Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A02387BA2F2911F0A0AFDE7FDAE4EC9C.roa
File: A02387BA2F2911F0A0AFDE7FDAE4EC9C.roa (raw, json)
Hash identifier: KaU6LIDnsl1cpCrKOfnTbBGea1zJkpnb3g4nGvAQB1c=
Subject key identifier: 5A:6E:7C:21:D0:47:92:31:84:E2:15:CC:6C:6A:86:90:6C:F8:6A:5B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018003
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A02387BA2F2911F0A0AFDE7FDAE4EC9C.roa
Signing time: Mon 12 May 2025 12:07:08 +0000
ROA not before: Mon 12 May 2025 12:07:01 +0000
ROA not after: Sun 17 May 2026 12:07:01 +0000
asID: 18229
IP address blocks: 154.201.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98307 (0x18003)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 12:07:01 2025 GMT
Not After : May 17 12:07:01 2026 GMT
Subject: CN=6821e46c-636a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:65:3c:db:3b:8b:0b:30:4b:cd:07:cb:22:0f:
b5:c0:02:9b:f6:c1:31:9d:af:f1:e4:88:8d:9a:d0:
06:25:29:91:1e:53:01:9c:0e:56:2a:1f:b3:4b:8b:
ba:70:36:2c:aa:25:94:4f:85:28:97:36:12:d5:ad:
f4:fa:92:af:26:69:fc:25:86:aa:be:30:6f:d7:9f:
96:2c:ca:ad:56:b6:b0:c9:ea:ce:8d:f8:43:69:ac:
be:8a:1b:76:76:f1:de:ef:b7:64:b1:5a:85:c2:ea:
3d:ad:47:0f:ab:ee:a9:6f:c7:f3:06:ae:91:37:5e:
ed:d4:51:bb:a5:b3:a2:a1:38:13:c3:34:c8:b6:11:
13:68:b7:40:9c:e3:61:2d:b5:f6:63:87:f2:57:de:
90:11:de:d9:b4:f1:0d:0e:9d:3f:dc:88:74:42:74:
75:2a:f4:e4:f1:92:dc:48:b9:7c:8c:dd:ea:ca:18:
ae:9c:30:50:80:71:3a:ee:4c:5b:69:2d:e9:89:68:
f6:3d:3e:7f:5a:46:ab:75:da:db:5d:65:46:72:e1:
0d:92:64:6c:53:dc:5e:18:f5:01:4b:2c:18:2f:62:
09:06:fc:7e:ce:73:44:18:20:9d:8e:31:58:f6:08:
29:3d:68:3a:b7:68:81:24:58:29:5b:36:83:08:56:
79:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6E:7C:21:D0:47:92:31:84:E2:15:CC:6C:6A:86:90:6C:F8:6A:5B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A02387BA2F2911F0A0AFDE7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.126.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:fa:19:35:de:c1:1a:d8:a7:5a:e5:8d:5f:72:89:d5:de:f3:
c7:ca:2c:bd:b6:51:e3:51:8f:87:e9:e0:a8:c3:76:58:15:15:
b3:67:e0:0a:47:b5:6d:db:9f:d0:a4:24:03:28:63:83:28:b5:
b3:c0:97:70:7e:6e:bb:b8:5a:70:41:75:9e:a0:b1:3c:06:28:
ff:dc:01:ce:f7:76:bf:e7:0c:0a:eb:28:b3:de:0c:e9:4d:8b:
99:32:6d:7e:cc:7d:73:87:3b:b1:74:7c:f9:3a:be:b5:d3:dc:
1f:d1:de:4b:4d:f1:54:72:59:bb:0c:66:a1:d5:b7:a6:95:22:
98:ab:3b:df:96:6c:ea:ea:46:8e:ce:92:5d:9d:85:8c:54:ba:
ae:30:45:f3:99:c3:01:ec:cc:99:87:b4:37:30:8d:1a:9a:a1:
0f:7a:a6:40:a4:9d:eb:01:7f:ee:98:8d:ae:41:f1:1c:ee:9c:
9a:80:0c:b6:bd:41:a5:3b:00:8a:68:5f:13:1a:c3:5d:27:54:
9e:f4:57:b8:c2:a1:74:46:11:7a:96:3c:d3:82:a5:ed:eb:01:
43:0b:43:38:79:f9:31:92:cf:85:fb:85:93:fc:45:ce:1b:6d:
84:f5:dd:e3:a3:85:42:9f:45:4f:2d:84:c1:0b:8d:22:f6:14:
68:c7:6e:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYADMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTIwNzAxWhcNMjYwNTE3MTIwNzAxWjAYMRYw
FAYDVQQDEw02ODIxZTQ2Yy02MzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1GU82zuLCzBLzQfLIg+1wAKb9sExna/x5IiNmtAGJSmRHlMBnA5WKh+z
S4u6cDYsqiWUT4UolzYS1a30+pKvJmn8JYaqvjBv15+WLMqtVrawyerOjfhDaay+
iht2dvHe77dksVqFwuo9rUcPq+6pb8fzBq6RN17t1FG7pbOioTgTwzTIthETaLdA
nONhLbX2Y4fyV96QEd7ZtPENDp0/3Ih0QnR1KvTk8ZLcSLl8jN3qyhiunDBQgHE6
7kxbaS3piWj2PT5/WkarddrbXWVGcuENkmRsU9xeGPUBSywYL2IJBvx+znNEGCCd
jjFY9ggpPWg6t2iBJFgpWzaDCFZ58QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFpu
fCHQR5IxhOIVzGxqhpBs+GpbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMDIzODdCQTJGMjkxMUYwQTBBRkRFN0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsl+MA0GCSqGSIb3DQEB
CwUAA4IBAQBP+hk13sEa2Kda5Y1fconV3vPHyiy9tlHjUY+H6eCow3ZYFRWzZ+AK
R7Vt25/QpCQDKGODKLWzwJdwfm67uFpwQXWeoLE8Bij/3AHO93a/5wwK6yiz3gzp
TYuZMm1+zH1zhzuxdHz5Or6109wf0d5LTfFUclm7DGah1bemlSKYqzvflmzq6kaO
zpJdnYWMVLquMEXzmcMB7MyZh7Q3MI0amqEPeqZApJ3rAX/umI2uQfEc7pyagAy2
vUGlOwCKaF8TGsNdJ1Se9Fe4wqF0RhF6ljzTgqXt6wFDC0M4efkxks+F+4WT/EXO
G22E9d3jo4VCn0VPLYTBC40i9hRox27d
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:07 2025 by rpki-client