Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97CDFDFA2CDD11F0A6A166A1DAE4EC9C.roa
File: 97CDFDFA2CDD11F0A6A166A1DAE4EC9C.roa (raw, json)
Hash identifier: k7rxp8SghJ5NlBPc9FPuVYOP8CqbeEnZfzPhzacSzRU=
Subject key identifier: D2:35:42:D7:B2:FE:E9:EB:FE:E6:9C:36:86:64:92:54:6B:35:AE:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FBC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97CDFDFA2CDD11F0A6A166A1DAE4EC9C.roa
Signing time: Fri 09 May 2025 13:57:50 +0000
ROA not before: Fri 09 May 2025 13:57:45 +0000
ROA not after: Sun 15 Jun 2025 13:57:45 +0000
asID: 57043
IP address blocks: 154.193.134.0/23 maxlen: 24
154.193.156.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98236 (0x17fbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 13:57:45 2025 GMT
Not After : Jun 15 13:57:45 2025 GMT
Subject: CN=681e09de-78c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1d:f7:27:58:f6:67:e3:09:b9:06:ff:67:e2:
c4:f8:ce:17:dc:7e:23:51:8c:28:a8:11:8e:2a:a7:
d9:5d:02:3a:e8:bf:70:3f:45:ca:d4:e6:e3:93:f0:
e5:74:88:fb:af:1b:a6:a5:d7:d3:b9:cb:66:00:2b:
83:fc:b6:d0:a0:5a:a0:10:8c:f4:78:e5:d6:64:f1:
1a:1c:f8:af:47:71:86:d0:83:d2:5b:2f:98:31:6c:
83:d4:ef:7b:b5:d3:6a:0e:4a:83:93:a7:63:43:db:
5e:11:9a:9d:ef:20:fe:e4:f5:b7:0e:ed:88:1d:c5:
82:81:3d:c8:5e:3d:ec:c5:c8:59:64:75:b4:61:24:
d7:ff:88:c5:0c:87:d9:65:47:94:a1:80:8e:71:e9:
23:34:8a:e8:f3:69:3b:cc:1e:d0:08:f3:51:e3:82:
d7:2d:76:b5:62:95:bd:78:c5:a9:37:56:29:41:db:
0f:a6:7a:37:76:33:64:18:8c:a0:b5:a1:ca:9c:bd:
fb:f8:95:75:89:fe:41:6d:d5:9e:e9:9b:08:03:24:
55:ab:0d:9a:eb:d3:de:90:8d:ef:be:c2:64:45:ca:
4d:08:b9:32:c0:07:91:dd:2d:cd:07:12:d1:f6:ee:
80:4b:3d:3a:63:b5:45:f7:23:7a:49:8f:d6:c6:a4:
cf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:35:42:D7:B2:FE:E9:EB:FE:E6:9C:36:86:64:92:54:6B:35:AE:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97CDFDFA2CDD11F0A6A166A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.134.0/23
154.193.156.0/23
Signature Algorithm: sha256WithRSAEncryption
16:81:21:fc:d5:39:57:9e:e7:f8:7c:db:b1:4c:44:2f:9b:e8:
75:ae:64:fc:cb:49:0a:19:f0:f1:7f:6f:3a:6b:b7:32:ad:a5:
a9:e3:42:c2:31:a5:1c:98:dd:a1:b7:ca:b6:e4:c2:3b:83:41:
24:f6:f9:eb:3c:e7:16:cc:53:e0:49:fe:10:ff:b9:4d:b5:0c:
24:da:4c:43:cc:02:6a:04:af:b2:67:68:c5:96:04:00:d8:2e:
11:c7:5c:a0:f3:1e:34:76:9d:29:f6:05:59:16:c0:29:bb:90:
e9:09:6d:d4:9f:48:61:e6:dc:cc:51:4a:62:a5:f5:4c:d9:0d:
ec:be:f5:05:b4:e7:6f:1e:ea:33:00:cf:fa:f3:53:57:cf:24:
65:75:4c:ed:7e:d5:74:fc:70:f2:5b:0c:b1:4f:ba:8a:57:fa:
49:56:57:f3:18:58:f5:6d:ef:33:65:df:2d:b0:93:09:e5:10:
aa:cb:0e:07:1a:cc:ee:97:f5:85:8a:b9:0e:05:53:65:16:a6:
17:84:bc:b8:85:d4:5c:70:6e:8e:97:86:d0:4c:4d:a7:93:b6:
21:a4:30:a1:f1:a8:d0:77:c9:36:4b:d7:21:8c:24:92:a1:b2:
4e:e6:39:9a:db:c5:44:45:47:2c:c1:1d:2d:00:d9:72:35:e7:
bf:ac:32:98
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX+8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MTM1NzQ1WhcNMjUwNjE1MTM1NzQ1WjAYMRYw
FAYDVQQDEw02ODFlMDlkZS03OGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwx33J1j2Z+MJuQb/Z+LE+M4X3H4jUYwoqBGOKqfZXQI66L9wP0XK1Obj
k/DldIj7rxumpdfTuctmACuD/LbQoFqgEIz0eOXWZPEaHPivR3GG0IPSWy+YMWyD
1O97tdNqDkqDk6djQ9teEZqd7yD+5PW3Du2IHcWCgT3IXj3sxchZZHW0YSTX/4jF
DIfZZUeUoYCOcekjNIro82k7zB7QCPNR44LXLXa1YpW9eMWpN1YpQdsPpno3djNk
GIygtaHKnL37+JV1if5BbdWe6ZsIAyRVqw2a69PekI3vvsJkRcpNCLkywAeR3S3N
BxLR9u6ASz06Y7VF9yN6SY/WxqTPcwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNI1
Qtey/unr/uacNoZkklRrNa7TMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85N0NERkRGQTJDREQxMUYwQTZBMTY2QTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsGGAwQBmsGcMA0GCSqG
SIb3DQEBCwUAA4IBAQAWgSH81TlXnuf4fNuxTEQvm+h1rmT8y0kKGfDxf286a7cy
raWp40LCMaUcmN2ht8q25MI7g0Ek9vnrPOcWzFPgSf4Q/7lNtQwk2kxDzAJqBK+y
Z2jFlgQA2C4Rx1yg8x40dp0p9gVZFsApu5DpCW3Un0hh5tzMUUpipfVM2Q3svvUF
tOdvHuozAM/681NXzyRldUztftV0/HDyWwyxT7qKV/pJVlfzGFj1be8zZd8tsJMJ
5RCqyw4HGszul/WFirkOBVNlFqYXhLy4hdRccG6Ol4bQTE2nk7YhpDCh8ajQd8k2
S9chjCSSobJO5jma28VERUcswR0tANlyNee/rDKY
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:09 2025 by rpki-client