Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/458006862F4111F09A3E989ADAE4EC9C.roa
File: 458006862F4111F09A3E989ADAE4EC9C.roa (raw, json)
Hash identifier: lOT/TkvX2QG5vcNNwySPd3tPOUWPUaTSGHy406XtrGU=
Subject key identifier: 62:FC:FF:19:EA:BE:F5:FB:AD:34:1D:73:72:EA:B3:E1:ED:3D:40:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01802D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/458006862F4111F09A3E989ADAE4EC9C.roa
Signing time: Mon 12 May 2025 14:56:24 +0000
ROA not before: Mon 12 May 2025 14:56:19 +0000
ROA not after: Thu 22 May 2025 14:56:19 +0000
asID: 54801
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98349 (0x1802d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 14:56:19 2025 GMT
Not After : May 22 14:56:19 2025 GMT
Subject: CN=68220c18-1708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4e:8a:a1:bb:70:da:35:c9:3a:c5:74:02:69:
5f:ec:86:cb:60:1b:c4:34:69:11:f4:e6:e5:0b:20:
0d:e3:3b:43:10:df:d0:5b:b7:c6:7e:43:2e:9a:4f:
0b:60:e1:c3:70:aa:8e:de:5a:d7:78:3f:06:a5:18:
e9:89:b3:8d:43:06:cd:51:14:83:54:b1:b3:f8:1b:
e2:6c:18:78:e4:b2:20:b8:fc:bb:47:b5:e5:3f:7f:
c1:6f:00:3b:3d:18:f0:2f:ab:f4:fc:fd:6c:5f:dd:
75:30:57:48:fd:53:84:ed:fd:4d:b6:5a:75:dd:ff:
7a:0b:8d:a3:ff:73:36:0f:b8:a6:4e:68:a7:bd:1e:
bd:49:16:ec:ad:3b:73:88:5f:21:98:f2:b9:41:4d:
cf:80:c3:58:bc:59:06:45:3c:e6:6c:bd:ba:10:ea:
f0:23:c9:6c:da:e5:ff:f4:d1:6e:53:df:21:48:4a:
f8:6c:30:2c:57:c1:6b:d4:74:0a:d3:a2:57:94:90:
b5:ca:cf:c2:e5:50:79:98:be:8f:86:64:02:ec:a4:
7d:2d:a0:8c:79:59:2f:44:a3:03:52:2e:4c:8e:2d:
4c:c6:3e:53:23:03:c9:59:6a:23:33:1b:61:48:3f:
4c:ed:b6:ea:a1:5b:88:93:0c:59:b2:c5:c0:a0:33:
0e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FC:FF:19:EA:BE:F5:FB:AD:34:1D:73:72:EA:B3:E1:ED:3D:40:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/458006862F4111F09A3E989ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
ca:90:a1:19:81:56:a7:61:3c:2a:70:b5:d6:8c:9e:d5:3d:d7:
88:4f:78:f1:49:d5:04:39:f8:2a:d2:36:49:41:54:e5:8f:94:
2a:59:31:31:4b:23:54:8f:51:27:2d:8d:47:63:e6:09:99:fc:
83:fd:da:a2:26:da:4e:57:74:39:b1:25:89:78:79:4c:05:4c:
0c:c7:47:52:47:47:78:ca:d3:c8:11:6f:2a:98:81:6b:41:c3:
e9:85:2d:5b:76:41:f1:b3:7b:3e:c6:60:25:86:b7:4a:25:d8:
44:fd:30:04:33:ab:01:5d:1b:9a:40:e8:2a:50:04:50:b2:55:
da:6f:8e:83:ee:59:20:fd:79:59:f9:05:33:47:33:e5:60:07:
f1:bb:d7:da:7b:8c:a0:2f:b1:6d:5d:88:bd:5e:0e:48:6f:35:
42:95:03:da:31:4b:4f:17:69:cb:96:04:ec:5f:77:8c:38:aa:
ad:69:80:b8:4c:98:71:4a:66:fe:f0:4c:d8:65:5a:81:4b:6e:
6f:4c:55:14:fd:df:79:09:8b:43:72:a2:dd:1f:c3:7a:60:db:
c5:da:24:00:9e:f0:1c:4f:07:f5:d0:16:89:08:65:04:9d:93:
76:af:80:56:fd:27:1b:28:44:8b:55:a7:44:4a:c4:27:bf:e6:
b6:d5:4e:ff
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYAtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTQ1NjE5WhcNMjUwNTIyMTQ1NjE5WjAYMRYw
FAYDVQQDEw02ODIyMGMxOC0xNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqU6Kobtw2jXJOsV0Amlf7IbLYBvENGkR9OblCyAN4ztDEN/QW7fGfkMu
mk8LYOHDcKqO3lrXeD8GpRjpibONQwbNURSDVLGz+BvibBh45LIguPy7R7XlP3/B
bwA7PRjwL6v0/P1sX911MFdI/VOE7f1Ntlp13f96C42j/3M2D7imTminvR69SRbs
rTtziF8hmPK5QU3PgMNYvFkGRTzmbL26EOrwI8ls2uX/9NFuU98hSEr4bDAsV8Fr
1HQK06JXlJC1ys/C5VB5mL6PhmQC7KR9LaCMeVkvRKMDUi5Mji1Mxj5TIwPJWWoj
MxthSD9M7bbqoVuIkwxZssXAoDMOYwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGL8
/xnqvvX7rTQdc3Lqs+HtPUADMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NTgwMDY4NjJGNDExMUYwOUEzRTk4OUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQDKkKEZgVanYTwqcLXWjJ7VPdeIT3jxSdUEOfgq0jZJQVTl
j5QqWTExSyNUj1EnLY1HY+YJmfyD/dqiJtpOV3Q5sSWJeHlMBUwMx0dSR0d4ytPI
EW8qmIFrQcPphS1bdkHxs3s+xmAlhrdKJdhE/TAEM6sBXRuaQOgqUARQslXab46D
7lkg/XlZ+QUzRzPlYAfxu9fae4ygL7FtXYi9Xg5IbzVClQPaMUtPF2nLlgTsX3eM
OKqtaYC4TJhxSmb+8EzYZVqBS25vTFUU/d95CYtDcqLdH8N6YNvF2iQAnvAcTwf1
0BaJCGUEnZN2r4BW/ScbKESLVadESsQnv+a21U7/
-----END CERTIFICATE-----
Generated at Thu May 15 23:51:21 2025 by rpki-client