Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/203A613E30B611F0BDA091DDDAE4EC9C.roa
File: 203A613E30B611F0BDA091DDDAE4EC9C.roa (raw, json)
Hash identifier: Wj9i5p896glKdX4dKDA6ReheWIYpz9aHM9XIluyvefQ=
Subject key identifier: F3:34:29:FF:12:EC:3D:9E:5E:BE:50:6B:CA:64:0E:9F:72:18:6F:0B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0180A1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/203A613E30B611F0BDA091DDDAE4EC9C.roa
Signing time: Wed 14 May 2025 11:25:23 +0000
ROA not before: Wed 14 May 2025 11:25:19 +0000
ROA not after: Wed 28 May 2025 11:25:19 +0000
asID: 133180
IP address blocks: 154.194.128.0/18 maxlen: 24
154.209.160.0/19 maxlen: 24
154.214.64.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98465 (0x180a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 14 11:25:19 2025 GMT
Not After : May 28 11:25:19 2025 GMT
Subject: CN=68247da3-a5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:27:1a:7f:48:35:e7:57:c1:4c:c9:84:87:f0:
cc:0f:94:49:0b:49:ef:25:ca:e4:23:83:af:fc:1d:
9f:74:8f:8e:ca:45:25:21:03:8f:50:fd:31:c5:5b:
26:e4:7f:38:0b:99:f4:c4:ec:98:f9:5b:54:b0:c2:
cd:93:65:0a:f4:b9:56:fa:f5:f0:3f:a8:b0:35:9a:
00:09:5b:fa:73:ec:a4:73:e1:42:bf:fa:d1:83:fc:
57:dd:0c:8b:d3:b6:97:ad:f3:71:ca:c1:f6:c7:93:
ce:6b:0f:9c:5a:ff:b5:05:3d:5d:b5:d7:e7:85:bc:
6a:67:ae:c0:3d:ad:35:19:dc:df:18:ce:3f:fa:3b:
f9:fe:8f:cd:eb:8e:2e:1b:13:ed:c9:14:ac:3d:6b:
0a:02:f0:48:cc:43:97:03:b2:47:bd:5c:c8:af:b5:
58:b6:4e:b9:4c:a8:e9:b2:f0:df:d4:66:ba:0f:21:
fe:20:a4:94:35:3d:ac:a3:4e:86:83:2b:fe:13:09:
f0:dc:da:47:af:40:92:80:9e:bf:76:b7:17:da:88:
10:ef:bf:79:3b:f9:93:aa:97:63:cd:32:24:57:c5:
2b:7e:79:e6:78:7a:bf:12:bc:61:61:73:ce:bb:42:
ea:b6:9b:cd:aa:33:52:62:64:74:e0:fb:5d:bd:49:
ab:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:34:29:FF:12:EC:3D:9E:5E:BE:50:6B:CA:64:0E:9F:72:18:6F:0B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/203A613E30B611F0BDA091DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
154.209.160.0/19
154.214.64.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
85:a6:44:e2:c6:18:1b:0d:f1:04:03:c4:1e:fc:d8:af:ec:50:
10:44:1e:61:c9:54:4e:43:c5:25:2e:c7:b5:8e:b1:9a:60:51:
d6:91:b7:72:2f:f3:3d:2a:b1:eb:c1:a1:6e:1b:e5:d5:1f:a8:
f4:67:a2:82:8d:d3:8c:86:64:d0:87:85:fe:14:28:b6:67:d0:
fb:62:03:3b:1f:ea:87:1c:63:89:bc:a0:60:f9:aa:86:19:94:
e4:4f:95:79:5a:20:8f:d2:0e:6b:d3:48:18:c7:78:88:0c:45:
38:0a:bd:bc:28:4f:04:75:14:ed:e7:14:f0:b1:f8:fa:e8:9a:
8b:de:c9:ce:f4:86:90:7c:d2:47:3f:55:5f:05:6f:68:73:90:
c9:f0:15:8b:e7:e0:d9:81:47:d4:8d:db:39:19:90:14:9c:4a:
ae:ff:88:5f:41:b0:08:d5:f5:c3:43:96:75:1b:b1:94:8c:28:
0b:b9:0c:84:13:c9:51:11:e0:27:b1:4f:25:3e:fd:60:96:37:
b9:28:ab:69:07:c1:b3:3d:f3:96:74:a7:94:e8:80:18:66:b0:
3d:4e:03:d1:43:43:26:87:8c:d2:0a:5a:68:b7:f7:d3:99:f8:
c6:f5:2f:7a:67:c5:36:43:3b:33:59:5e:36:f2:7d:bf:8c:a4:
93:9e:d8:7b
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAYChMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE0MTEyNTE5WhcNMjUwNTI4MTEyNTE5WjAYMRYw
FAYDVQQDEw02ODI0N2RhMy1hNWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvycaf0g151fBTMmEh/DMD5RJC0nvJcrkI4Ov/B2fdI+OykUlIQOPUP0x
xVsm5H84C5n0xOyY+VtUsMLNk2UK9LlW+vXwP6iwNZoACVv6c+ykc+FCv/rRg/xX
3QyL07aXrfNxysH2x5POaw+cWv+1BT1dtdfnhbxqZ67APa01GdzfGM4/+jv5/o/N
644uGxPtyRSsPWsKAvBIzEOXA7JHvVzIr7VYtk65TKjpsvDf1Ga6DyH+IKSUNT2s
o06Ggyv+Ewnw3NpHr0CSgJ6/drcX2ogQ7795O/mTqpdjzTIkV8UrfnnmeHq/Erxh
YXPOu0LqtpvNqjNSYmR04PtdvUmrOwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFPM0
Kf8S7D2eXr5Qa8pkDp9yGG8LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDNBNjEzRTMwQjYxMUYwQkRBMDkxREREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGmsKAAwQFmtGgAwQGmtZA
AwQGmtdAMA0GCSqGSIb3DQEBCwUAA4IBAQCFpkTixhgbDfEEA8Qe/Niv7FAQRB5h
yVROQ8UlLse1jrGaYFHWkbdyL/M9KrHrwaFuG+XVH6j0Z6KCjdOMhmTQh4X+FCi2
Z9D7YgM7H+qHHGOJvKBg+aqGGZTkT5V5WiCP0g5r00gYx3iIDEU4Cr28KE8EdRTt
5xTwsfj66JqL3snO9IaQfNJHP1VfBW9oc5DJ8BWL5+DZgUfUjds5GZAUnEqu/4hf
QbAI1fXDQ5Z1G7GUjCgLuQyEE8lREeAnsU8lPv1glje5KKtpB8GzPfOWdKeU6IAY
ZrA9TgPRQ0Mmh4zSClpot/fTmfjG9S96Z8U2QzszWV428n2/jKSTnth7
-----END CERTIFICATE-----
Generated at Thu May 15 23:52:32 2025 by rpki-client