Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86618CE22CE411F090AD49CEDAE4EC9C.roa
File: 86618CE22CE411F090AD49CEDAE4EC9C.roa (raw, json)
Hash identifier: +6rmrjVogsickS5e24sCILKPANQFfQ7emOVkiSjuyiQ=
Subject key identifier: AB:81:08:89:B2:5D:6D:45:3A:38:19:D8:AD:AE:B8:A5:77:35:12:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FC0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86618CE22CE411F090AD49CEDAE4EC9C.roa
Signing time: Fri 09 May 2025 14:47:27 +0000
ROA not before: Fri 09 May 2025 14:47:22 +0000
ROA not after: Thu 19 Jun 2025 14:47:22 +0000
asID: 6079
IP address blocks: 154.221.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98240 (0x17fc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 14:47:22 2025 GMT
Not After : Jun 19 14:47:22 2025 GMT
Subject: CN=681e157f-2a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a7:ba:76:e9:77:31:20:84:22:d7:1a:44:d1:
58:2d:98:3f:1b:51:37:72:0c:80:e1:d1:4a:2e:e2:
e1:9b:38:b5:fa:47:b8:82:5c:91:91:12:83:5d:d6:
ce:60:64:b4:2e:47:34:bb:2c:e7:93:8f:f1:6a:f1:
79:12:b1:96:c7:5b:7f:71:c7:a6:c7:64:4a:49:4a:
96:17:c8:81:c3:a5:f5:3f:9f:be:31:e7:44:64:09:
23:3a:15:6b:94:7e:aa:2e:ae:47:de:f8:d1:e6:8d:
28:8c:bc:5f:9f:24:7f:57:b1:8b:43:e7:81:70:02:
60:f1:b7:a3:c6:24:0f:48:aa:77:6d:eb:8f:4d:92:
a9:08:6f:c3:8a:84:7e:ef:a7:12:df:b1:99:6b:f3:
85:f7:d1:39:22:1f:21:28:d1:3d:22:e8:61:64:f2:
24:cd:a9:d5:a1:48:a7:74:1e:c6:95:ef:8d:7f:fa:
d2:af:ed:62:5d:04:01:bb:bf:a0:7d:28:e1:b5:d6:
dd:56:91:3a:0b:46:49:9d:6d:da:cf:da:e9:ed:84:
44:6c:3b:84:6a:0e:36:40:d1:92:e1:6e:6d:9a:3b:
96:1f:23:4b:5c:4d:a9:92:b4:f4:44:76:38:8a:40:
8e:aa:b9:e7:70:08:cb:59:c4:1f:3c:dc:f6:0f:3d:
67:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:81:08:89:B2:5D:6D:45:3A:38:19:D8:AD:AE:B8:A5:77:35:12:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86618CE22CE411F090AD49CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.192.0/18
Signature Algorithm: sha256WithRSAEncryption
0f:3e:cb:18:31:af:bd:0c:6a:c4:2f:b8:2a:ad:f1:f6:0a:9f:
41:de:8f:25:6f:17:c7:83:d4:f7:33:49:49:0e:58:f2:a4:11:
b4:f7:58:4e:e5:f0:1d:cc:0f:74:1a:68:06:4e:05:0b:5f:9d:
dd:a9:b9:24:f4:18:b4:13:81:ba:cc:57:4d:8d:2e:14:0d:a3:
82:4e:be:33:bb:56:94:aa:0e:ec:49:5e:ad:0a:78:53:14:32:
53:68:29:81:40:75:6d:2a:30:c6:ee:a2:7c:c0:3a:3b:3a:c9:
f8:c7:b4:ad:a5:bb:dd:22:83:58:22:13:0d:b7:d4:7a:1e:07:
c8:2c:13:d3:83:fa:bc:2e:0b:65:02:85:0f:8a:f6:e6:01:02:
a3:e7:df:ca:34:9b:4c:f2:52:a7:37:13:ce:ae:cc:40:d2:8b:
47:ef:e3:1b:7c:ec:93:bd:2b:65:3d:22:15:84:ad:69:d3:de:
78:0f:4c:b4:1e:2f:5a:8a:e8:b0:16:f0:88:f7:cb:eb:36:47:
fd:ed:25:d7:a9:39:c9:ae:ba:e1:4f:44:d5:2a:03:e0:0c:a5:
16:77:7d:8a:d2:1e:4e:11:af:12:82:1e:06:56:46:3f:a3:37:
4c:ef:40:58:f0:71:f6:2c:e4:3c:70:10:77:74:ae:9b:f3:2e:
61:98:2d:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX/AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MTQ0NzIyWhcNMjUwNjE5MTQ0NzIyWjAYMRYw
FAYDVQQDEw02ODFlMTU3Zi0yYTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo6e6dul3MSCEItcaRNFYLZg/G1E3cgyA4dFKLuLhmzi1+ke4glyRkRKD
XdbOYGS0Lkc0uyznk4/xavF5ErGWx1t/ccemx2RKSUqWF8iBw6X1P5++MedEZAkj
OhVrlH6qLq5H3vjR5o0ojLxfnyR/V7GLQ+eBcAJg8bejxiQPSKp3beuPTZKpCG/D
ioR+76cS37GZa/OF99E5Ih8hKNE9IuhhZPIkzanVoUindB7Gle+Nf/rSr+1iXQQB
u7+gfSjhtdbdVpE6C0ZJnW3az9rp7YREbDuEag42QNGS4W5tmjuWHyNLXE2pkrT0
RHY4ikCOqrnncAjLWcQfPNz2Dz1nMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKuB
CImyXW1FOjgZ2K2uuKV3NRJAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjYxOENFMjJDRTQxMUYwOTBBRDQ5Q0VEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmt3AMA0GCSqGSIb3DQEB
CwUAA4IBAQAPPssYMa+9DGrEL7gqrfH2Cp9B3o8lbxfHg9T3M0lJDljypBG091hO
5fAdzA90GmgGTgULX53dqbkk9Bi0E4G6zFdNjS4UDaOCTr4zu1aUqg7sSV6tCnhT
FDJTaCmBQHVtKjDG7qJ8wDo7Osn4x7StpbvdIoNYIhMNt9R6HgfILBPTg/q8Lgtl
AoUPivbmAQKj59/KNJtM8lKnNxPOrsxA0otH7+MbfOyTvStlPSIVhK1p0954D0y0
Hi9aiuiwFvCI98vrNkf97SXXqTnJrrrhT0TVKgPgDKUWd32K0h5OEa8Sgh4GVkY/
ozdM70BY8HH2LOQ8cBB3dK6b8y5hmC0h
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:07 2025 by rpki-client