Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D353C8E30A211F09EA7EED9DAE4EC9C.roa
File: 1D353C8E30A211F09EA7EED9DAE4EC9C.roa (raw, json)
Hash identifier: SLqwGHekJDTZPjK+08/fOO58FTSQsnL2jIYiQcKlyKQ=
Subject key identifier: 08:AA:18:BE:F4:76:C7:B1:69:8D:81:79:3B:31:73:0B:E7:FF:A3:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018089
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D353C8E30A211F09EA7EED9DAE4EC9C.roa
Signing time: Wed 14 May 2025 09:02:08 +0000
ROA not before: Wed 14 May 2025 09:02:04 +0000
ROA not after: Tue 20 May 2025 09:02:04 +0000
asID: 54801
IP address blocks: 154.213.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98441 (0x18089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 14 09:02:04 2025 GMT
Not After : May 20 09:02:04 2025 GMT
Subject: CN=68245c10-efd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:39:8f:ab:9a:64:32:62:e7:5e:fc:74:b2:
ab:69:51:ad:56:25:bb:1c:50:63:30:ff:e0:f0:43:
28:6f:a9:e9:f6:60:85:c4:81:b9:32:01:68:3d:20:
5e:db:47:63:a1:91:af:d7:0e:e9:d2:cd:92:fc:78:
a5:e9:53:09:5d:b7:3f:3e:2c:5d:4a:1c:43:51:6a:
01:5c:4a:f8:44:db:cd:d3:07:2d:9c:70:87:27:10:
58:28:4b:08:17:2c:34:17:56:d5:95:e7:03:8e:7f:
9e:a1:d7:e5:d1:1c:d2:39:6e:a5:33:d9:ce:ff:c3:
4f:0d:b8:02:60:4f:4a:eb:2e:fa:0f:4f:75:6b:f4:
e3:82:ce:94:e0:4a:5d:1c:b8:32:79:cb:21:42:b5:
a6:62:32:c0:1d:c9:79:1e:83:f6:02:d4:67:de:70:
19:4b:be:14:d8:63:b5:74:54:10:dd:0b:35:4e:b9:
2d:33:19:2e:e7:52:81:90:d2:bc:54:0b:f1:49:87:
36:e3:fe:86:19:33:c5:ad:83:12:2f:2e:59:58:27:
39:87:f0:95:a9:46:a4:f4:04:7f:7c:08:b3:6c:98:
77:57:99:fa:fd:9c:05:bb:79:e3:98:49:99:ed:04:
26:ff:13:8b:cd:89:3f:87:8f:e2:25:ae:19:5f:99:
c3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:AA:18:BE:F4:76:C7:B1:69:8D:81:79:3B:31:73:0B:E7:FF:A3:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D353C8E30A211F09EA7EED9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.176.0/20
Signature Algorithm: sha256WithRSAEncryption
bf:3b:55:63:b2:0a:24:2c:53:7f:e5:0f:4a:0f:87:57:c4:a9:
a5:30:18:42:de:ee:ef:32:be:50:96:cb:13:04:28:80:b6:13:
7d:25:a8:cc:58:30:e4:8d:df:b7:38:ab:17:5f:9e:fd:6b:cf:
f3:c4:37:b6:bb:4b:8d:16:c2:58:7f:0f:10:e9:cc:1d:c8:e3:
f1:3a:82:4b:0f:30:bc:dd:de:26:25:47:0c:d0:0f:94:10:aa:
74:ec:d2:c6:02:57:a4:00:ec:b6:ae:06:0f:f4:37:8b:73:70:
31:d8:df:d2:54:5a:b0:ab:19:62:a0:62:df:a0:52:65:0a:98:
f7:95:e9:5e:5d:39:5d:3c:4f:3b:79:8b:71:e7:53:dd:91:ce:
96:3d:be:b0:9e:07:03:48:04:59:13:6d:31:94:09:bd:88:d6:
10:d5:99:b8:dd:b6:54:56:70:0d:9a:02:b9:a1:32:0d:48:ec:
c5:0b:d8:5d:56:f3:b8:61:3c:11:8c:05:e0:83:7b:ab:ec:ee:
b9:d9:54:74:3d:df:14:e1:2a:3f:1b:9b:73:b7:2d:a7:b2:0b:
7f:17:78:9d:37:ba:c6:f5:01:97:60:bc:7c:34:da:c6:cd:94:
45:aa:ff:2a:96:e1:42:cc:d6:69:b3:92:6f:8a:15:e7:09:06:
e9:5c:c6:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYCJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE0MDkwMjA0WhcNMjUwNTIwMDkwMjA0WjAYMRYw
FAYDVQQDEw02ODI0NWMxMC1lZmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAukk5j6uaZDJi5178dLKraVGtViW7HFBjMP/g8EMob6np9mCFxIG5MgFo
PSBe20djoZGv1w7p0s2S/Hil6VMJXbc/PixdShxDUWoBXEr4RNvN0wctnHCHJxBY
KEsIFyw0F1bVlecDjn+eodfl0RzSOW6lM9nO/8NPDbgCYE9K6y76D091a/Tjgs6U
4EpdHLgyecshQrWmYjLAHcl5HoP2AtRn3nAZS74U2GO1dFQQ3Qs1TrktMxku51KB
kNK8VAvxSYc24/6GGTPFrYMSLy5ZWCc5h/CVqUak9AR/fAizbJh3V5n6/ZwFu3nj
mEmZ7QQm/xOLzYk/h4/iJa4ZX5nDmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAiq
GL70dsexaY2BeTsxcwvn/6OCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRDM1M0M4RTMwQTIxMUYwOUVBN0VFRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtWwMA0GCSqGSIb3DQEB
CwUAA4IBAQC/O1VjsgokLFN/5Q9KD4dXxKmlMBhC3u7vMr5QlssTBCiAthN9JajM
WDDkjd+3OKsXX579a8/zxDe2u0uNFsJYfw8Q6cwdyOPxOoJLDzC83d4mJUcM0A+U
EKp07NLGAlekAOy2rgYP9DeLc3Ax2N/SVFqwqxlioGLfoFJlCpj3leleXTldPE87
eYtx51Pdkc6WPb6wngcDSARZE20xlAm9iNYQ1Zm43bZUVnANmgK5oTINSOzFC9hd
VvO4YTwRjAXgg3ur7O652VR0Pd8U4So/G5tzty2nsgt/F3idN7rG9QGXYLx8NNrG
zZRFqv8qluFCzNZps5JvihXnCQbpXMaK
-----END CERTIFICATE-----
Generated at Thu May 15 23:53:43 2025 by rpki-client