Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/128BD78C2FEB11F098263E90DAE4EC9C.roa
File: 128BD78C2FEB11F098263E90DAE4EC9C.roa (raw, json)
Hash identifier: CQ6A2OL0BRdNn9v/vWDpv9SjXsjQ9OJbZsdxFSnwe8w=
Subject key identifier: 5E:A3:32:89:BA:3C:EC:B5:B1:65:26:BB:8C:1C:F2:83:C0:F4:7B:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018058
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/128BD78C2FEB11F098263E90DAE4EC9C.roa
Signing time: Tue 13 May 2025 11:11:53 +0000
ROA not before: Tue 13 May 2025 11:11:48 +0000
ROA not after: Fri 13 Jun 2025 11:11:48 +0000
asID: 153706
IP address blocks: 154.193.208.0/24 maxlen: 24
154.193.209.0/24 maxlen: 24
154.193.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 16 May 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98392 (0x18058)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 11:11:48 2025 GMT
Not After : Jun 13 11:11:48 2025 GMT
Subject: CN=682328f9-5daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9f:37:8e:23:48:be:0f:c0:ef:39:04:03:40:
2f:59:4e:c1:ab:c0:c8:85:f0:2a:e3:47:cf:9e:d3:
fc:0a:02:69:62:78:e7:38:d9:aa:65:b0:b1:ec:56:
90:da:2d:30:12:0a:68:46:ac:eb:41:81:7c:52:ce:
14:36:1c:76:b0:70:6e:d1:63:6d:09:bf:b4:3d:d3:
eb:fe:4b:ef:ed:49:4c:60:a1:93:a4:42:7a:35:e6:
5d:f9:76:6f:67:42:6c:25:cc:c0:81:cd:32:c4:f4:
0a:8a:0b:07:80:70:f5:0f:db:70:64:93:da:5a:da:
11:49:23:16:ce:93:7a:ca:40:da:58:d7:a5:3a:2b:
34:6a:db:21:32:fb:d4:1c:58:51:6e:fa:94:94:82:
c3:20:56:64:92:75:50:de:27:c3:58:77:da:f1:fa:
77:49:80:ea:78:5b:28:05:a8:5b:b5:47:7c:bf:4d:
2c:4e:23:2f:71:e2:a0:ac:d1:cd:e2:12:f6:65:6d:
35:15:a8:7d:d4:ba:1d:43:c4:0e:ed:86:53:fb:dc:
88:9e:bf:83:56:94:30:d3:ed:ff:c8:17:8b:75:fb:
bd:96:9e:44:b3:16:c3:c3:d5:45:a9:15:e1:f9:29:
29:1f:c7:dc:58:a6:5b:d3:e3:3e:c1:0c:54:d4:46:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A3:32:89:BA:3C:EC:B5:B1:65:26:BB:8C:1C:F2:83:C0:F4:7B:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/128BD78C2FEB11F098263E90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.208.0-154.193.210.255
Signature Algorithm: sha256WithRSAEncryption
c2:b9:79:c9:66:44:1f:80:d3:f5:71:84:56:95:55:c9:80:00:
b1:e1:46:bd:ec:e5:9a:5a:ad:b5:71:7c:5b:4f:12:7a:81:e6:
91:cc:fa:bd:7a:4d:d8:cb:49:66:09:20:89:a4:54:5d:e4:02:
5c:ca:93:ff:e3:24:03:46:15:6e:77:30:f1:eb:ca:96:db:58:
98:10:8b:9b:3c:c0:1c:01:f7:59:77:0b:51:cb:ac:89:f8:e8:
18:da:e9:b7:f6:2e:37:fe:31:d4:ea:80:bf:1d:83:fc:40:40:
d3:59:61:f8:7d:ce:f4:6d:fe:0f:c5:36:34:bf:25:9d:84:f6:
86:f8:c8:a4:52:e7:e2:2f:ea:40:51:a6:fb:63:42:17:63:e8:
30:6f:11:b8:0b:6a:17:32:0e:3b:29:7c:67:ae:df:6d:8d:2e:
b1:6a:0c:ec:29:0f:f2:09:f3:3c:02:7c:26:da:24:9a:a9:83:
1a:89:d7:46:43:cb:c6:bd:97:32:50:84:f0:23:2e:81:01:b8:
e2:39:18:56:62:09:e6:3b:58:6b:0b:0e:8d:57:b7:b9:3a:cb:
e1:08:20:da:f6:7c:45:04:b2:ab:43:63:c0:2b:2f:a2:9d:7e:
b3:3f:fb:c4:55:35:d9:07:dd:43:c8:90:25:e0:6c:a1:c5:d5:
f7:38:32:68
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYBYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEzMTExMTQ4WhcNMjUwNjEzMTExMTQ4WjAYMRYw
FAYDVQQDEw02ODIzMjhmOS01ZGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqJ83jiNIvg/A7zkEA0AvWU7Bq8DIhfAq40fPntP8CgJpYnjnONmqZbCx
7FaQ2i0wEgpoRqzrQYF8Us4UNhx2sHBu0WNtCb+0PdPr/kvv7UlMYKGTpEJ6NeZd
+XZvZ0JsJczAgc0yxPQKigsHgHD1D9twZJPaWtoRSSMWzpN6ykDaWNelOis0atsh
MvvUHFhRbvqUlILDIFZkknVQ3ifDWHfa8fp3SYDqeFsoBahbtUd8v00sTiMvceKg
rNHN4hL2ZW01Fah91LodQ8QO7YZT+9yInr+DVpQw0+3/yBeLdfu9lp5EsxbDw9VF
qRXh+SkpH8fcWKZb0+M+wQxU1EabmQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFF6j
Mom6POy1sWUmu4wc8oPA9HtoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMjhCRDc4QzJGRUIxMUYwOTgyNjNFOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASawdADBACawdIwDQYJ
KoZIhvcNAQELBQADggEBAMK5eclmRB+A0/VxhFaVVcmAALHhRr3s5ZparbVxfFtP
EnqB5pHM+r16TdjLSWYJIImkVF3kAlzKk//jJANGFW53MPHrypbbWJgQi5s8wBwB
91l3C1HLrIn46Bja6bf2Ljf+MdTqgL8dg/xAQNNZYfh9zvRt/g/FNjS/JZ2E9ob4
yKRS5+Iv6kBRpvtjQhdj6DBvEbgLahcyDjspfGeu322NLrFqDOwpD/IJ8zwCfCba
JJqpgxqJ10ZDy8a9lzJQhPAjLoEBuOI5GFZiCeY7WGsLDo1Xt7k6y+EIINr2fEUE
sqtDY8ArL6KdfrM/+8RVNdkH3UPIkCXgbKHF1fc4Mmg=
-----END CERTIFICATE-----
Generated at Wed May 14 18:53:47 2025 by rpki-client