Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5698DDE28C911F09D7474DCDAE4EC9C.roa
File: A5698DDE28C911F09D7474DCDAE4EC9C.roa (raw, json)
Hash identifier: yyzgawln8Mxhkv1Ohhl+Eq4GLYjysamj0q3ILZkyhbw=
Subject key identifier: AE:D5:26:BC:1C:AF:C9:3A:BD:AB:61:51:33:21:E1:20:E2:63:12:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017ECA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5698DDE28C911F09D7474DCDAE4EC9C.roa
Signing time: Sun 04 May 2025 09:24:58 +0000
ROA not before: Sun 04 May 2025 09:24:53 +0000
ROA not after: Wed 03 Jun 2026 09:24:53 +0000
asID: 984
IP address blocks: 154.196.139.0/24 maxlen: 24
154.196.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97994 (0x17eca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 09:24:53 2025 GMT
Not After : Jun 3 09:24:53 2026 GMT
Subject: CN=6817326a-da3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b9:49:e5:db:08:32:f2:89:be:d8:21:48:94:
61:10:34:03:ca:1f:03:b3:12:31:d6:c4:ae:a4:2e:
40:23:9a:3a:ef:ba:b9:ba:48:36:5a:7b:1b:22:6b:
50:1d:8b:3c:fb:5d:e7:6a:99:c1:4f:96:4a:24:13:
4f:2f:a9:19:b0:e9:70:a8:0b:82:96:28:ef:b5:0d:
b4:07:3b:c6:d7:21:09:bf:a6:44:be:b6:51:46:83:
7a:49:09:aa:83:17:11:d8:53:ad:f6:b5:f4:51:ae:
84:69:ab:14:11:dd:6d:76:51:dc:1d:4b:99:e1:01:
e1:e6:bd:ba:2e:50:a4:e3:06:a4:80:a4:37:97:1c:
a4:0a:48:12:ce:6a:94:07:21:80:35:1f:54:b4:ea:
95:bf:70:08:c2:ce:31:5c:6d:de:e1:83:95:8b:f4:
05:4b:d8:0e:a1:ff:29:2c:bc:67:e3:7a:85:33:f5:
e5:5f:30:f7:c9:50:c1:39:95:bc:84:a7:8b:b5:cf:
3f:3c:c6:ac:ec:b8:2c:cf:93:3f:41:e2:93:1b:44:
35:80:42:e9:9d:29:95:25:cf:48:3e:98:f2:4b:25:
2f:fb:34:b0:57:4f:71:f8:9a:5c:01:9d:39:d1:1e:
82:f8:d5:0e:bc:7d:d6:e4:41:44:f3:83:7d:a4:76:
72:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D5:26:BC:1C:AF:C9:3A:BD:AB:61:51:33:21:E1:20:E2:63:12:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5698DDE28C911F09D7474DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.139.0/24
154.196.162.0/24
Signature Algorithm: sha256WithRSAEncryption
42:8a:1f:22:e5:77:41:6d:25:44:16:16:6c:8a:85:b2:82:e9:
b0:6b:e3:84:ea:57:d1:72:9f:c2:f7:65:85:7a:38:3c:a3:47:
c5:f8:57:e8:8b:20:60:70:99:47:02:ef:0b:dc:64:47:5e:b4:
b9:08:4c:b0:77:d5:33:d0:e2:d2:60:79:f7:c5:f0:ab:c2:fb:
af:bf:5e:4f:ce:d5:2d:eb:6f:06:46:90:57:e8:57:b7:05:ab:
1f:bc:a1:96:56:35:f6:f5:35:32:6a:cb:08:0d:60:ae:28:90:
12:64:5a:49:2e:a7:81:29:15:11:cd:a7:05:4c:d0:72:8d:3b:
a8:fe:c0:50:ff:e0:64:ac:b7:6a:4c:0a:f1:d9:0e:0c:11:74:
10:29:a0:a7:7f:8f:ec:c6:a0:f2:19:fa:b7:18:01:2b:82:54:
a4:58:92:0a:11:a8:7d:d0:1b:6d:28:8b:ab:cb:5a:86:ff:a7:
a6:9e:b2:7a:27:8e:a4:22:ae:27:ea:45:6e:3c:f0:10:23:d2:
14:16:9b:27:05:d3:97:62:e2:ad:51:95:fa:5b:46:2a:da:bd:
c8:f7:57:3a:de:d8:23:54:06:ff:f6:2f:fc:d5:09:78:89:e1:
9b:65:45:94:34:97:cf:b7:f1:d4:01:38:8c:53:70:09:96:87:
e1:d9:ac:de
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX7KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDkyNDUzWhcNMjYwNjAzMDkyNDUzWjAYMRYw
FAYDVQQDEw02ODE3MzI2YS1kYTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArrlJ5dsIMvKJvtghSJRhEDQDyh8DsxIx1sSupC5AI5o677q5ukg2Wnsb
ImtQHYs8+13napnBT5ZKJBNPL6kZsOlwqAuClijvtQ20BzvG1yEJv6ZEvrZRRoN6
SQmqgxcR2FOt9rX0Ua6EaasUEd1tdlHcHUuZ4QHh5r26LlCk4wakgKQ3lxykCkgS
zmqUByGANR9UtOqVv3AIws4xXG3e4YOVi/QFS9gOof8pLLxn43qFM/XlXzD3yVDB
OZW8hKeLtc8/PMas7Lgsz5M/QeKTG0Q1gELpnSmVJc9IPpjySyUv+zSwV09x+Jpc
AZ050R6C+NUOvH3W5EFE84N9pHZy4wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFK7V
Jrwcr8k6vathUTMh4SDiYxIiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNTY5OERERTI4QzkxMUYwOUQ3NDc0RENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsSLAwQAmsSiMA0GCSqG
SIb3DQEBCwUAA4IBAQBCih8i5XdBbSVEFhZsioWygumwa+OE6lfRcp/C92WFejg8
o0fF+FfoiyBgcJlHAu8L3GRHXrS5CEywd9Uz0OLSYHn3xfCrwvuvv15PztUt628G
RpBX6Fe3BasfvKGWVjX29TUyassIDWCuKJASZFpJLqeBKRURzacFTNByjTuo/sBQ
/+BkrLdqTArx2Q4MEXQQKaCnf4/sxqDyGfq3GAErglSkWJIKEah90BttKIury1qG
/6emnrJ6J46kIq4n6kVuPPAQI9IUFpsnBdOXYuKtUZX6W0Yq2r3I91c63tgjVAb/
9i/81Ql4ieGbZUWUNJfPt/HUATiMU3AJlofh2aze
-----END CERTIFICATE-----
Generated at Sun May 11 04:17:45 2025 by rpki-client