Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5DE19522F3411F08F2F81C6DAE4EC9C.roa
File: B5DE19522F3411F08F2F81C6DAE4EC9C.roa (raw, json)
Hash identifier: pmU8Ss9/KjszC7N82tihFD4+eGS7rAn0T1opgQhnMdQ=
Subject key identifier: 9C:40:86:A5:BF:4D:DF:37:DF:49:C6:58:54:19:6C:B1:9F:FD:E2:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01801D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5DE19522F3411F08F2F81C6DAE4EC9C.roa
Signing time: Mon 12 May 2025 13:26:29 +0000
ROA not before: Mon 12 May 2025 13:26:24 +0000
ROA not after: Thu 22 May 2025 13:26:24 +0000
asID: 141883
IP address blocks: 154.91.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98333 (0x1801d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 13:26:24 2025 GMT
Not After : May 22 13:26:24 2025 GMT
Subject: CN=6821f705-1c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:af:72:8b:6c:03:ab:6a:53:64:27:cd:8c:24:
ca:50:88:b4:87:45:b9:30:7f:86:33:0b:8c:3a:b5:
08:b7:81:9f:6c:3c:7e:39:98:06:fa:53:92:ce:29:
60:d7:73:c0:47:fc:16:82:6c:6d:d7:3c:68:02:f2:
22:ad:a6:cc:6c:a4:c6:74:97:e7:6f:3a:bd:2f:0f:
7b:dd:e2:fc:c6:68:17:7b:d2:9c:77:c8:fe:38:73:
d1:a8:65:9c:15:be:d5:99:1a:9d:6a:b1:fb:d4:b8:
29:9f:b1:8d:8c:03:c4:e4:15:ca:cd:7f:93:cc:66:
08:8a:9f:f0:a2:2a:80:24:25:9f:86:f2:61:95:a7:
46:34:21:d2:08:86:a6:95:47:ea:cc:7c:a7:87:45:
7c:a3:42:96:f9:15:7a:69:85:3a:2b:92:fe:46:d5:
3f:1a:e5:60:10:4b:18:30:44:4e:16:48:db:b0:86:
d5:b5:29:a0:26:57:cc:f1:33:c9:66:00:2e:01:c1:
94:9f:7b:6d:a2:ea:f4:85:1c:5c:86:7f:8a:80:7c:
49:a5:d6:38:f0:5e:fd:0c:fa:fb:b9:27:57:54:c8:
93:2e:ca:3a:aa:b8:27:4a:3a:f5:08:51:cb:e8:42:
d4:1b:35:b1:ad:f2:d4:92:7e:3a:5f:b5:08:b4:67:
d3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:40:86:A5:BF:4D:DF:37:DF:49:C6:58:54:19:6C:B1:9F:FD:E2:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5DE19522F3411F08F2F81C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:83:fd:3b:da:03:cd:8d:54:e0:a4:54:30:6b:c8:df:c2:17:
cb:6a:81:e8:61:5d:22:89:c9:bc:13:4f:dc:bf:78:1d:c6:84:
40:3e:0e:2f:fc:41:d4:5b:ba:2f:ab:36:38:6c:b1:b3:fd:8c:
99:02:a2:70:43:95:8e:e4:c4:98:b7:2e:d8:b0:ae:53:47:f6:
82:3b:0b:23:f6:7f:23:5d:91:c4:6e:80:f5:7c:de:74:45:71:
43:ac:1a:14:2c:6d:cd:3a:e4:d1:bb:eb:6f:77:a9:99:d3:18:
1e:01:a4:e1:ae:85:b2:e3:84:79:c6:d3:41:58:d9:78:73:51:
26:d2:25:3e:7b:2e:95:22:f8:1d:83:e2:13:45:e7:b6:7d:43:
65:0b:b9:66:39:38:a0:33:f5:bc:c2:7c:86:09:19:a3:e3:35:
4d:2e:73:68:7b:f0:7b:ea:01:e5:0f:76:60:76:5d:4c:a2:05:
f6:33:09:91:6e:73:7c:b5:e8:c3:47:47:68:9a:11:56:dd:93:
b1:41:6d:e0:2d:77:33:11:d8:46:33:f8:4f:74:45:8b:f5:9b:
55:cd:cf:5b:82:49:04:18:2b:e3:7e:9c:43:34:cd:2a:88:ad:
b0:47:cb:0f:ac:21:30:09:a9:9c:00:f2:7e:e7:28:0b:09:d6:
bd:7b:46:b9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYAdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTMyNjI0WhcNMjUwNTIyMTMyNjI0WjAYMRYw
FAYDVQQDEw02ODIxZjcwNS0xYzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA769yi2wDq2pTZCfNjCTKUIi0h0W5MH+GMwuMOrUIt4GfbDx+OZgG+lOS
zilg13PAR/wWgmxt1zxoAvIirabMbKTGdJfnbzq9Lw973eL8xmgXe9Kcd8j+OHPR
qGWcFb7VmRqdarH71Lgpn7GNjAPE5BXKzX+TzGYIip/woiqAJCWfhvJhladGNCHS
CIamlUfqzHynh0V8o0KW+RV6aYU6K5L+RtU/GuVgEEsYMEROFkjbsIbVtSmgJlfM
8TPJZgAuAcGUn3ttour0hRxchn+KgHxJpdY48F79DPr7uSdXVMiTLso6qrgnSjr1
CFHL6ELUGzWxrfLUkn46X7UItGfTKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJxA
hqW/Td8330nGWFQZbLGf/eLuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNURFMTk1MjJGMzQxMUYwOEYyRjgxQzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlvgMA0GCSqGSIb3DQEB
CwUAA4IBAQBLg/072gPNjVTgpFQwa8jfwhfLaoHoYV0iicm8E0/cv3gdxoRAPg4v
/EHUW7ovqzY4bLGz/YyZAqJwQ5WO5MSYty7YsK5TR/aCOwsj9n8jXZHEboD1fN50
RXFDrBoULG3NOuTRu+tvd6mZ0xgeAaThroWy44R5xtNBWNl4c1Em0iU+ey6VIvgd
g+ITRee2fUNlC7lmOTigM/W8wnyGCRmj4zVNLnNoe/B76gHlD3Zgdl1MogX2MwmR
bnN8tejDR0domhFW3ZOxQW3gLXczEdhGM/hPdEWL9ZtVzc9bgkkEGCvjfpxDNM0q
iK2wR8sPrCEwCamcAPJ+5ygLCda9e0a5
-----END CERTIFICATE-----
Generated at Tue May 13 06:38:31 2025 by rpki-client