Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36D86DC62CC111F0A915C1E5DAE4EC9C.roa
File: 36D86DC62CC111F0A915C1E5DAE4EC9C.roa (raw, json)
Hash identifier: SplKcO4YlqhS2Bb/XHie7RvjVmy1WNnahBVBqOK6NCQ=
Subject key identifier: A7:FA:D7:5D:01:64:F8:80:F3:5F:16:06:D4:24:05:11:4B:A6:58:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FAE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36D86DC62CC111F0A915C1E5DAE4EC9C.roa
Signing time: Fri 09 May 2025 10:34:41 +0000
ROA not before: Fri 09 May 2025 10:34:36 +0000
ROA not after: Sun 25 May 2025 10:34:36 +0000
asID: 7029
IP address blocks: 154.194.16.0/22 maxlen: 24
154.194.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98222 (0x17fae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 10:34:36 2025 GMT
Not After : May 25 10:34:36 2025 GMT
Subject: CN=681dda41-d4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4d:bc:a1:c0:3a:dc:9b:08:9e:93:27:2f:8f:
38:b8:88:74:c5:8b:1a:25:a3:4f:29:08:76:d4:89:
d0:0f:88:cb:46:0b:d1:ec:32:ef:84:86:64:6e:67:
9e:f0:73:b5:76:ff:41:6f:3d:66:02:0a:f4:59:b3:
2c:fa:01:89:b8:f6:65:77:b5:73:0d:e6:06:be:ff:
f5:73:f5:4d:09:49:f2:c2:ad:45:66:bf:67:6c:2a:
fc:99:a7:6e:31:b8:da:6f:b2:cf:df:54:ca:0f:ec:
45:36:ed:1c:80:c6:27:33:3c:78:20:58:04:cf:19:
c8:3c:98:82:ef:35:25:18:d9:d0:31:28:17:73:5c:
89:18:94:df:ab:42:13:00:60:34:9b:44:87:d2:8f:
d2:b6:fd:22:02:7b:53:2d:c2:6c:a9:6f:d0:6a:2d:
93:4c:75:4d:5c:02:f7:7a:16:66:16:fb:1c:13:ea:
0c:32:7a:52:1d:36:7e:eb:a3:bd:a0:81:3b:81:c4:
df:67:13:c7:3b:1a:36:29:c2:57:89:db:92:cc:7a:
a8:75:cd:b0:80:af:0f:dd:bb:c5:f4:82:4b:96:8c:
d6:1b:1d:4d:1e:83:f1:cd:15:ec:76:d6:0e:21:ac:
98:ac:3f:52:88:26:5c:0e:9b:72:52:1a:04:bc:26:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:FA:D7:5D:01:64:F8:80:F3:5F:16:06:D4:24:05:11:4B:A6:58:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36D86DC62CC111F0A915C1E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
154.194.24.0/22
Signature Algorithm: sha256WithRSAEncryption
67:15:07:40:ed:d1:c3:1b:11:f1:bf:4e:6d:5f:3b:1e:15:9b:
84:76:1e:81:47:fd:42:de:42:38:6f:c8:b8:a4:09:e3:18:0e:
af:cc:1f:47:b9:d4:00:c9:ea:40:04:6d:0a:ca:d2:1a:7c:b4:
75:0e:95:71:e3:9e:76:5c:af:94:49:f0:8f:23:7f:35:a8:7a:
61:e0:d6:7e:2b:b3:c2:7e:da:b9:9c:9b:87:14:80:e4:29:9e:
72:69:b4:8b:95:bd:25:9b:d0:8d:a3:63:99:14:56:b7:9d:74:
9d:77:59:a7:4c:db:96:35:f1:ab:93:f9:00:4b:55:79:07:36:
a0:d6:eb:cc:98:fa:1b:a4:15:ec:31:a6:56:eb:c3:29:ec:7f:
a0:56:18:1e:5c:9a:80:50:a2:10:9d:d6:01:c5:8e:19:b0:36:
48:bc:e6:32:4f:a9:a4:05:8d:e8:04:9b:02:1e:fb:e5:6c:3d:
74:df:10:12:ab:a2:ed:ad:4f:e9:78:53:d2:9a:cb:ba:a6:1f:
f0:9f:e4:35:22:94:4f:58:51:30:d5:13:09:0b:fa:38:75:46:
ac:a1:d8:91:d5:08:db:b1:2e:cb:1a:0e:58:77:a6:37:e4:2a:
9d:5b:b8:70:dc:ca:a5:b1:6c:63:f2:63:19:06:ef:65:6c:17:
00:6b:fd:60
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX+uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MTAzNDM2WhcNMjUwNTI1MTAzNDM2WjAYMRYw
FAYDVQQDEw02ODFkZGE0MS1kNGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyk28ocA63JsInpMnL484uIh0xYsaJaNPKQh21InQD4jLRgvR7DLvhIZk
bmee8HO1dv9Bbz1mAgr0WbMs+gGJuPZld7VzDeYGvv/1c/VNCUnywq1FZr9nbCr8
maduMbjab7LP31TKD+xFNu0cgMYnMzx4IFgEzxnIPJiC7zUlGNnQMSgXc1yJGJTf
q0ITAGA0m0SH0o/Stv0iAntTLcJsqW/Qai2TTHVNXAL3ehZmFvscE+oMMnpSHTZ+
66O9oIE7gcTfZxPHOxo2KcJXiduSzHqodc2wgK8P3bvF9IJLlozWGx1NHoPxzRXs
dtYOIayYrD9SiCZcDptyUhoEvCYbCQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKf6
110BZPiA818WBtQkBRFLplhTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkQ4NkRDNjJDQzExMUYwQTkxNUMxRTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIQAwQCmsIYMA0GCSqG
SIb3DQEBCwUAA4IBAQBnFQdA7dHDGxHxv05tXzseFZuEdh6BR/1C3kI4b8i4pAnj
GA6vzB9HudQAyepABG0KytIafLR1DpVx4552XK+USfCPI381qHph4NZ+K7PCftq5
nJuHFIDkKZ5yabSLlb0lm9CNo2OZFFa3nXSdd1mnTNuWNfGrk/kAS1V5Bzag1uvM
mPobpBXsMaZW68Mp7H+gVhgeXJqAUKIQndYBxY4ZsDZIvOYyT6mkBY3oBJsCHvvl
bD103xASq6LtrU/peFPSmsu6ph/wn+Q1IpRPWFEw1RMJC/o4dUasodiR1QjbsS7L
Gg5Yd6Y35CqdW7hw3MqlsWxj8mMZBu9lbBcAa/1g
-----END CERTIFICATE-----
Generated at Thu May 15 23:54:50 2025 by rpki-client