Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41EFCDE82CDB11F0A2462192DAE4EC9C.roa
File: 41EFCDE82CDB11F0A2462192DAE4EC9C.roa (raw, json)
Hash identifier: R0VK4ZKBvCGBBg2pDAOsu+QwkUgywM94AXFbxvDyzx8=
Subject key identifier: A5:C4:81:71:E1:AD:81:5A:C6:51:41:00:8E:F3:2E:75:4E:51:48:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FBA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41EFCDE82CDB11F0A2462192DAE4EC9C.roa
Signing time: Fri 09 May 2025 13:41:07 +0000
ROA not before: Fri 09 May 2025 13:41:02 +0000
ROA not after: Sat 14 Jun 2025 13:41:02 +0000
asID: 397630
IP address blocks: 154.83.44.0/22 maxlen: 24
154.84.132.0/24 maxlen: 24
154.84.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98234 (0x17fba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 13:41:02 2025 GMT
Not After : Jun 14 13:41:02 2025 GMT
Subject: CN=681e05f3-a550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:83:18:0e:10:3e:c1:a9:36:49:d7:ea:a7:
2a:ad:e8:bd:19:61:d9:32:fe:66:73:05:30:93:b2:
fc:7a:05:a3:bf:42:70:91:b6:9f:b2:e5:ca:fa:54:
81:46:d0:42:d4:fd:0c:c7:fa:46:43:28:04:6d:45:
92:50:7b:68:7f:fe:57:1e:b0:ac:5d:14:54:38:f2:
67:d8:d5:18:90:5d:de:f4:08:75:e7:36:d4:9a:e5:
da:4e:2d:83:42:c1:08:76:f5:26:07:d6:01:df:1f:
e2:59:ba:db:77:70:88:c0:4a:a7:83:62:e4:c5:14:
c6:1a:aa:9c:78:79:6c:51:84:16:56:34:4b:07:a5:
ec:0f:e3:c0:a0:3d:03:0e:12:81:04:4b:c8:a7:43:
e1:9b:a3:fd:32:f8:2b:39:3a:cb:e8:c6:ea:6f:76:
61:71:0f:5e:60:8e:00:fc:1c:c7:bf:60:74:60:62:
37:e3:dc:67:62:17:85:d6:9a:ab:e0:f5:60:1f:31:
12:2a:93:5f:74:49:8f:e4:a0:c1:25:aa:29:53:c6:
9b:85:ff:c3:ab:e2:15:8f:d6:a8:2e:09:dd:28:a5:
96:61:06:a2:ae:33:3c:7b:88:10:65:10:c5:73:3d:
5d:0b:17:3a:60:5f:96:d8:d7:9e:1e:53:e7:55:9a:
00:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C4:81:71:E1:AD:81:5A:C6:51:41:00:8E:F3:2E:75:4E:51:48:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41EFCDE82CDB11F0A2462192DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.44.0/22
154.84.132.0/24
154.84.134.0/24
Signature Algorithm: sha256WithRSAEncryption
14:3a:80:8f:91:d8:c1:5a:55:fe:9a:93:63:de:08:c4:4e:bc:
5a:9f:22:ed:e5:19:56:b4:ed:c1:4a:5e:f4:c5:4c:00:6b:60:
12:52:71:bf:79:a5:a9:85:db:0c:be:13:97:95:4c:a2:8f:e8:
82:8e:bd:b0:b3:c8:d7:55:9c:3f:a6:2d:e8:df:e2:90:57:c8:
5e:71:8f:e2:03:18:c8:76:69:7e:fd:e3:51:cf:b1:b7:d3:02:
e6:8d:8c:8f:b1:39:0e:4f:b1:a4:17:d4:a9:fb:00:77:1d:73:
84:38:1e:e4:ae:24:e7:c9:59:df:83:f6:5d:47:f4:c1:6a:61:
82:51:91:30:2b:ef:8f:17:bb:2d:93:f1:93:aa:4f:d0:46:d4:
83:49:72:fb:c5:d8:82:48:4f:ca:b7:1c:a8:4b:68:34:37:ce:
b0:94:a4:9d:21:15:d3:dc:cd:93:1b:e7:2c:af:8c:ba:b4:96:
51:24:14:9b:46:9e:45:06:10:7f:c3:ba:1d:5a:7b:2c:7d:26:
81:49:9a:2c:91:35:91:72:c2:1d:bc:49:1c:55:a9:4f:40:a8:
16:82:a1:5a:f5:c7:8b:72:e2:16:24:a6:77:15:b4:da:8a:ba:
eb:df:9a:ae:09:a8:1e:e4:e9:8d:e6:79:b1:54:f9:2b:9a:e3:
3b:ea:f4:12
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAX+6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MTM0MTAyWhcNMjUwNjE0MTM0MTAyWjAYMRYw
FAYDVQQDEw02ODFlMDVmMy1hNTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAymWDGA4QPsGpNknX6qcqrei9GWHZMv5mcwUwk7L8egWjv0JwkbafsuXK
+lSBRtBC1P0Mx/pGQygEbUWSUHtof/5XHrCsXRRUOPJn2NUYkF3e9Ah15zbUmuXa
Ti2DQsEIdvUmB9YB3x/iWbrbd3CIwEqng2LkxRTGGqqceHlsUYQWVjRLB6XsD+PA
oD0DDhKBBEvIp0Phm6P9MvgrOTrL6Mbqb3ZhcQ9eYI4A/BzHv2B0YGI349xnYheF
1pqr4PVgHzESKpNfdEmP5KDBJaopU8abhf/Dq+IVj9aoLgndKKWWYQairjM8e4gQ
ZRDFcz1dCxc6YF+W2NeeHlPnVZoA1QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFKXE
gXHhrYFaxlFBAI7zLnVOUUjmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MUVGQ0RFODJDREIxMUYwQTI0NjIxOTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmlMsAwQAmlSEAwQAmlSG
MA0GCSqGSIb3DQEBCwUAA4IBAQAUOoCPkdjBWlX+mpNj3gjETrxanyLt5RlWtO3B
Sl70xUwAa2ASUnG/eaWphdsMvhOXlUyij+iCjr2ws8jXVZw/pi3o3+KQV8hecY/i
AxjIdml+/eNRz7G30wLmjYyPsTkOT7GkF9Sp+wB3HXOEOB7kriTnyVnfg/ZdR/TB
amGCUZEwK++PF7stk/GTqk/QRtSDSXL7xdiCSE/KtxyoS2g0N86wlKSdIRXT3M2T
G+csr4y6tJZRJBSbRp5FBhB/w7odWnssfSaBSZoskTWRcsIdvEkcValPQKgWgqFa
9ceLcuIWJKZ3FbTairrr35quCage5OmN5nmxVPkrmuM76vQS
-----END CERTIFICATE-----
Generated at Thu May 15 23:53:50 2025 by rpki-client