Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B0DE6AC2F4011F0912A6393DAE4EC9C.roa
File: 2B0DE6AC2F4011F0912A6393DAE4EC9C.roa (raw, json)
Hash identifier: /hvfHuOZ6cZdEA6iJ68bpkySayDNUBl7SafviCkBDfk=
Subject key identifier: 19:F1:BD:37:1C:85:7B:E7:87:4F:96:A1:B6:C8:8C:5F:13:24:58:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018029
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B0DE6AC2F4011F0912A6393DAE4EC9C.roa
Signing time: Mon 12 May 2025 14:48:30 +0000
ROA not before: Mon 12 May 2025 14:48:25 +0000
ROA not after: Sun 22 Jun 2025 14:48:25 +0000
asID: 57043
IP address blocks: 154.222.34.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98345 (0x18029)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 14:48:25 2025 GMT
Not After : Jun 22 14:48:25 2025 GMT
Subject: CN=68220a3e-2ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:bb:42:cd:65:1a:87:82:2d:36:fc:5c:27:5e:
67:5a:02:3e:d4:7a:8c:64:a5:b2:66:e2:ea:a9:ae:
3a:8f:68:b2:cc:fd:e0:70:43:c1:6e:59:34:89:c5:
af:2f:e6:ce:8b:f7:93:96:b8:7a:25:4a:ae:3e:24:
f9:e1:15:d0:1a:8c:b6:df:52:25:74:a7:26:f4:74:
0a:aa:c2:90:e6:c2:5a:83:35:1c:7f:07:1f:fd:b2:
52:00:0d:9c:03:16:26:87:2a:1f:5e:86:b8:3a:0e:
4e:a9:0c:74:37:28:52:ba:f0:b8:e8:0b:a6:a0:ae:
64:1d:83:d1:de:1f:77:21:8c:08:77:e6:3a:20:ad:
d7:57:d9:1e:5f:03:96:fe:7e:43:53:e3:1c:ad:a2:
bc:07:23:41:23:ac:05:c2:9e:02:69:fd:9c:8b:6e:
f3:9b:a4:62:e2:4c:b1:b6:df:79:7d:c6:5c:65:eb:
9b:75:92:94:16:44:09:6d:63:95:04:fe:a5:ac:02:
53:0f:d0:09:7f:6d:bd:a0:f2:bb:0a:fb:12:58:6b:
f1:66:93:a2:c7:19:66:9e:d5:36:ba:b2:46:8d:11:
08:fa:9f:46:c2:79:62:c6:a3:33:5c:97:e1:65:00:
38:52:52:51:92:73:c7:f6:96:95:07:0b:6f:27:7d:
d9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F1:BD:37:1C:85:7B:E7:87:4F:96:A1:B6:C8:8C:5F:13:24:58:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B0DE6AC2F4011F0912A6393DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.34.0/23
Signature Algorithm: sha256WithRSAEncryption
65:89:4b:66:fd:67:52:88:ce:a2:b9:01:90:24:66:81:b7:5e:
8b:ea:ff:6a:e3:c3:16:56:34:57:2b:6b:de:c1:36:96:12:9f:
cd:93:c6:88:1a:1f:eb:2a:70:56:00:02:f3:d3:2e:15:80:b5:
61:f2:de:25:cc:57:71:b2:4b:3f:47:c2:56:08:06:f1:b6:32:
65:a8:91:97:68:95:a9:e4:53:09:f4:75:d0:06:99:ef:79:fa:
30:7a:66:7a:9b:cb:17:09:28:1e:af:d9:a1:70:f7:1e:d6:3e:
a2:c2:2b:64:db:42:e1:1f:f8:5f:d5:2f:fd:64:38:48:a7:d1:
b2:cd:b2:37:6f:82:87:7d:17:08:4f:57:6e:b8:34:33:02:94:
fa:3e:db:14:88:3f:f1:c7:e6:03:5e:6b:dc:70:f6:0f:5d:bf:
7c:6d:b8:dd:c0:ca:93:c2:d8:dc:ff:45:ac:df:45:9f:4e:81:
3e:e9:93:c5:70:1c:c1:7e:43:df:9a:93:d6:fc:dd:1a:25:a3:
66:7a:ad:b8:97:ea:2d:18:bf:be:4b:f1:85:06:1c:09:b5:dc:
ac:20:7a:c8:b3:6c:71:83:b5:24:ae:fe:e0:cc:0f:15:60:09:
81:d5:23:c9:61:76:33:d5:97:8c:4d:ec:dd:58:15:79:3a:3d:
3c:b2:93:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYApMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTQ0ODI1WhcNMjUwNjIyMTQ0ODI1WjAYMRYw
FAYDVQQDEw02ODIyMGEzZS0yZWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4rtCzWUah4ItNvxcJ15nWgI+1HqMZKWyZuLqqa46j2iyzP3gcEPBblk0
icWvL+bOi/eTlrh6JUquPiT54RXQGoy231IldKcm9HQKqsKQ5sJagzUcfwcf/bJS
AA2cAxYmhyofXoa4Og5OqQx0NyhSuvC46AumoK5kHYPR3h93IYwId+Y6IK3XV9ke
XwOW/n5DU+McraK8ByNBI6wFwp4Caf2ci27zm6Ri4kyxtt95fcZcZeubdZKUFkQJ
bWOVBP6lrAJTD9AJf229oPK7CvsSWGvxZpOixxlmntU2urJGjREI+p9GwnlixqMz
XJfhZQA4UlJRknPH9paVBwtvJ33ZiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBnx
vTcchXvnh0+WobbIjF8TJFhdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjBERTZBQzJGNDAxMUYwOTEyQTYzOTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt4iMA0GCSqGSIb3DQEB
CwUAA4IBAQBliUtm/WdSiM6iuQGQJGaBt16L6v9q48MWVjRXK2vewTaWEp/Nk8aI
Gh/rKnBWAALz0y4VgLVh8t4lzFdxsks/R8JWCAbxtjJlqJGXaJWp5FMJ9HXQBpnv
efowemZ6m8sXCSger9mhcPce1j6iwitk20LhH/hf1S/9ZDhIp9GyzbI3b4KHfRcI
T1duuDQzApT6PtsUiD/xx+YDXmvccPYPXb98bbjdwMqTwtjc/0Ws30WfToE+6ZPF
cBzBfkPfmpPW/N0aJaNmeq24l+otGL++S/GFBhwJtdysIHrIs2xxg7Ukrv7gzA8V
YAmB1SPJYXYz1ZeMTezdWBV5Oj08spPS
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:11 2025 by rpki-client