d:75:
df:b2:26:19:6f:35:27:97:1e:2d:7a:01:51:57:7e:
92:f8:b8:4e:5b:2d:e6:7b:de:69:8c:51:eb:de:6a:
34:e8:74:4d:0e:ea:32:0b:c0:3b:3b:35:fd:31:4f:
d2:0e:c0:8f:24:f0:82:55:2e:9f:8c:58:84:41:3d:
6a:bf:bd:88:0b:75:bf:07:48:ab:6e:2a:c7:db:7d:
d8:3e:58:bb:a2:ae:ca:e5:09:00:7c:11:15:c5:e2:
68:50:35:3f:91:b4:84:50:47:2c:73:cf:e2:6b:4d:
23:b9:d3:80:36:95:8a:66:bd:b8:de:8a:54:ee:f5:
02:cd:b9:a0:b8:ac:d6:50:90:91:ee:b4:74:78:2b:
6f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7E:0C:51:84:80:E0:7B:32:44:0F:4B:06:36:10:4A:0C:E0:73:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5391066413B11F08DA97282DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.132.0/22
154.81.138.0/23
Signature Algorithm: sha256WithRSAEncryption
21:15:5e:e9:90:fa:50:25:43:74:81:8d:ba:af:86:42:80:b1:
16:fc:37:ff:db:dd:8c:f1:41:ff:99:40:33:43:3a:d0:e1:2a:
ab:a4:4f:f8:69:c4:ce:ec:af:ca:da:28:c9:75:16:76:b9:22:
35:4a:e1:e8:03:58:40:de:20:47:a0:cc:59:81:ab:36:96:8a:
c9:85:e7:65:14:db:46:59:40:37:20:07:85:7c:4a:7d:d2:cb:
47:e9:63:04:bc:df:e2:5b:c2:a0:ee:cb:14:54:08:c2:1e:60:
62:cd:63:51:96:9f:ad:65:b0:e1:6f:8f:5a:d8:f4:47:14:3e:
70:63:ca:37:a5:4e:fc:36:a7:a5:47:62:ef:31:a4:05:36:08:
3c:03:a7:4a:ad:44:06:cf:ae:28:f4:8d:5d:4f:a3:a2:f2:4b:
2c:e0:60:f5:c8:68:3f:97:1b:24:71:94:2e:9d:72:86:36:95:
b4:81:77:b6:dd:cb:91:de:1c:28:07:09:3c:b6:ec:9f:e3:29:
da:e6:46:f2:83:92:29:36:b1:cb:12:52:70:bd:e4:77:a1:68:
08:ec:da:9e:b2:4e:81:a3:11:a1:b8:04:25:b6:81:d2:58:5d:
f3:80:6c:66:55:f7:50:de:00:1d:8d:a8:3f:36:c1:93:3e:5c:
42:a3:53:57
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYTUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA0MTIwMzM4WhcNMjUwNzExMTIwMzM4WjAYMRYw
FAYDVQQDEw02ODQwMzYxZS0zMDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyzJnARlmDesnGhHS0Ch0XkA/n3tcWfwJ/GFRMeEccXGjfxQTIg7rBXqF
nNQzgPGla1hVl7I6VPm81mmC04HG7M4bCKgidMHoIVtTb6WYxuBQML+AHiXhIyyj
+7LS6FdxEmuLLIm8DeGL1PR+KsTnEwNGd2Q8fXXfsiYZbzUnlx4tegFRV36S+LhO
Wy3me95pjFHr3mo06HRNDuoyC8A7OzX9MU/SDsCPJPCCVS6fjFiEQT1qv72IC3W/
B0irbirH233YPli7oq7K5QkAfBEVxeJoUDU/kbSEUEcsc8/ia00judOANpWKZr24
3opU7vUCzbmguKzWUJCR7rR0eCtvjQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGd+
DFGEgOB7MkQPSwY2EEoM4HOfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNTM5MTA2NjQxM0IxMUYwOERBOTcyODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlGEAwQBmlGKMA0GCSqG
SIb3DQEBCwUAA4IBAQAhFV7pkPpQJUN0gY26r4ZCgLEW/Df/292M8UH/mUAzQzrQ
4SqrpE/4acTO7K/K2ijJdRZ2uSI1SuHoA1hA3iBHoMxZgas2lorJhedlFNtGWUA3
IAeFfEp90stH6WMEvN/iW8Kg7ssUVAjCHmBizWNRlp+tZbDhb49a2PRHFD5wY8o3
pU78NqelR2LvMaQFNgg8A6dKrUQGz64o9I1dT6Oi8kss4GD1yGg/lxskcZQunXKG
NpW0gXe23cuR3hwoBwk8tuyf4yna5kbyg5IpNrHLElJwveR3oWgI7Nqesk6BoxGh
uAQltoHSWF3zgGxmVfdQ3gAdjag/NsGTPlxCo1NX
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:45:33 2025 by rpki-client