Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FD8859C477D11F0B55E17ACDAE4EC9C.roa
File: 3FD8859C477D11F0B55E17ACDAE4EC9C.roa (raw, json)
Hash identifier: UUmQvAEnED1PkjbuqAS/IJQvHZdniBa7ZKsgNjuNH28=
Subject key identifier: 56:09:91:AD:32:02:45:F1:81:62:AE:85:D0:56:BA:9D:C3:28:D7:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01861B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FD8859C477D11F0B55E17ACDAE4EC9C.roa
Signing time: Thu 12 Jun 2025 11:06:12 +0000
ROA not before: Thu 12 Jun 2025 11:06:06 +0000
ROA not after: Fri 18 Jul 2025 11:06:06 +0000
asID: 20473
IP address blocks: 154.83.134.0/24 maxlen: 24
154.83.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 11:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99867 (0x1861b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 11:06:06 2025 GMT
Not After : Jul 18 11:06:06 2025 GMT
Subject: CN=684ab4a4-72aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:90:26:49:3a:a8:a1:d0:d2:0f:0f:d2:d2:dd:
e9:ca:54:8d:04:ab:93:0b:01:aa:da:5d:e2:b2:ac:
57:f3:f4:f8:f5:e0:5f:2a:cb:5a:ff:81:d5:54:6a:
2d:83:3e:b9:cf:b7:c9:70:17:7f:e5:2d:62:61:79:
70:f1:36:8a:82:58:e7:24:77:76:2a:e4:53:fe:9c:
b5:47:e7:42:14:3b:48:9e:3e:95:05:4c:dc:c9:9a:
bd:5e:4e:76:cd:fc:d4:39:a8:82:fd:db:eb:e7:84:
51:a2:b9:6b:0a:c7:a0:53:f9:21:a7:46:08:7b:81:
7c:8e:52:74:ce:97:fa:41:a6:c4:0b:da:66:2d:40:
a8:72:0d:da:6d:0a:05:57:cc:43:52:f1:cb:db:bb:
14:77:6c:ac:f6:c3:c9:9e:f0:da:b0:20:b5:d4:13:
6a:50:46:9b:2a:e1:7a:80:d6:93:f0:55:5f:9f:61:
0d:28:5b:37:7a:26:0b:18:ed:2b:82:2e:26:e9:2f:
f4:f9:e3:1e:e4:be:48:40:8f:6b:f5:88:d4:95:02:
5f:ff:fc:b4:dc:fc:f8:96:9b:b6:32:42:48:e7:d8:
d4:6d:b0:2f:42:fd:e1:0b:2d:36:74:83:30:de:fa:
cc:d2:51:ea:f1:44:f6:f0:a8:fa:ec:6f:55:f0:6d:
d8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:09:91:AD:32:02:45:F1:81:62:AE:85:D0:56:BA:9D:C3:28:D7:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FD8859C477D11F0B55E17ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.134.0/24
154.83.188.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:ab:11:b3:b9:fe:dc:3f:0c:ce:89:f1:20:42:18:90:00:32:
48:6d:71:5c:6f:9b:1e:40:20:ea:b8:03:f7:ba:82:5e:41:22:
16:86:2e:90:bd:07:7f:0f:8a:7d:69:7b:2a:d7:26:9e:53:c8:
52:42:c8:e2:17:50:fb:40:4d:91:7a:b7:29:0e:80:d9:b4:86:
e5:73:6c:1b:e4:d5:c2:52:9f:dd:fc:13:98:28:5e:92:73:e4:
88:a7:bf:66:18:5d:d4:db:e8:55:09:7d:9e:ec:27:9e:8d:71:
54:4c:34:f8:57:33:64:9e:47:90:c7:c1:c9:50:7a:07:11:05:
8c:28:5f:b9:69:47:7a:dc:95:e0:f7:9e:b5:be:c0:9d:88:49:
93:70:2f:de:36:f3:29:f8:2c:23:4a:66:31:07:cc:6c:79:c4:
9f:b0:6f:17:e6:97:be:a0:6f:66:75:ad:d2:7f:1b:84:a0:8f:
75:da:b0:a0:36:05:98:af:15:9a:84:06:08:bd:e9:d1:cd:a3:
6c:be:38:47:17:72:08:2e:74:03:84:c3:63:d9:a6:d6:60:a9:
c9:10:0a:dc:96:94:12:05:cf:e1:eb:8c:4f:16:30:a5:12:eb:
2d:66:1b:35:7e:9b:a8:17:e9:8a:77:82:d7:a8:01:9e:89:a6:
60:46:6c:36
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYYbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEyMTEwNjA2WhcNMjUwNzE4MTEwNjA2WjAYMRYw
FAYDVQQDEw02ODRhYjRhNC03MmFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw5AmSTqoodDSDw/S0t3pylSNBKuTCwGq2l3isqxX8/T49eBfKsta/4HV
VGotgz65z7fJcBd/5S1iYXlw8TaKgljnJHd2KuRT/py1R+dCFDtInj6VBUzcyZq9
Xk52zfzUOaiC/dvr54RRorlrCsegU/khp0YIe4F8jlJ0zpf6QabEC9pmLUCocg3a
bQoFV8xDUvHL27sUd2ys9sPJnvDasCC11BNqUEabKuF6gNaT8FVfn2ENKFs3eiYL
GO0rgi4m6S/0+eMe5L5IQI9r9YjUlQJf//y03Pz4lpu2MkJI59jUbbAvQv3hCy02
dIMw3vrM0lHq8UT28Kj67G9V8G3Y4QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFYJ
ka0yAkXxgWKuhdBWup3DKNfgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRkQ4ODU5QzQ3N0QxMUYwQjU1RTE3QUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlOGAwQBmlO8MA0GCSqG
SIb3DQEBCwUAA4IBAQAvqxGzuf7cPwzOifEgQhiQADJIbXFcb5seQCDquAP3uoJe
QSIWhi6QvQd/D4p9aXsq1yaeU8hSQsjiF1D7QE2RercpDoDZtIblc2wb5NXCUp/d
/BOYKF6Sc+SIp79mGF3U2+hVCX2e7CeejXFUTDT4VzNknkeQx8HJUHoHEQWMKF+5
aUd63JXg9561vsCdiEmTcC/eNvMp+CwjSmYxB8xsecSfsG8X5pe+oG9mda3SfxuE
oI912rCgNgWYrxWahAYIvenRzaNsvjhHF3IILnQDhMNj2abWYKnJEArclpQSBc/h
64xPFjClEustZhs1fpuoF+mKd4LXqAGeiaZgRmw2
-----END CERTIFICATE-----
Generated at Mon Jun 30 17:11:51 2025 by rpki-client