Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/218BB6D22F3011F08F13B9A8DAE4EC9C.roa
File: 218BB6D22F3011F08F13B9A8DAE4EC9C.roa (raw, json)
Hash identifier: pz13Fy3tx+g5JhNPbOSf7YBHUcTgNVULuuJp0Os28lo=
Subject key identifier: 04:4C:C8:4E:E5:25:79:FB:C2:8F:49:C3:E3:59:FE:7D:0A:12:52:AF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018013
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/218BB6D22F3011F08F13B9A8DAE4EC9C.roa
Signing time: Mon 12 May 2025 12:53:42 +0000
ROA not before: Mon 12 May 2025 12:53:37 +0000
ROA not after: Wed 21 May 2025 12:53:37 +0000
asID: 151804
IP address blocks: 154.197.141.0/24 maxlen: 24
154.197.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98323 (0x18013)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 12:53:37 2025 GMT
Not After : May 21 12:53:37 2025 GMT
Subject: CN=6821ef56-d48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:1b:38:3d:b7:d4:bd:a7:62:d2:9b:0f:57:
8e:dc:a1:3e:04:88:32:49:f6:75:e1:e0:25:74:94:
74:e0:3c:8c:ca:6a:63:e6:d0:dd:78:37:8d:39:bc:
37:70:5f:a5:2d:88:a2:66:0e:97:f7:41:a5:82:4d:
40:9f:02:d4:70:d6:a4:7c:3e:d7:68:b1:39:a7:d6:
ed:0d:76:b4:65:03:57:e8:a8:07:82:de:c4:e1:78:
c3:4b:40:95:f0:40:e4:63:e5:ce:a7:52:b3:b0:3c:
b0:c5:61:95:3f:c3:85:43:44:b8:70:b1:0b:00:fd:
f0:1d:6e:78:ea:0a:9a:a6:7d:16:d2:fa:cd:fa:52:
e9:05:aa:e5:d0:4e:f0:d3:59:67:21:e3:03:7d:35:
77:c8:69:35:5b:ee:b8:53:d1:73:07:d6:4b:b2:14:
89:32:ed:c1:c2:ec:77:45:fb:f2:fb:3a:31:47:13:
71:91:79:44:c5:1c:68:31:23:9b:cc:54:36:a8:10:
db:90:a5:3c:b7:05:df:3a:f6:16:33:46:c8:7e:43:
0d:8b:d1:52:8b:62:da:a3:83:b9:b5:e9:92:2f:0d:
e9:af:14:3c:54:72:ba:49:1d:39:f3:0f:b0:5d:a9:
26:1a:41:e1:dc:c7:df:7d:f7:3f:c6:d3:22:f1:80:
4e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4C:C8:4E:E5:25:79:FB:C2:8F:49:C3:E3:59:FE:7D:0A:12:52:AF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/218BB6D22F3011F08F13B9A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.141.0/24
154.197.154.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:7b:29:b3:f3:9b:0d:87:41:cf:8f:a9:a0:08:bd:57:35:ba:
ea:26:5a:83:97:66:fd:6a:6c:00:d1:28:71:00:83:72:df:f5:
e7:71:95:59:b6:a3:c1:d5:33:dd:06:d2:90:85:20:31:0a:ed:
58:e7:a3:ce:75:37:2b:fb:7a:f6:27:4d:d5:8a:a8:f7:74:11:
f4:92:00:a3:f6:74:fa:10:0c:33:ce:68:d2:f5:6c:13:f3:2c:
fb:36:6c:cf:7d:e8:f5:c7:18:c4:bd:97:fd:0a:d5:85:79:3f:
1f:06:6c:ff:0a:2f:29:44:61:38:a1:0b:b7:18:6f:59:d8:f7:
f2:5a:81:cd:ef:47:1d:a7:86:a2:ae:59:69:85:cb:f6:31:a2:
be:ab:c6:05:dc:3b:93:41:e4:b1:ab:71:6a:9b:66:6c:c2:44:
28:75:10:7d:6b:75:32:ea:41:a0:58:3d:e7:a0:b9:44:3d:df:
0e:fb:0e:15:25:e9:c8:e4:42:44:2d:18:41:a6:f1:df:e4:57:
01:65:de:50:63:66:58:65:ee:f1:e3:47:81:28:c5:5b:38:08:
23:73:57:78:5e:dc:e9:39:1e:2f:4e:b2:b5:e9:82:39:33:9a:
2e:fd:86:dd:1c:be:56:2f:18:84:c7:a0:4c:33:cc:76:c3:fd:
7a:c1:1b:21
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYATMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTI1MzM3WhcNMjUwNTIxMTI1MzM3WjAYMRYw
FAYDVQQDEw02ODIxZWY1Ni1kNDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw/gbOD231L2nYtKbD1eO3KE+BIgySfZ14eAldJR04DyMympj5tDdeDeN
Obw3cF+lLYiiZg6X90Glgk1AnwLUcNakfD7XaLE5p9btDXa0ZQNX6KgHgt7E4XjD
S0CV8EDkY+XOp1KzsDywxWGVP8OFQ0S4cLELAP3wHW546gqapn0W0vrN+lLpBarl
0E7w01lnIeMDfTV3yGk1W+64U9FzB9ZLshSJMu3Bwux3Rfvy+zoxRxNxkXlExRxo
MSObzFQ2qBDbkKU8twXfOvYWM0bIfkMNi9FSi2Lao4O5temSLw3prxQ8VHK6SR05
8w+wXakmGkHh3Mffffc/xtMi8YBOKwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFARM
yE7lJXn7wo9Jw+NZ/n0KElKvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMThCQjZEMjJGMzAxMUYwOEYxM0I5QThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsWNAwQAmsWaMA0GCSqG
SIb3DQEBCwUAA4IBAQC3eymz85sNh0HPj6mgCL1XNbrqJlqDl2b9amwA0ShxAINy
3/XncZVZtqPB1TPdBtKQhSAxCu1Y56POdTcr+3r2J03Viqj3dBH0kgCj9nT6EAwz
zmjS9WwT8yz7NmzPfej1xxjEvZf9CtWFeT8fBmz/Ci8pRGE4oQu3GG9Z2PfyWoHN
70cdp4airllphcv2MaK+q8YF3DuTQeSxq3Fqm2ZswkQodRB9a3Uy6kGgWD3noLlE
Pd8O+w4VJenI5EJELRhBpvHf5FcBZd5QY2ZYZe7x40eBKMVbOAgjc1d4XtzpOR4v
TrK16YI5M5ou/YbdHL5WLxiEx6BMM8x2w/16wRsh
-----END CERTIFICATE-----
Generated at Thu May 15 23:41:31 2025 by rpki-client