Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E75CEDA2BEA11F092C770C9DAE4EC9C.roa
File: 2E75CEDA2BEA11F092C770C9DAE4EC9C.roa (raw, json)
Hash identifier: 9y3wvl/IaMwdYUHlxnILMCH9m/zbwkbuqkUaGZJj1fM=
Subject key identifier: A9:BC:FA:F0:FC:5A:A5:2F:28:8F:AE:71:81:6B:6E:0F:B7:D1:0D:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017F7E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E75CEDA2BEA11F092C770C9DAE4EC9C.roa
Signing time: Thu 08 May 2025 08:55:25 +0000
ROA not before: Thu 08 May 2025 08:55:20 +0000
ROA not after: Sun 18 May 2025 08:55:20 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 07:24:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98174 (0x17f7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 08:55:20 2025 GMT
Not After : May 18 08:55:20 2025 GMT
Subject: CN=681c717d-7091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:62:03:a7:2d:8f:31:ca:d5:e5:f0:e0:52:76:
e0:70:b0:9a:9b:3f:4f:20:0f:b0:5e:03:f6:8e:8d:
83:1f:f6:6a:e2:23:97:87:ab:dd:90:e5:ad:f0:76:
4d:2a:1b:5f:06:37:3d:a6:03:ab:d5:94:9d:31:d3:
e5:e6:3c:9f:56:33:f1:76:3b:d1:92:bf:f1:3a:df:
be:90:ac:f8:22:b8:f8:5f:9e:e0:91:6e:69:9b:31:
f5:93:06:59:48:08:21:ac:b3:b7:62:b6:b4:ee:95:
02:f1:2b:d9:d4:9e:d0:8f:43:50:3f:a3:a0:27:e0:
92:d5:6c:24:f2:e9:c1:19:6d:0e:12:bc:2d:2a:ef:
a0:11:ce:5a:bb:08:16:68:df:bb:1e:d4:ca:47:f6:
45:8d:cb:5e:2c:bd:b1:4f:42:f3:34:a0:e7:38:18:
5b:21:e6:8d:f0:30:2d:07:41:0e:a1:78:cd:b2:7e:
b0:32:44:ff:62:ae:ee:06:9a:93:cf:f7:87:d5:68:
09:07:e5:67:c6:75:d4:f0:fd:d5:e0:f7:13:d7:4c:
0c:86:c9:8f:7c:d5:dc:1a:b8:c8:c2:46:d0:53:c7:
c0:d1:48:ad:38:01:42:f7:28:ed:33:c0:83:64:88:
2a:a3:0c:d1:48:33:18:90:46:fc:94:4b:7b:75:65:
8a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BC:FA:F0:FC:5A:A5:2F:28:8F:AE:71:81:6B:6E:0F:B7:D1:0D:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E75CEDA2BEA11F092C770C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:c1:e7:2f:f5:d7:d0:8b:88:87:69:d4:2f:59:84:d6:20:7a:
5e:36:b5:83:0b:c0:d3:7b:11:fa:67:29:e4:74:3e:43:d5:37:
51:8c:0a:5c:6a:67:f5:9e:39:30:1f:f8:4c:6b:f6:b9:be:97:
13:64:8e:e1:d2:03:31:7f:85:e4:93:bd:d5:6c:40:1e:3d:28:
a4:29:1b:b2:00:83:d1:71:0b:94:a9:76:af:3e:21:aa:e1:c0:
d8:5f:69:42:79:ee:12:9a:31:58:7d:0c:d8:d2:0c:71:82:5a:
f6:af:ca:c3:e8:77:1e:24:45:0b:1c:94:dd:26:de:a4:a8:2e:
f4:ca:d7:19:da:a7:0a:42:d3:a2:a6:bc:77:a0:a1:34:02:67:
63:01:e4:06:96:86:9c:13:98:92:9d:b5:f9:72:e2:db:53:3c:
c4:bf:cf:05:ff:d0:b7:08:ea:6d:81:70:46:40:2b:05:c5:94:
e4:15:b3:29:f0:88:6c:1e:14:99:b4:9e:12:31:8f:c0:c1:0b:
da:03:e7:a2:67:fb:3b:e0:2c:93:30:3b:08:f0:b5:02:d9:94:
cc:fd:96:9b:af:69:28:4c:c6:70:3c:6d:1a:b2:36:36:69:51:
7e:62:34:f9:bc:92:d6:43:35:59:6c:a6:44:ab:62:e0:06:07:
71:9e:e6:21
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAX9+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA4MDg1NTIwWhcNMjUwNTE4MDg1NTIwWjAYMRYw
FAYDVQQDEw02ODFjNzE3ZC03MDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2mIDpy2PMcrV5fDgUnbgcLCamz9PIA+wXgP2jo2DH/Zq4iOXh6vdkOWt
8HZNKhtfBjc9pgOr1ZSdMdPl5jyfVjPxdjvRkr/xOt++kKz4Irj4X57gkW5pmzH1
kwZZSAghrLO3Yra07pUC8SvZ1J7Qj0NQP6OgJ+CS1Wwk8unBGW0OErwtKu+gEc5a
uwgWaN+7HtTKR/ZFjcteLL2xT0LzNKDnOBhbIeaN8DAtB0EOoXjNsn6wMkT/Yq7u
BpqTz/eH1WgJB+VnxnXU8P3V4PcT10wMhsmPfNXcGrjIwkbQU8fA0UitOAFC9yjt
M8CDZIgqowzRSDMYkEb8lEt7dWWKmQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFKm8
+vD8WqUvKI+ucYFrbg+30Q2+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRTc1Q0VEQTJCRUExMUYwOTJDNzcwQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQDOwecv9dfQi4iHadQvWYTWIHpeNrWDC8DTexH6
ZynkdD5D1TdRjApcamf1njkwH/hMa/a5vpcTZI7h0gMxf4Xkk73VbEAePSikKRuy
AIPRcQuUqXavPiGq4cDYX2lCee4SmjFYfQzY0gxxglr2r8rD6HceJEULHJTdJt6k
qC70ytcZ2qcKQtOiprx3oKE0AmdjAeQGloacE5iSnbX5cuLbUzzEv88F/9C3COpt
gXBGQCsFxZTkFbMp8IhsHhSZtJ4SMY/AwQvaA+eiZ/s74CyTMDsI8LUC2ZTM/Zab
r2koTMZwPG0asjY2aVF+YjT5vJLWQzVZbKZEq2LgBgdxnuYh
-----END CERTIFICATE-----
Generated at Tue May 13 13:25:54 2025 by rpki-client