Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13C61CC02F3711F0B00AE5D5DAE4EC9C.roa
File: 13C61CC02F3711F0B00AE5D5DAE4EC9C.roa (raw, json)
Hash identifier: GG+rrCmtDYvfxxq3Sdii5k2yAIb/e6jcKdwdSJc3KbE=
Subject key identifier: 91:E5:66:5C:E9:BF:24:01:4C:72:DA:27:4F:B8:24:FC:70:B3:53:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018023
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13C61CC02F3711F0B00AE5D5DAE4EC9C.roa
Signing time: Mon 12 May 2025 13:43:25 +0000
ROA not before: Mon 12 May 2025 13:43:20 +0000
ROA not after: Tue 20 May 2025 13:43:20 +0000
asID: 204721
IP address blocks: 154.215.2.0/23 maxlen: 24
154.221.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98339 (0x18023)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 13:43:20 2025 GMT
Not After : May 20 13:43:20 2025 GMT
Subject: CN=6821fafd-09b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6d:25:60:fa:79:5a:f1:89:72:02:b8:54:06:
04:86:31:22:69:a7:d9:5d:da:6e:08:6b:3e:c2:b5:
38:98:36:00:e2:8f:2e:f2:89:78:e8:1b:b2:50:d0:
2e:f3:21:a5:81:4b:99:4c:02:2e:6d:e4:c9:eb:06:
5e:0f:04:6c:87:fe:38:27:e2:5c:ef:55:f0:cb:2b:
42:98:27:60:c3:96:15:b3:9a:2a:41:e4:53:db:10:
e6:33:c3:83:70:25:79:ac:ee:8e:86:4b:c3:38:7d:
3a:07:fc:96:06:66:1a:27:3e:a5:0d:f7:43:31:16:
c1:55:4b:e6:07:ba:c9:3b:37:a4:9a:ba:8b:8a:b0:
ea:99:aa:38:4d:b3:48:b7:20:f6:46:ab:c4:df:ab:
a5:89:9e:9d:d6:a2:82:50:10:3a:8b:fd:ca:6e:27:
0e:a9:df:a6:d3:aa:c6:36:b8:f3:f5:cb:79:02:c0:
47:2b:b5:6c:70:1f:3d:14:28:44:c9:43:94:9c:e8:
f6:2c:58:e7:c2:f7:a3:7e:64:15:15:94:5a:1f:3f:
60:b4:ef:87:ae:ce:3f:58:b3:4f:b6:f9:54:28:e5:
a0:0f:83:67:5c:e8:c1:f2:ca:61:f3:d2:cc:ce:89:
f8:29:c8:71:bd:44:1f:5d:6d:66:1c:b6:e2:6c:85:
95:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E5:66:5C:E9:BF:24:01:4C:72:DA:27:4F:B8:24:FC:70:B3:53:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13C61CC02F3711F0B00AE5D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.2.0/23
154.221.2.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:38:1f:ef:61:e6:6c:71:85:de:80:a6:a1:04:30:39:05:48:
7d:c7:dd:81:d5:29:de:42:bf:ab:78:96:f3:0b:0b:9b:26:e9:
ae:be:56:e0:cb:c3:c2:76:0f:5e:be:14:5a:67:9d:b1:63:7d:
72:2b:e7:20:cc:d3:71:6e:2b:36:69:3b:45:51:45:71:cb:e8:
5d:c7:34:ea:0c:58:0e:90:f5:38:d4:36:a8:72:6b:98:9e:bf:
48:8a:28:38:15:c2:2b:52:f7:cc:bd:b4:ad:a1:b1:df:a8:20:
2d:87:1c:fe:83:62:82:c4:b9:3a:b9:52:b5:e2:61:58:d7:be:
7e:3f:e9:9f:87:a0:92:08:8f:9f:36:3a:8b:ce:3d:f0:43:46:
43:a9:24:09:fa:c8:05:3a:aa:25:c7:cc:6e:76:fa:86:51:42:
7a:4d:78:dd:cc:a6:7d:c4:c4:92:80:67:45:8a:f1:21:99:79:
58:00:50:85:e4:7a:8f:84:29:6e:6b:4b:c5:07:26:54:07:41:
fa:ea:e5:aa:92:0e:f9:46:fe:b6:7e:02:22:10:c0:85:5e:da:
25:65:24:51:c9:1d:2e:d5:61:99:c8:8b:af:d4:30:3e:c5:f6:
d0:e1:9d:29:2e:d1:fc:db:53:87:66:5c:f2:ed:cd:f8:34:9e:
d7:ca:29:10
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYAjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTM0MzIwWhcNMjUwNTIwMTM0MzIwWjAYMRYw
FAYDVQQDEw02ODIxZmFmZC0wOWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4m0lYPp5WvGJcgK4VAYEhjEiaafZXdpuCGs+wrU4mDYA4o8u8ol46Buy
UNAu8yGlgUuZTAIubeTJ6wZeDwRsh/44J+Jc71XwyytCmCdgw5YVs5oqQeRT2xDm
M8ODcCV5rO6OhkvDOH06B/yWBmYaJz6lDfdDMRbBVUvmB7rJOzekmrqLirDqmao4
TbNItyD2RqvE36uliZ6d1qKCUBA6i/3KbicOqd+m06rGNrjz9ct5AsBHK7VscB89
FChEyUOUnOj2LFjnwvejfmQVFZRaHz9gtO+Hrs4/WLNPtvlUKOWgD4NnXOjB8sph
89LMzon4KchxvUQfXW1mHLbibIWVUwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJHl
ZlzpvyQBTHLaJ0+4JPxws1OSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xM0M2MUNDMDJGMzcxMUYwQjAwQUU1RDVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmtcCAwQBmt0CMA0GCSqG
SIb3DQEBCwUAA4IBAQDGOB/vYeZscYXegKahBDA5BUh9x92B1SneQr+reJbzCwub
Jumuvlbgy8PCdg9evhRaZ52xY31yK+cgzNNxbis2aTtFUUVxy+hdxzTqDFgOkPU4
1DaocmuYnr9Iiig4FcIrUvfMvbStobHfqCAthxz+g2KCxLk6uVK14mFY175+P+mf
h6CSCI+fNjqLzj3wQ0ZDqSQJ+sgFOqolx8xudvqGUUJ6TXjdzKZ9xMSSgGdFivEh
mXlYAFCF5HqPhClua0vFByZUB0H66uWqkg75Rv62fgIiEMCFXtolZSRRyR0u1WGZ
yIuv1DA+xfbQ4Z0pLtH821OHZlzy7c34NJ7XyikQ
-----END CERTIFICATE-----
Generated at Thu May 15 23:53:39 2025 by rpki-client