Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1B72DC2A2B3011F0AD0560E9DAE4EC9C.roa
File: 1B72DC2A2B3011F0AD0560E9DAE4EC9C.roa (raw, json)
Hash identifier: YdFOmoAaMcClXrEYOAVWnZunPfZ2oTKVjgqfYUJfZNI=
Subject key identifier: D9:46:78:C9:4D:6E:6B:39:BF:3F:BD:E0:D7:12:89:95:4D:00:74:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017F5F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1B72DC2A2B3011F0AD0560E9DAE4EC9C.roa
Signing time: Wed 07 May 2025 10:43:27 +0000
ROA not before: Wed 07 May 2025 10:43:23 +0000
ROA not after: Mon 16 Jun 2025 10:43:23 +0000
asID: 137899
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 07:24:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98143 (0x17f5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 10:43:23 2025 GMT
Not After : Jun 16 10:43:23 2025 GMT
Subject: CN=681b394f-76cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ba:9d:16:0d:c8:fd:62:d7:87:12:58:85:38:
54:ca:f3:3e:02:65:18:04:13:ac:4d:bc:45:4d:75:
73:e6:70:0a:98:fc:4b:b5:97:be:21:c8:ab:af:e3:
12:d2:a2:bf:67:33:e5:61:2d:42:2b:7b:ad:c2:d0:
8a:59:52:c2:51:f5:bd:2f:50:08:82:de:54:36:dd:
cd:ed:fb:0b:9a:67:82:9e:c2:73:0b:a1:c9:fc:7b:
fd:8e:a5:bb:de:85:ba:b7:19:a8:24:47:d7:73:85:
a4:13:38:bf:ff:b4:ce:d6:27:bb:78:2e:28:75:e2:
22:f6:75:07:e0:2c:83:45:42:61:bd:23:b4:0c:12:
ca:3f:65:b5:92:ca:db:40:7b:16:d7:80:a3:61:8a:
d6:e5:e3:e9:89:f7:70:f8:8a:05:e0:cc:90:ca:d9:
9f:b2:61:4b:3a:6b:e7:35:15:a8:2a:91:3d:57:70:
73:db:18:da:15:ba:01:7b:79:d8:42:11:01:05:47:
6e:83:57:23:9d:87:55:8c:34:af:7d:a3:bc:bc:0e:
28:bc:f0:40:58:b1:f4:c0:f3:60:b5:9a:00:94:a8:
d5:b3:d3:1b:5a:51:15:2c:e0:31:f9:72:51:22:10:
f3:5e:34:8d:aa:2b:db:30:ce:91:79:6a:43:08:90:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:46:78:C9:4D:6E:6B:39:BF:3F:BD:E0:D7:12:89:95:4D:00:74:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1B72DC2A2B3011F0AD0560E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:72:02:20:28:79:a9:21:35:15:28:cf:5f:f8:d0:60:02:50:
36:c5:09:be:84:95:94:ea:43:b6:61:46:20:f5:bc:4e:1b:f7:
6b:57:a6:27:f1:84:e2:27:1f:78:95:2e:ba:5c:78:5c:d0:f9:
ba:74:40:08:8c:b8:79:d9:21:b9:1c:b3:90:65:46:9c:0e:83:
fc:8f:11:91:e3:d8:1a:05:cd:73:9d:26:69:69:e9:7b:d8:92:
38:1b:3b:cd:47:cb:55:5b:d9:f8:eb:2d:c2:7d:d9:23:6c:e1:
da:43:06:cc:ad:6c:48:aa:90:19:53:96:0b:70:e4:68:e4:a1:
47:12:ac:66:50:e6:3b:10:63:8c:e1:9b:b7:25:6d:cd:81:5d:
f7:bd:03:6c:9e:8b:3e:01:7a:97:4f:79:bc:7d:be:0a:b2:1f:
c8:74:a6:ad:40:f0:61:1f:01:85:90:e3:6f:99:5f:b2:40:41:
ec:0c:45:ea:08:a7:28:36:a0:15:b1:6a:76:ea:4c:e1:b5:35:
32:91:56:a2:65:41:73:30:5e:24:a2:9f:bb:a5:c1:63:5e:12:
cc:27:6a:16:6c:13:6e:6b:fb:47:2f:33:06:a3:2e:2a:e4:b0:
1f:95:3b:5c:ea:a2:6e:80:d3:da:f9:4b:d7:7e:2f:35:23:2f:
b5:83:70:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX9fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA3MTA0MzIzWhcNMjUwNjE2MTA0MzIzWjAYMRYw
FAYDVQQDEw02ODFiMzk0Zi03NmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA47qdFg3I/WLXhxJYhThUyvM+AmUYBBOsTbxFTXVz5nAKmPxLtZe+Icir
r+MS0qK/ZzPlYS1CK3utwtCKWVLCUfW9L1AIgt5UNt3N7fsLmmeCnsJzC6HJ/Hv9
jqW73oW6txmoJEfXc4WkEzi//7TO1ie7eC4odeIi9nUH4CyDRUJhvSO0DBLKP2W1
ksrbQHsW14CjYYrW5ePpifdw+IoF4MyQytmfsmFLOmvnNRWoKpE9V3Bz2xjaFboB
e3nYQhEBBUdug1cjnYdVjDSvfaO8vA4ovPBAWLH0wPNgtZoAlKjVs9MbWlEVLOAx
+XJRIhDzXjSNqivbMM6ReWpDCJArNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNlG
eMlNbms5vz+94NcSiZVNAHSIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQjcyREMyQTJCMzAxMUYwQUQwNTYwRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQCtcgIgKHmpITUVKM9f+NBgAlA2xQm+hJWU6kO2YUYg9bxOG/drV6Yn
8YTiJx94lS66XHhc0Pm6dEAIjLh52SG5HLOQZUacDoP8jxGR49gaBc1znSZpael7
2JI4GzvNR8tVW9n46y3CfdkjbOHaQwbMrWxIqpAZU5YLcORo5KFHEqxmUOY7EGOM
4Zu3JW3NgV33vQNsnos+AXqXT3m8fb4Ksh/IdKatQPBhHwGFkONvmV+yQEHsDEXq
CKcoNqAVsWp26kzhtTUykVaiZUFzMF4kop+7pcFjXhLMJ2oWbBNua/tHLzMGoy4q
5LAflTtc6qJugNPa+UvXfi81Iy+1g3AI
-----END CERTIFICATE-----
Generated at Tue May 13 13:24:42 2025 by rpki-client