Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D540CE42F4311F0A914FCA9DAE4EC9C.roa
File: 8D540CE42F4311F0A914FCA9DAE4EC9C.roa (raw, json)
Hash identifier: 82GDC4jmuBLfzmHZzBkezYwIfvJWYVNDJrxh8RGRjoM=
Subject key identifier: C4:9F:04:FB:DA:DF:22:33:40:C3:82:5C:7B:46:FA:48:21:D2:07:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018031
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D540CE42F4311F0A914FCA9DAE4EC9C.roa
Signing time: Mon 12 May 2025 15:12:43 +0000
ROA not before: Mon 12 May 2025 15:12:38 +0000
ROA not after: Wed 21 May 2025 15:12:38 +0000
asID: 135097
IP address blocks: 154.197.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98353 (0x18031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 15:12:38 2025 GMT
Not After : May 21 15:12:38 2025 GMT
Subject: CN=68220feb-16fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:61:45:73:21:4b:19:c4:f3:b1:94:16:39:55:
c0:0b:7c:bf:9c:35:64:74:d3:94:6d:6f:9d:90:79:
53:9f:68:d6:17:bd:4f:2e:b6:50:50:f8:de:51:be:
e0:86:8f:a8:4d:96:d3:89:64:41:60:5a:42:66:cb:
84:32:87:cd:68:69:d2:46:b8:6e:0a:cb:0a:3c:7e:
59:46:6d:be:f1:b0:48:e7:32:c3:fb:03:bf:b7:00:
63:4a:1c:3e:b2:2a:38:47:d5:b8:de:fb:bf:8e:d9:
db:e9:01:5f:e9:ff:d3:05:c7:cb:d2:9d:b7:fb:f8:
57:f1:55:6d:85:9b:ed:4e:f4:32:76:74:57:31:29:
d6:cc:ab:6f:ee:71:c6:d4:66:6c:79:60:79:c6:00:
1e:0c:8f:6b:c9:c3:78:b2:b0:7d:d6:17:4b:f7:53:
f1:db:4e:0c:86:b7:b4:2a:84:8f:f5:2c:3e:b0:50:
38:bf:84:9c:86:62:dc:73:92:2b:d6:eb:6b:d0:1d:
a1:5c:d3:41:6e:0e:21:5e:de:b0:24:5d:77:b3:e2:
aa:fe:7e:26:57:0f:8c:bc:a1:54:ba:ba:f5:bb:95:
24:2b:91:6b:29:a8:59:5e:f4:b7:e3:2f:ce:69:6f:
6b:0f:a4:99:96:8a:c8:48:38:56:fe:c2:bb:51:27:
af:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9F:04:FB:DA:DF:22:33:40:C3:82:5C:7B:46:FA:48:21:D2:07:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D540CE42F4311F0A914FCA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.128.0/17
Signature Algorithm: sha256WithRSAEncryption
88:72:00:6d:0d:e0:d4:5d:f8:99:e2:af:97:3f:ad:fd:7c:0d:
ea:b4:fa:ec:95:99:b7:a9:09:be:28:bd:0c:fb:95:d1:56:34:
23:b1:16:b3:c3:a7:f6:e1:b2:4a:d9:e0:35:ac:b3:ce:6d:a2:
22:dd:4e:16:f8:df:1e:d3:5b:76:32:9c:7c:27:ae:c5:9f:50:
00:1e:40:7e:bf:8c:d6:5b:de:38:42:08:c4:21:5f:8a:f1:a8:
2f:74:e2:52:d1:a3:f4:57:e4:86:65:1b:9a:09:a4:74:06:ef:
31:46:60:99:fa:5b:3b:77:41:68:d8:f7:66:26:c6:eb:5f:df:
3f:e4:26:ea:92:5a:5b:2a:de:0d:29:9a:fe:fc:49:fc:56:f8:
20:36:15:16:9c:fc:ad:cd:d9:61:11:9f:e7:de:e7:cc:f1:67:
59:87:45:3e:b4:75:45:6a:ac:af:0a:b8:23:32:71:56:67:d2:
71:07:00:81:6e:6b:32:26:d1:78:18:4d:16:b5:48:7d:2f:a1:
a9:de:d7:13:78:88:62:83:5f:14:91:76:5a:1c:28:15:4e:79:
89:95:79:12:bb:41:62:46:81:5b:57:ee:c0:85:0a:8a:ca:9d:
f9:9d:f7:38:10:f7:98:d0:f4:56:f0:84:7c:7b:49:42:12:9e:
ef:6a:42:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYAxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTUxMjM4WhcNMjUwNTIxMTUxMjM4WjAYMRYw
FAYDVQQDEw02ODIyMGZlYi0xNmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA72FFcyFLGcTzsZQWOVXAC3y/nDVkdNOUbW+dkHlTn2jWF71PLrZQUPje
Ub7gho+oTZbTiWRBYFpCZsuEMofNaGnSRrhuCssKPH5ZRm2+8bBI5zLD+wO/twBj
Shw+sio4R9W43vu/jtnb6QFf6f/TBcfL0p23+/hX8VVthZvtTvQydnRXMSnWzKtv
7nHG1GZseWB5xgAeDI9rycN4srB91hdL91Px204Mhre0KoSP9Sw+sFA4v4SchmLc
c5Ir1utr0B2hXNNBbg4hXt6wJF13s+Kq/n4mVw+MvKFUurr1u5UkK5FrKahZXvS3
4y/OaW9rD6SZlorISDhW/sK7USev6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMSf
BPva3yIzQMOCXHtG+kgh0geyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RDU0MENFNDJGNDMxMUYwQTkxNEZDQTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHmsWAMA0GCSqGSIb3DQEB
CwUAA4IBAQCIcgBtDeDUXfiZ4q+XP639fA3qtPrslZm3qQm+KL0M+5XRVjQjsRaz
w6f24bJK2eA1rLPObaIi3U4W+N8e01t2Mpx8J67Fn1AAHkB+v4zWW944QgjEIV+K
8agvdOJS0aP0V+SGZRuaCaR0Bu8xRmCZ+ls7d0Fo2PdmJsbrX98/5CbqklpbKt4N
KZr+/En8VvggNhUWnPytzdlhEZ/n3ufM8WdZh0U+tHVFaqyvCrgjMnFWZ9JxBwCB
bmsyJtF4GE0WtUh9L6Gp3tcTeIhig18UkXZaHCgVTnmJlXkSu0FiRoFbV+7AhQqK
yp35nfc4EPeY0PRW8IR8e0lCEp7vakI/
-----END CERTIFICATE-----
Generated at Thu May 15 23:55:55 2025 by rpki-client