Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3435A2982F2B11F0ABF63A89DAE4EC9C.roa
File: 3435A2982F2B11F0ABF63A89DAE4EC9C.roa (raw, json)
Hash identifier: BmiJTFRlxWZi+8pndjKYLe6hxYILWKZ4ROnJK097qMs=
Subject key identifier: 6A:9C:36:10:27:0B:62:CE:D4:40:4B:58:14:83:B9:EC:6C:AE:B9:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018009
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3435A2982F2B11F0ABF63A89DAE4EC9C.roa
Signing time: Mon 12 May 2025 12:18:26 +0000
ROA not before: Mon 12 May 2025 12:18:21 +0000
ROA not after: Thu 22 May 2025 12:18:21 +0000
asID: 141883
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98313 (0x18009)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 12:18:21 2025 GMT
Not After : May 22 12:18:21 2025 GMT
Subject: CN=6821e712-f4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f0:30:ae:42:b0:0f:5b:0a:29:08:3f:a6:69:
5d:f8:a7:1a:e0:a5:08:be:43:6d:b3:3d:05:51:c2:
9e:ae:47:7d:99:f1:56:36:96:a1:b6:8b:32:62:b0:
bd:88:18:1d:5f:d2:fd:13:c2:f4:fe:fb:ca:c3:fe:
80:43:40:87:2b:23:cb:92:1b:18:6e:a7:04:f0:4a:
8e:0c:21:c2:81:9f:f4:23:f5:d1:ed:fa:a4:f0:dc:
be:d9:ed:45:5e:95:a6:6d:da:28:7b:16:9d:f5:ca:
c6:5f:a0:77:9b:b1:ee:8a:04:f1:c0:d4:a4:ea:df:
54:6a:52:fc:33:7d:a7:63:ac:1a:f5:72:6e:f2:17:
bd:02:25:af:ad:97:53:a7:92:18:22:4c:66:6a:14:
82:b9:67:a6:e6:68:a7:64:8c:f5:67:d9:5d:f5:de:
53:29:b2:db:26:c5:60:fb:c2:61:22:60:86:1c:6d:
a9:e1:d5:f9:0a:8c:5a:e0:50:7b:34:61:e2:56:99:
16:e7:0c:07:96:67:86:5c:8b:98:37:79:a2:27:b7:
57:0f:87:5c:b9:7d:38:59:0a:b5:a2:58:f0:5f:a7:
2f:05:0a:22:b2:ff:3e:85:7d:b6:fa:ca:be:ff:ed:
e9:69:bc:59:ba:12:af:c4:b3:49:74:1d:04:42:c4:
26:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9C:36:10:27:0B:62:CE:D4:40:4B:58:14:83:B9:EC:6C:AE:B9:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3435A2982F2B11F0ABF63A89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
3d:05:1d:5c:69:f7:2e:cd:26:e4:85:26:06:d6:e6:cf:e6:48:
de:ed:15:8f:7d:8a:c1:0e:ff:c4:83:3d:15:6c:a6:e4:02:4d:
25:d0:c1:0a:45:0e:a1:bd:e8:97:47:5b:ed:26:78:6e:75:31:
97:20:55:26:f2:32:e2:75:08:27:b7:5c:5e:fa:af:da:20:1f:
cd:cf:7f:31:14:8c:40:b9:2b:08:bd:ea:38:7d:b6:ed:2e:00:
83:cf:bf:e0:69:9e:a7:6b:05:d0:38:a7:fa:1d:d3:a9:56:c6:
4e:74:f0:f9:18:82:0f:f2:9f:fd:07:36:4c:27:e6:13:e1:ce:
3e:0a:a5:9f:41:d2:c7:c6:7b:31:dc:de:fa:ce:e2:3c:65:03:
f7:ee:a3:ee:0a:44:9d:81:db:6a:d1:e5:d6:b4:1a:e4:26:66:
ec:18:50:5a:40:0e:43:10:fa:1c:85:5a:b1:76:2d:87:14:b1:
f8:ec:5c:8a:de:9f:26:c7:ca:24:eb:bd:00:d4:09:e0:af:c4:
8e:cd:77:7c:5a:56:57:40:04:88:36:ac:02:ea:5b:db:9a:b5:
e6:87:cf:66:87:c9:eb:78:6c:ad:e6:96:3e:d5:8c:90:f4:a8:
13:37:d4:14:f7:2e:10:a6:83:da:cf:cd:7b:5c:ba:cd:78:d5:
fa:ea:05:c5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYAJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTIxODIxWhcNMjUwNTIyMTIxODIxWjAYMRYw
FAYDVQQDEw02ODIxZTcxMi1mNGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/AwrkKwD1sKKQg/pmld+Kca4KUIvkNtsz0FUcKerkd9mfFWNpahtosy
YrC9iBgdX9L9E8L0/vvKw/6AQ0CHKyPLkhsYbqcE8EqODCHCgZ/0I/XR7fqk8Ny+
2e1FXpWmbdooexad9crGX6B3m7HuigTxwNSk6t9UalL8M32nY6wa9XJu8he9AiWv
rZdTp5IYIkxmahSCuWem5minZIz1Z9ld9d5TKbLbJsVg+8JhImCGHG2p4dX5Coxa
4FB7NGHiVpkW5wwHlmeGXIuYN3miJ7dXD4dcuX04WQq1oljwX6cvBQoisv8+hX22
+sq+/+3pabxZuhKvxLNJdB0EQsQmKwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGqc
NhAnC2LO1EBLWBSDuexsrrkHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNDM1QTI5ODJGMkIxMUYwQUJGNjNBODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQA9BR1cafcuzSbkhSYG1ubP5kje7RWPfYrBDv/Egz0VbKbk
Ak0l0MEKRQ6hveiXR1vtJnhudTGXIFUm8jLidQgnt1xe+q/aIB/Nz38xFIxAuSsI
veo4fbbtLgCDz7/gaZ6nawXQOKf6HdOpVsZOdPD5GIIP8p/9BzZMJ+YT4c4+CqWf
QdLHxnsx3N76zuI8ZQP37qPuCkSdgdtq0eXWtBrkJmbsGFBaQA5DEPochVqxdi2H
FLH47FyK3p8mx8ok670A1Angr8SOzXd8WlZXQASINqwC6lvbmrXmh89mh8nreGyt
5pY+1YyQ9KgTN9QU9y4QpoPaz817XLrNeNX66gXF
-----END CERTIFICATE-----
Generated at Tue May 13 06:40:51 2025 by rpki-client