Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/307AF4B22B2711F08AB18FB0DAE4EC9C.roa
File: 307AF4B22B2711F08AB18FB0DAE4EC9C.roa (raw, json)
Hash identifier: dapbFVAbXOz1TcMXjxojjoflhncyiBR7fTCifePVh84=
Subject key identifier: B3:47:D6:8E:87:63:3B:A1:74:22:22:5E:6F:B5:DA:65:9F:42:A3:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017F4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/307AF4B22B2711F08AB18FB0DAE4EC9C.roa
Signing time: Wed 07 May 2025 09:39:37 +0000
ROA not before: Wed 07 May 2025 09:39:32 +0000
ROA not after: Sat 14 Jun 2025 09:39:32 +0000
asID: 20473
IP address blocks: 154.197.54.0/24 maxlen: 24
154.197.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98125 (0x17f4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 09:39:32 2025 GMT
Not After : Jun 14 09:39:32 2025 GMT
Subject: CN=681b2a59-821a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:92:0e:1f:eb:7d:86:d4:2e:cf:09:91:3d:
be:1a:af:29:f4:d3:3c:d6:4f:7e:e5:7d:30:83:1a:
48:ad:1b:81:b2:41:15:47:e1:f3:49:8d:79:07:09:
1a:ec:d1:1b:3b:9e:71:08:4c:7a:20:1b:d1:cd:2c:
33:b5:9e:ad:10:e4:24:5c:18:93:b1:8e:a9:46:e7:
5d:5e:b4:d1:28:af:8f:7b:08:1c:ab:d0:a2:e5:e6:
12:07:84:66:f2:3f:99:01:7c:fc:d5:56:65:ea:74:
6b:f6:23:24:c8:19:9a:4e:2c:1a:50:e7:19:1a:4c:
d6:5b:4c:98:62:3c:3d:f6:cc:91:7f:e4:a7:94:5b:
30:46:e4:68:c1:28:f9:80:82:1f:de:08:40:2c:a6:
3e:15:e1:fe:3e:d3:52:6b:35:d0:61:22:78:0f:cd:
10:60:b2:34:45:e4:c1:4c:2e:57:d4:7b:15:e6:43:
0d:29:d2:3a:51:bf:16:30:e2:52:a0:08:86:d7:ad:
a2:97:72:ac:c0:04:f0:aa:39:95:93:e5:e3:c3:f6:
7b:13:88:24:cc:7e:7a:87:44:f6:57:9a:3e:67:06:
31:d1:ba:a5:6e:0e:7b:a0:84:0b:40:12:95:05:7f:
de:73:72:75:2a:22:91:66:1b:e9:26:3a:45:67:b3:
f3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:47:D6:8E:87:63:3B:A1:74:22:22:5E:6F:B5:DA:65:9F:42:A3:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/307AF4B22B2711F08AB18FB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.54.0/24
154.197.88.0/23
Signature Algorithm: sha256WithRSAEncryption
54:da:47:47:c5:c3:04:93:6d:f2:85:61:d4:df:59:19:fa:06:
b9:25:2e:71:f1:93:4f:7f:78:d4:e5:1b:5b:06:81:6d:0c:2b:
67:a8:5e:95:56:d7:7e:3c:79:91:c7:4a:37:83:61:2c:26:97:
d6:2d:c5:27:4c:d6:5e:c7:85:15:86:27:60:b8:fd:f1:37:a8:
66:99:d6:4b:5d:43:27:4a:ae:3f:27:91:55:f2:d3:bb:6f:50:
dc:e2:6d:33:15:80:fb:ad:da:31:80:e2:df:57:68:ab:e3:38:
6e:33:bc:9d:78:de:f5:7b:1b:e9:86:cc:c2:ac:2e:a2:4d:6a:
3b:f0:ce:8b:d6:af:83:85:9e:24:ee:eb:85:ea:a5:31:70:3e:
6f:36:c9:8a:16:1d:30:35:1e:a8:d0:24:52:72:12:56:ff:77:
59:4e:c1:fd:25:76:90:dd:0f:01:e8:65:e9:67:dd:35:2e:47:
f2:db:ec:34:f8:7e:ea:54:27:26:10:f9:10:bf:0b:cc:76:46:
d1:3e:73:84:ed:e6:26:a9:16:8a:5a:12:15:49:c7:81:2c:8c:
0d:7b:12:cc:da:64:d9:d6:12:7e:03:d5:25:9a:2c:f1:29:5f:
bd:c8:86:44:07:13:ff:35:23:05:22:d4:bb:5a:20:d7:73:7e:
64:aa:41:55
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX9NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA3MDkzOTMyWhcNMjUwNjE0MDkzOTMyWjAYMRYw
FAYDVQQDEw02ODFiMmE1OS04MjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxUOSDh/rfYbULs8JkT2+Gq8p9NM81k9+5X0wgxpIrRuBskEVR+HzSY15
Bwka7NEbO55xCEx6IBvRzSwztZ6tEOQkXBiTsY6pRuddXrTRKK+Pewgcq9Ci5eYS
B4Rm8j+ZAXz81VZl6nRr9iMkyBmaTiwaUOcZGkzWW0yYYjw99syRf+SnlFswRuRo
wSj5gIIf3ghALKY+FeH+PtNSazXQYSJ4D80QYLI0ReTBTC5X1HsV5kMNKdI6Ub8W
MOJSoAiG162il3KswATwqjmVk+Xjw/Z7E4gkzH56h0T2V5o+ZwYx0bqlbg57oIQL
QBKVBX/ec3J1KiKRZhvpJjpFZ7PzVwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLNH
1o6HYzuhdCIiXm+12mWfQqNcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDdBRjRCMjJCMjcxMUYwOEFCMThGQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsU2AwQBmsVYMA0GCSqG
SIb3DQEBCwUAA4IBAQBU2kdHxcMEk23yhWHU31kZ+ga5JS5x8ZNPf3jU5RtbBoFt
DCtnqF6VVtd+PHmRx0o3g2EsJpfWLcUnTNZex4UVhidguP3xN6hmmdZLXUMnSq4/
J5FV8tO7b1Dc4m0zFYD7rdoxgOLfV2ir4zhuM7ydeN71exvphszCrC6iTWo78M6L
1q+DhZ4k7uuF6qUxcD5vNsmKFh0wNR6o0CRSchJW/3dZTsH9JXaQ3Q8B6GXpZ901
Lkfy2+w0+H7qVCcmEPkQvwvMdkbRPnOE7eYmqRaKWhIVSceBLIwNexLM2mTZ1hJ+
A9UlmizxKV+9yIZEBxP/NSMFItS7WiDXc35kqkFV
-----END CERTIFICATE-----
Generated at Thu May 15 23:46:57 2025 by rpki-client