Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD9B8D082F4F11F084570C7BDAE4EC9C.roa
File: BD9B8D082F4F11F084570C7BDAE4EC9C.roa (raw, json)
Hash identifier: 67CuNuWHjCeYpB7BZTeFGxkdlOcSg6Bx/ckxpqVDrlg=
Subject key identifier: 26:B0:F2:0D:65:AB:83:D3:B2:19:71:1E:A8:5F:0A:E3:89:B3:1F:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018041
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD9B8D082F4F11F084570C7BDAE4EC9C.roa
Signing time: Mon 12 May 2025 16:39:58 +0000
ROA not before: Mon 12 May 2025 16:39:53 +0000
ROA not after: Tue 15 Jul 2025 16:39:53 +0000
asID: 397423
IP address blocks: 154.202.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98369 (0x18041)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 16:39:53 2025 GMT
Not After : Jul 15 16:39:53 2025 GMT
Subject: CN=6822245e-90a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6a:a2:d9:91:31:34:73:33:55:88:19:08:b6:
e7:41:e1:7e:4b:d0:9c:95:b7:c4:7f:4f:40:4b:dd:
f7:16:7e:ac:5e:2f:ea:86:d1:00:ec:91:53:3a:19:
d1:15:da:1a:57:39:ab:37:8f:40:9e:61:68:58:b3:
2a:fe:0d:5d:70:4a:58:11:01:2f:5e:42:fd:1f:15:
9b:c0:1a:52:4d:4b:35:c8:c2:d2:17:30:2b:af:1a:
36:b6:11:09:2f:62:cb:a8:66:cd:f6:e7:92:83:9a:
e0:2d:af:3b:33:d4:ae:22:a1:4b:3d:9e:ff:5a:a0:
c9:84:5f:dd:41:55:0b:ac:48:22:91:bd:98:af:8d:
a8:c5:73:a9:28:8e:91:a6:52:b4:6c:82:f4:04:02:
c5:e9:9a:27:e2:cf:c3:21:f0:b0:69:5b:b5:d4:10:
c8:c8:29:bd:89:c4:da:c9:75:05:c1:cc:6a:ba:3d:
68:bd:5e:7b:31:9b:26:fd:2e:be:cc:cb:85:e8:f3:
3c:0a:b5:1d:1f:20:22:bc:63:2c:ed:e3:1d:9e:b5:
5d:b5:80:aa:04:c5:68:a4:7d:9a:07:25:8b:f4:b9:
42:37:13:a9:19:ff:12:7b:25:92:7c:f1:a0:64:31:
94:0d:9e:4f:ce:7c:55:10:94:52:fb:0d:55:d6:bf:
62:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B0:F2:0D:65:AB:83:D3:B2:19:71:1E:A8:5F:0A:E3:89:B3:1F:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD9B8D082F4F11F084570C7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.3.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:27:29:fe:8e:e9:6c:79:10:10:c5:d9:9c:db:11:43:77:5c:
b0:78:c9:88:15:32:2f:a6:ad:c8:72:d7:48:7f:df:79:ee:ee:
f6:a6:02:77:c1:cd:fe:4c:6a:81:85:d8:a1:64:50:2b:03:16:
6b:76:23:ca:7b:e3:15:ec:35:4a:88:8b:8d:99:72:c7:4c:cb:
46:b0:cb:2e:f3:97:91:d1:ee:f5:e4:bb:84:2f:2f:93:e8:28:
77:fd:ad:e4:95:7e:a4:96:79:32:72:9f:93:c6:b2:d2:24:52:
9f:fe:04:f0:81:6e:dd:0e:1b:23:d2:8c:66:0d:be:c6:3c:d5:
76:fe:39:94:36:01:b4:e0:55:cb:35:c1:19:1b:06:68:47:93:
25:9c:23:34:87:1e:44:60:cf:05:73:a6:2f:78:48:b4:01:17:
37:f0:a0:f7:aa:80:3a:d8:1f:c3:aa:e9:b2:ad:57:e9:b5:b9:
63:13:db:32:bd:78:83:c8:5b:08:7a:db:6b:76:29:f9:31:d5:
a3:69:08:ac:ae:45:19:30:f8:d3:fe:cb:2c:fa:a6:85:ea:8d:
07:84:e4:ce:3b:9f:c8:21:42:24:39:d4:18:e6:31:91:1b:d1:
ee:c8:25:4c:a2:f8:33:ad:de:04:dd:30:56:2d:16:ce:d3:f8:
df:f7:cd:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYBBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTYzOTUzWhcNMjUwNzE1MTYzOTUzWjAYMRYw
FAYDVQQDEw02ODIyMjQ1ZS05MGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApmqi2ZExNHMzVYgZCLbnQeF+S9CclbfEf09AS933Fn6sXi/qhtEA7JFT
OhnRFdoaVzmrN49AnmFoWLMq/g1dcEpYEQEvXkL9HxWbwBpSTUs1yMLSFzArrxo2
thEJL2LLqGbN9ueSg5rgLa87M9SuIqFLPZ7/WqDJhF/dQVULrEgikb2Yr42oxXOp
KI6RplK0bIL0BALF6Zon4s/DIfCwaVu11BDIyCm9icTayXUFwcxquj1ovV57MZsm
/S6+zMuF6PM8CrUdHyAivGMs7eMdnrVdtYCqBMVopH2aByWL9LlCNxOpGf8SeyWS
fPGgZDGUDZ5PznxVEJRS+w1V1r9iYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCaw
8g1lq4PTshlxHqhfCuOJsx+wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDlCOEQwODJGNEYxMUYwODQ1NzBDN0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoDMA0GCSqGSIb3DQEB
CwUAA4IBAQDUJyn+julseRAQxdmc2xFDd1yweMmIFTIvpq3IctdIf9957u72pgJ3
wc3+TGqBhdihZFArAxZrdiPKe+MV7DVKiIuNmXLHTMtGsMsu85eR0e715LuELy+T
6Ch3/a3klX6klnkycp+TxrLSJFKf/gTwgW7dDhsj0oxmDb7GPNV2/jmUNgG04FXL
NcEZGwZoR5MlnCM0hx5EYM8Fc6YveEi0ARc38KD3qoA62B/DqumyrVfptbljE9sy
vXiDyFsIettrdin5MdWjaQisrkUZMPjT/sss+qaF6o0HhOTOO5/IIUIkOdQY5jGR
G9HuyCVMovgzrd4E3TBWLRbO0/jf982l
-----END CERTIFICATE-----
Generated at Thu May 15 23:46:58 2025 by rpki-client