Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38F5C13C2F4911F0B752E3CDDAE4EC9C.roa
File: 38F5C13C2F4911F0B752E3CDDAE4EC9C.roa (raw, json)
Hash identifier: ToFobNCcfMI9mPmhPkg5s7IkmxrmnXMMPdEewq2A6+Q=
Subject key identifier: 37:65:2B:75:73:E5:6A:15:10:64:BC:53:33:84:2C:80:8A:8C:63:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01803B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38F5C13C2F4911F0B752E3CDDAE4EC9C.roa
Signing time: Mon 12 May 2025 15:53:19 +0000
ROA not before: Mon 12 May 2025 15:53:14 +0000
ROA not after: Sat 05 Jul 2025 15:53:14 +0000
asID: 398823
IP address blocks: 154.209.80.0/21 maxlen: 24
154.213.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98363 (0x1803b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 15:53:14 2025 GMT
Not After : Jul 5 15:53:14 2025 GMT
Subject: CN=6822196f-a3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:2f:c5:67:0c:8c:92:f0:ff:98:80:e2:a7:
05:3a:da:1f:7d:61:3a:37:d8:8b:58:b0:aa:ef:7e:
6e:27:cb:de:f9:c7:25:1a:e3:dd:8d:43:30:9e:ac:
8e:fe:dd:e8:74:2d:59:0c:2d:5e:e3:05:f6:d4:1f:
c2:16:0c:78:6b:37:76:5d:fa:46:bd:e2:ce:be:09:
fd:55:4c:f8:97:44:94:17:95:92:0c:bd:66:88:78:
47:56:29:76:eb:0f:ab:cc:a4:76:64:0c:1b:fc:c3:
02:06:a5:34:48:1b:b6:22:0b:d7:f6:ed:82:73:cb:
49:e2:7f:d7:b5:87:80:82:90:21:42:e8:55:7e:d1:
a2:84:bf:5a:20:8d:bb:f0:52:ff:35:f5:1a:1b:1b:
48:47:b8:3c:6f:e1:81:02:70:ec:79:2a:b3:48:bb:
bd:e1:39:72:fb:ad:e7:f5:7a:40:d1:f8:33:43:f7:
7f:50:49:05:60:59:88:c6:3b:69:82:fa:76:68:0e:
99:31:eb:19:44:d7:5a:11:a8:b1:20:ab:05:12:c2:
84:85:a0:77:45:6c:00:24:5c:1d:6b:66:5b:33:32:
43:42:4e:90:88:f0:16:c0:7c:18:c5:e4:31:3d:70:
ad:75:53:36:93:46:8e:02:e6:88:4b:09:36:e2:92:
42:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:65:2B:75:73:E5:6A:15:10:64:BC:53:33:84:2C:80:8A:8C:63:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38F5C13C2F4911F0B752E3CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.80.0/21
154.213.168.0/21
Signature Algorithm: sha256WithRSAEncryption
75:6d:f6:c2:ba:56:24:52:e6:ff:f9:c0:b9:e0:16:0a:05:e9:
db:91:26:91:70:5a:80:7a:96:37:11:f3:64:fd:5b:2b:a2:79:
6b:4e:f6:87:b3:3d:1a:86:8d:7e:72:11:36:e1:75:e5:87:1b:
05:29:7c:56:39:3c:41:95:4b:66:00:2d:ef:6d:4d:2d:5b:5d:
be:53:68:ac:07:ca:f8:e2:cc:8d:81:a8:47:2b:14:cc:42:51:
42:4a:cf:96:a1:a7:b0:b2:15:10:0a:4a:dd:df:c4:c3:73:eb:
18:33:38:ae:1f:07:e7:e4:41:d4:44:92:9f:51:10:15:d7:1f:
74:63:98:89:d8:38:8e:6d:7c:d7:61:a9:c0:80:77:ad:6b:6b:
6c:65:00:cc:57:d0:b0:7e:f8:f9:c1:d0:6c:da:32:74:68:9a:
3e:44:fa:40:96:fd:75:f6:04:55:27:5e:f9:a2:aa:32:ed:bc:
67:52:07:17:f7:1b:80:fa:30:79:8d:5c:e8:64:c8:95:f4:8e:
6c:bb:86:30:87:47:85:b0:ee:66:34:e0:4e:63:03:af:c5:52:
cf:d6:b9:3b:ab:59:d3:15:10:e7:eb:80:5f:eb:8c:8c:6c:19:
37:c5:f8:13:b3:47:3d:12:98:68:44:ce:ad:f5:68:0a:da:b5:
f9:78:b4:03
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYA7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTU1MzE0WhcNMjUwNzA1MTU1MzE0WjAYMRYw
FAYDVQQDEw02ODIyMTk2Zi1hM2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsVEvxWcMjJLw/5iA4qcFOtoffWE6N9iLWLCq735uJ8ve+cclGuPdjUMw
nqyO/t3odC1ZDC1e4wX21B/CFgx4azd2XfpGveLOvgn9VUz4l0SUF5WSDL1miHhH
Vil26w+rzKR2ZAwb/MMCBqU0SBu2IgvX9u2Cc8tJ4n/XtYeAgpAhQuhVftGihL9a
II278FL/NfUaGxtIR7g8b+GBAnDseSqzSLu94Tly+63n9XpA0fgzQ/d/UEkFYFmI
xjtpgvp2aA6ZMesZRNdaEaixIKsFEsKEhaB3RWwAJFwda2ZbMzJDQk6QiPAWwHwY
xeQxPXCtdVM2k0aOAuaISwk24pJCvwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDdl
K3Vz5WoVEGS8UzOELICKjGNcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOEY1QzEzQzJGNDkxMUYwQjc1MkUzQ0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmtFQAwQDmtWoMA0GCSqG
SIb3DQEBCwUAA4IBAQB1bfbCulYkUub/+cC54BYKBenbkSaRcFqAepY3EfNk/Vsr
onlrTvaHsz0aho1+chE24XXlhxsFKXxWOTxBlUtmAC3vbU0tW12+U2isB8r44syN
gahHKxTMQlFCSs+WoaewshUQCkrd38TDc+sYMziuHwfn5EHURJKfURAV1x90Y5iJ
2DiObXzXYanAgHeta2tsZQDMV9Cwfvj5wdBs2jJ0aJo+RPpAlv119gRVJ175oqoy
7bxnUgcX9xuA+jB5jVzoZMiV9I5su4Ywh0eFsO5mNOBOYwOvxVLP1rk7q1nTFRDn
64Bf64yMbBk3xfgTs0c9EphoRM6t9WgK2rX5eLQD
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:02 2025 by rpki-client