Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3214C7942F1E11F08D41FDB2DAE4EC9C.roa
File: 3214C7942F1E11F08D41FDB2DAE4EC9C.roa (raw, json)
Hash identifier: cglMv5ub46Rx7E97qHvWiJBdK00LkenUeQ/iK+tVVXQ=
Subject key identifier: 8F:93:FB:61:74:93:47:C0:C7:4A:7C:C7:93:13:B8:A8:ED:11:54:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FD9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3214C7942F1E11F08D41FDB2DAE4EC9C.roa
Signing time: Mon 12 May 2025 10:45:19 +0000
ROA not before: Mon 12 May 2025 10:45:14 +0000
ROA not after: Mon 09 Jun 2025 10:45:14 +0000
asID: 138678
IP address blocks: 154.196.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98265 (0x17fd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 10:45:14 2025 GMT
Not After : Jun 9 10:45:14 2025 GMT
Subject: CN=6821d13f-a27f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8d:df:b4:ad:72:4e:8d:a7:ef:87:2f:9b:4f:
d2:bb:62:b9:d2:7d:14:42:46:69:66:1e:dc:33:85:
68:6d:d5:03:a2:f9:4d:c9:1d:da:b1:d6:9f:22:cc:
fa:d0:b4:1c:3c:ad:e7:ce:b7:8a:6e:a4:0d:76:6a:
df:23:d3:40:9f:4e:10:92:c8:6d:11:72:4b:0b:f3:
7d:c9:44:d7:5e:63:72:2e:ea:b9:a6:aa:9d:60:3a:
f5:9d:d9:02:9b:2b:01:07:6c:68:c7:07:13:82:1c:
d2:e2:61:c5:d8:60:17:2c:ec:36:d0:69:52:a7:ee:
4a:e6:47:4e:6a:33:41:b7:5f:e0:df:6b:57:9c:12:
73:44:38:f0:64:5b:97:eb:12:32:df:1c:b6:38:c1:
72:47:24:c4:d6:e7:37:f4:0c:12:8d:75:5b:b0:33:
96:0e:84:c6:ab:a8:18:e1:b7:d4:bf:a4:46:8e:28:
7e:a8:46:a4:81:f8:f0:a0:da:0c:e2:6f:5c:6b:bc:
19:a0:04:0d:14:9f:0c:81:42:ce:8c:72:ac:35:47:
73:79:06:81:a3:c9:af:1a:1b:e9:91:e9:e4:3f:4b:
65:44:98:95:8a:55:7b:b6:70:07:51:22:e2:43:7f:
23:a1:32:e7:6f:da:4d:59:82:a7:bf:89:60:a7:14:
35:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:93:FB:61:74:93:47:C0:C7:4A:7C:C7:93:13:B8:A8:ED:11:54:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3214C7942F1E11F08D41FDB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.1.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:71:48:f1:f8:27:4b:7f:bf:d0:1d:7c:49:a3:a5:65:44:30:
15:54:10:92:35:c0:23:27:79:6d:dd:d1:9a:8c:df:d4:15:9e:
2a:7a:1c:55:86:77:f3:a8:f6:12:e1:0d:ba:20:19:fd:fb:d8:
f3:33:0c:52:e8:a8:d1:2c:7c:c8:bf:29:4c:45:b0:3e:5d:09:
e1:d4:bf:bd:d8:01:30:d4:96:6d:58:e3:5d:1e:e6:de:66:fa:
54:1b:3f:bf:0d:1d:6a:f4:c4:ba:fa:42:18:35:a6:57:5b:05:
61:d6:df:5d:4e:97:05:e3:84:03:03:b7:ac:62:92:85:f2:d0:
2f:6f:68:4e:93:84:7d:4b:c5:43:23:bd:77:ae:77:a0:ac:aa:
28:1e:a4:12:0f:15:ad:c8:76:5c:86:94:92:1c:ef:23:1b:19:
79:2d:5f:93:42:5b:fb:65:d6:1b:5d:69:2f:a2:84:da:e3:a1:
b4:fc:c1:4b:c3:b3:a6:27:33:b2:05:d2:5c:2c:a8:f9:a5:19:
c4:4b:66:cb:ed:16:d3:58:13:a5:04:75:8d:a5:fe:47:e1:4b:
f8:37:b8:9f:f1:13:12:9e:77:99:24:d3:0e:ae:5a:69:11:4c:
40:f8:2f:a5:83:b7:c7:6b:10:36:55:84:d3:0e:e7:21:b6:99:
17:6b:1d:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX/ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTA0NTE0WhcNMjUwNjA5MTA0NTE0WjAYMRYw
FAYDVQQDEw02ODIxZDEzZi1hMjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7o3ftK1yTo2n74cvm0/Su2K50n0UQkZpZh7cM4VobdUDovlNyR3asdaf
Isz60LQcPK3nzreKbqQNdmrfI9NAn04QkshtEXJLC/N9yUTXXmNyLuq5pqqdYDr1
ndkCmysBB2xoxwcTghzS4mHF2GAXLOw20GlSp+5K5kdOajNBt1/g32tXnBJzRDjw
ZFuX6xIy3xy2OMFyRyTE1uc39AwSjXVbsDOWDoTGq6gY4bfUv6RGjih+qEakgfjw
oNoM4m9ca7wZoAQNFJ8MgULOjHKsNUdzeQaBo8mvGhvpkenkP0tlRJiVilV7tnAH
USLiQ38joTLnb9pNWYKnv4lgpxQ1VwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI+T
+2F0k0fAx0p8x5MTuKjtEVQWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjE0Qzc5NDJGMUUxMUYwOEQ0MUZEQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQBMA0GCSqGSIb3DQEB
CwUAA4IBAQAKcUjx+CdLf7/QHXxJo6VlRDAVVBCSNcAjJ3lt3dGajN/UFZ4qehxV
hnfzqPYS4Q26IBn9+9jzMwxS6KjRLHzIvylMRbA+XQnh1L+92AEw1JZtWONdHube
ZvpUGz+/DR1q9MS6+kIYNaZXWwVh1t9dTpcF44QDA7esYpKF8tAvb2hOk4R9S8VD
I713rnegrKooHqQSDxWtyHZchpSSHO8jGxl5LV+TQlv7ZdYbXWkvooTa46G0/MFL
w7OmJzOyBdJcLKj5pRnES2bL7RbTWBOlBHWNpf5H4Uv4N7if8RMSnneZJNMOrlpp
EUxA+C+lg7fHaxA2VYTTDuchtpkXax2B
-----END CERTIFICATE-----
Generated at Thu May 15 23:46:59 2025 by rpki-client