Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/405784E22B1611F09D708CBFDAE4EC9C.roa
File: 405784E22B1611F09D708CBFDAE4EC9C.roa (raw, json)
Hash identifier: QOjLY9T4rU5sGaGf0L09QjVDFhbANzgZYbY3slu+KYU=
Subject key identifier: 0C:3F:23:E0:18:96:EA:46:C8:80:F6:4E:5F:EE:0D:F8:C0:E2:01:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017F3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/405784E22B1611F09D708CBFDAE4EC9C.roa
Signing time: Wed 07 May 2025 07:38:22 +0000
ROA not before: Wed 07 May 2025 07:38:17 +0000
ROA not after: Fri 16 May 2025 07:38:17 +0000
asID: 139880
IP address blocks: 154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 16 May 2025 07:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98106 (0x17f3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 07:38:17 2025 GMT
Not After : May 16 07:38:17 2025 GMT
Subject: CN=681b0dee-54c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:22:63:a9:e5:c8:05:5d:fe:ea:77:35:2c:54:
c3:47:22:ee:53:76:b7:c4:72:2f:bd:5c:a6:26:26:
7b:15:18:bb:87:d4:75:3e:8b:47:dd:db:06:45:a9:
59:45:cc:d7:a2:64:70:03:96:bd:88:8d:2b:c6:e9:
59:80:40:5c:3e:a5:95:d1:c5:f3:18:04:8c:a2:01:
7b:72:5d:b2:3b:1e:88:71:3c:c8:ce:93:88:93:1c:
a4:3b:d4:08:99:48:2f:2d:e7:8e:a9:ee:55:ba:d2:
ec:8c:d6:0e:48:ab:a7:83:bd:70:dd:5d:bf:e5:3e:
ce:45:78:e4:59:36:b4:e3:3b:bf:df:7d:55:2b:08:
17:36:3b:1e:34:94:43:01:76:00:68:32:ff:dc:64:
5e:24:8e:16:93:90:55:ba:aa:60:dc:7f:ed:34:7c:
39:80:7e:ed:fb:d2:cf:91:6c:cf:10:29:6e:7a:cf:
a3:a6:bd:11:92:1f:0a:51:0b:13:8d:2e:b8:04:22:
a9:ac:52:af:9d:17:c8:7a:70:dc:a3:5b:9f:57:96:
62:7b:bd:39:c3:3c:3d:e2:0a:68:bc:33:42:27:4b:
4b:87:d2:8b:f2:83:82:74:c4:6d:e1:c4:72:d2:81:
f4:42:97:01:fc:d9:a6:0f:df:45:22:ed:49:d9:31:
3e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3F:23:E0:18:96:EA:46:C8:80:F6:4E:5F:EE:0D:F8:C0:E2:01:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/405784E22B1611F09D708CBFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8c:c5:2b:fa:9a:be:86:38:e2:77:a3:d4:a7:b3:77:2f:ee:37:
27:52:ed:f0:e2:af:36:90:5e:50:16:5a:16:b3:e7:5d:18:1e:
1b:39:6b:f1:63:d7:c2:d0:27:75:80:c4:1d:11:ac:81:0b:05:
d9:32:10:92:20:3f:5c:41:0e:14:02:69:b0:04:2e:63:32:92:
82:17:88:84:10:1b:87:d6:5c:76:af:c2:99:b1:01:ca:d4:79:
c0:d4:18:b6:e3:a4:fc:1d:4d:f8:9e:e3:ab:ed:fe:ed:0a:54:
f5:f1:27:7a:dc:02:3f:d0:8c:53:bb:1e:c6:65:5f:c9:d8:54:
28:eb:69:0a:87:29:a2:cc:76:72:77:05:62:ca:03:cf:8b:c8:
97:b7:e9:4d:c6:2a:5f:b7:9f:30:7a:2f:04:db:2c:b4:64:f2:
92:4d:aa:91:c8:a7:62:38:24:bb:65:00:fd:7a:1a:f1:c2:74:
ac:6c:7b:5d:8e:c5:92:fb:e4:7f:d3:89:a5:61:96:2f:72:ef:
80:6e:6c:56:ac:48:f7:4d:66:33:9d:8f:f9:90:61:5a:51:46:
0f:14:37:5e:47:d8:c7:a1:60:53:0c:a2:3e:7c:e6:7e:b4:68:
97:ee:0d:d1:1c:24:48:56:4c:27:45:da:85:a0:9c:ca:51:89:
6e:2b:57:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX86MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA3MDczODE3WhcNMjUwNTE2MDczODE3WjAYMRYw
FAYDVQQDEw02ODFiMGRlZS01NGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7yJjqeXIBV3+6nc1LFTDRyLuU3a3xHIvvVymJiZ7FRi7h9R1PotH3dsG
RalZRczXomRwA5a9iI0rxulZgEBcPqWV0cXzGASMogF7cl2yOx6IcTzIzpOIkxyk
O9QImUgvLeeOqe5VutLsjNYOSKung71w3V2/5T7ORXjkWTa04zu/331VKwgXNjse
NJRDAXYAaDL/3GReJI4Wk5BVuqpg3H/tNHw5gH7t+9LPkWzPEClues+jpr0Rkh8K
UQsTjS64BCKprFKvnRfIenDco1ufV5Zie705wzw94gpovDNCJ0tLh9KL8oOCdMRt
4cRy0oH0QpcB/NmmD99FIu1J2TE+UQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAw/
I+AYlupGyID2Tl/uDfjA4gGpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDU3ODRFMjJCMTYxMUYwOUQ3MDhDQkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtdAMA0GCSqGSIb3DQEB
CwUAA4IBAQCMxSv6mr6GOOJ3o9Sns3cv7jcnUu3w4q82kF5QFloWs+ddGB4bOWvx
Y9fC0Cd1gMQdEayBCwXZMhCSID9cQQ4UAmmwBC5jMpKCF4iEEBuH1lx2r8KZsQHK
1HnA1Bi246T8HU34nuOr7f7tClT18Sd63AI/0IxTux7GZV/J2FQo62kKhymizHZy
dwViygPPi8iXt+lNxipft58wei8E2yy0ZPKSTaqRyKdiOCS7ZQD9ehrxwnSsbHtd
jsWS++R/04mlYZYvcu+AbmxWrEj3TWYznY/5kGFaUUYPFDdeR9jHoWBTDKI+fOZ+
tGiX7g3RHCRIVkwnRdqFoJzKUYluK1cU
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:03 2025 by rpki-client