Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD5E2FA30A411F0BB377AE8DAE4EC9C.roa
File: 3AD5E2FA30A411F0BB377AE8DAE4EC9C.roa (raw, json)
Hash identifier: m/tv4OlYyqr6iSbSMdOFFJCD9lvP7K0B4+uV3TfJLaQ=
Subject key identifier: EB:BF:9B:99:5F:C8:7D:93:E2:EE:7B:28:4F:CE:1A:15:27:79:7E:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01808D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD5E2FA30A411F0BB377AE8DAE4EC9C.roa
Signing time: Wed 14 May 2025 09:17:17 +0000
ROA not before: Wed 14 May 2025 09:17:12 +0000
ROA not after: Fri 20 Jun 2025 09:17:12 +0000
asID: 273155
IP address blocks: 154.200.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98445 (0x1808d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 14 09:17:12 2025 GMT
Not After : Jun 20 09:17:12 2025 GMT
Subject: CN=68245f9d-a9e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:43:c0:c0:f9:2f:7b:e9:4d:49:f2:19:d4:6b:
95:6e:6e:c9:2b:b9:9d:90:5a:ec:72:d4:56:77:29:
bc:b7:98:76:bc:7e:eb:11:f0:f5:38:05:2c:6c:03:
a3:99:f8:bb:35:48:e9:36:0c:b1:e2:96:8c:a7:b6:
93:71:ba:98:af:f7:4c:cd:7c:7d:67:35:87:c7:4d:
f4:f1:fc:b1:02:12:c2:05:7c:f7:08:e2:b6:c1:e0:
16:fd:83:5e:d7:3e:25:5e:6a:0a:45:78:90:f8:7b:
d2:d1:95:5c:31:4d:1e:7d:67:5a:70:36:b4:28:f4:
a7:20:0d:23:75:f9:1e:fe:4b:be:12:64:b5:04:a5:
bd:33:f7:ab:1f:e0:f1:c0:08:66:66:86:31:e0:7b:
5b:81:a4:8f:bc:40:4a:89:00:62:d6:70:b9:f2:5d:
b7:cd:20:35:70:af:d8:39:12:21:b3:4a:f6:1a:2e:
20:10:31:7e:47:8f:e6:c9:54:55:f8:ca:ce:a1:f9:
2c:5f:13:d6:92:0f:bc:98:c8:03:c6:02:a4:09:b2:
69:ee:38:24:b4:fb:94:b5:dd:e0:cd:a2:31:f9:1f:
91:fc:07:f2:1e:63:d9:01:cd:db:22:84:48:bb:fe:
a6:1f:4e:bc:bf:b5:23:be:98:db:cc:fe:e0:53:c9:
68:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BF:9B:99:5F:C8:7D:93:E2:EE:7B:28:4F:CE:1A:15:27:79:7E:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD5E2FA30A411F0BB377AE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.236.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:08:17:92:5a:25:32:b4:73:95:cc:a6:32:6c:4d:5b:9d:7c:
96:a6:e0:ac:5f:ea:ac:f3:f3:ab:04:20:3c:f9:a8:20:a4:d2:
49:ad:2e:7a:d2:db:f1:82:f0:6d:88:d6:9d:3e:75:b2:14:f6:
2d:0c:91:ea:e5:ae:f1:15:c9:18:e7:c4:d0:99:3f:d1:06:c7:
ab:e5:21:91:2b:09:9f:28:38:17:a0:f0:fe:e2:08:33:16:c3:
32:69:c3:a0:7b:59:e4:20:8a:9a:09:7d:6d:02:d5:43:1f:15:
d1:de:9c:8f:3a:25:5c:10:c3:9b:0d:ba:58:f9:c1:6f:78:b4:
c8:e1:3a:64:97:57:cf:d7:9c:3a:0a:81:41:db:88:8e:3c:fe:
c1:bc:a7:b0:fd:60:94:3a:8a:7b:8a:54:e6:20:fc:8e:ba:d4:
36:3b:3f:1c:00:b5:84:28:ea:dd:54:c3:0f:2d:77:a9:2d:04:
21:70:75:01:b3:47:da:00:99:95:8f:77:49:94:07:47:9c:27:
85:dd:70:0f:ac:34:8f:b2:f9:4e:8a:27:de:95:30:18:25:46:
32:66:8d:17:cc:aa:72:61:00:ca:30:40:1e:db:2b:59:f6:60:
8f:32:5d:15:7b:aa:b6:3c:d4:3a:22:67:59:92:32:22:01:63:
c1:8b:e6:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYCNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE0MDkxNzEyWhcNMjUwNjIwMDkxNzEyWjAYMRYw
FAYDVQQDEw02ODI0NWY5ZC1hOWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuUPAwPkve+lNSfIZ1GuVbm7JK7mdkFrsctRWdym8t5h2vH7rEfD1OAUs
bAOjmfi7NUjpNgyx4paMp7aTcbqYr/dMzXx9ZzWHx0308fyxAhLCBXz3COK2weAW
/YNe1z4lXmoKRXiQ+HvS0ZVcMU0efWdacDa0KPSnIA0jdfke/ku+EmS1BKW9M/er
H+DxwAhmZoYx4HtbgaSPvEBKiQBi1nC58l23zSA1cK/YORIhs0r2Gi4gEDF+R4/m
yVRV+MrOofksXxPWkg+8mMgDxgKkCbJp7jgktPuUtd3gzaIx+R+R/AfyHmPZAc3b
IoRIu/6mH068v7UjvpjbzP7gU8loQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOu/
m5lfyH2T4u57KE/OGhUneX6gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQUQ1RTJGQTMwQTQxMUYwQkIzNzdBRThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsjsMA0GCSqGSIb3DQEB
CwUAA4IBAQBdCBeSWiUytHOVzKYybE1bnXyWpuCsX+qs8/OrBCA8+aggpNJJrS56
0tvxgvBtiNadPnWyFPYtDJHq5a7xFckY58TQmT/RBser5SGRKwmfKDgXoPD+4ggz
FsMyacOge1nkIIqaCX1tAtVDHxXR3pyPOiVcEMObDbpY+cFveLTI4Tpkl1fP15w6
CoFB24iOPP7BvKew/WCUOop7ilTmIPyOutQ2Oz8cALWEKOrdVMMPLXepLQQhcHUB
s0faAJmVj3dJlAdHnCeF3XAPrDSPsvlOiifelTAYJUYyZo0XzKpyYQDKMEAe2ytZ
9mCPMl0Ve6q2PNQ6ImdZkjIiAWPBi+Y9
-----END CERTIFICATE-----
Generated at Thu May 15 23:42:45 2025 by rpki-client