Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C88D739028BD11F0A3211890DAE4EC9C.roa
File: C88D739028BD11F0A3211890DAE4EC9C.roa (raw, json)
Hash identifier: 4Pj9lF2qPNZliVczZxL63pUdFlEOMzbdrNH3Ph/YsCI=
Subject key identifier: 9F:A0:49:7C:7A:8C:CA:37:16:36:E2:00:95:0F:9A:09:82:6D:BE:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EBE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C88D739028BD11F0A3211890DAE4EC9C.roa
Signing time: Sun 04 May 2025 08:00:03 +0000
ROA not before: Sun 04 May 2025 07:59:58 +0000
ROA not after: Tue 10 Jun 2025 07:59:58 +0000
asID: 395886
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97982 (0x17ebe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 07:59:58 2025 GMT
Not After : Jun 10 07:59:58 2025 GMT
Subject: CN=68171e83-529f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:58:a5:ef:74:a4:48:96:fd:b4:d7:a2:84:
73:e3:de:10:de:08:24:2e:d7:43:51:d2:d3:ec:d0:
fa:af:35:ac:8d:aa:3f:f1:3f:09:8c:de:0d:f7:21:
57:77:fc:30:7b:67:61:7e:6b:7d:c2:ab:93:4e:8f:
b1:32:c5:1a:8d:14:da:0c:be:11:83:ea:19:03:f7:
cc:81:c7:40:e6:37:b6:59:73:88:25:4d:92:29:29:
90:e1:fb:c4:b6:22:4a:93:f6:e0:03:d5:a5:9b:32:
53:66:28:fe:93:cc:a2:74:ad:1d:de:f6:45:4d:de:
a2:26:0f:7d:67:e8:74:bc:07:ec:2c:37:e3:39:81:
7d:a4:9d:78:c2:9a:39:bf:2b:76:9b:f4:f9:54:b2:
51:54:76:af:90:2c:82:64:15:3e:b9:97:69:fa:4d:
61:4f:55:cb:e3:26:73:4c:b6:e5:b7:56:76:2b:ca:
c8:af:39:89:58:a9:31:20:67:48:e3:83:33:1d:4c:
31:89:43:e5:a2:a2:78:bf:b7:fb:f7:fe:06:c7:7d:
93:9c:65:d7:0c:2b:91:e7:ed:b5:47:65:64:15:f3:
dc:09:46:b5:7b:d4:48:ff:b8:53:85:ac:64:0d:ef:
be:72:1d:da:9b:cb:f3:3a:12:02:d2:33:f7:6c:d7:
92:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A0:49:7C:7A:8C:CA:37:16:36:E2:00:95:0F:9A:09:82:6D:BE:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C88D739028BD11F0A3211890DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
a7:5a:fc:8a:a0:09:06:c8:76:a9:99:51:24:7a:61:40:b2:8d:
26:b1:32:28:9e:a7:7c:9c:ac:55:3a:d5:0e:49:9a:c7:57:95:
8f:63:b3:8b:12:e6:43:1b:37:b1:ea:c2:0a:f4:91:71:8b:e9:
3c:bc:0a:a8:be:e4:18:22:18:05:f4:03:2d:06:2b:fa:32:f8:
f5:f9:65:06:96:a5:cc:42:f8:9a:ff:a1:0b:8d:ce:fe:61:43:
24:f8:88:48:27:1d:11:00:9d:07:24:9e:26:a3:a8:0b:2f:ab:
f3:b7:39:0e:6f:10:c8:fa:f4:8e:7a:fd:e1:9f:1b:94:fe:ab:
84:51:79:6b:d9:09:21:05:81:06:44:21:97:ae:48:df:33:30:
06:d9:80:4b:e3:c4:21:3a:15:81:0a:9f:2b:58:8d:d0:89:83:
34:b3:9b:3a:3d:5d:0d:6d:45:0e:26:94:2b:ad:c0:1a:e9:b4:
2f:72:ce:1e:d4:ac:10:71:b5:e1:7f:86:4e:b1:2c:2c:b7:39:
93:a8:15:36:2c:55:14:2e:b0:72:9d:3a:22:0d:ac:b6:3b:8c:
3c:b0:76:d6:df:80:4d:8f:74:be:98:93:fe:7e:5f:39:02:06:
26:90:4a:ec:f9:90:8a:5d:75:e2:3c:a5:c2:ef:d9:6e:89:f2:
c9:f2:33:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX6+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDc1OTU4WhcNMjUwNjEwMDc1OTU4WjAYMRYw
FAYDVQQDEw02ODE3MWU4My01MjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvltYpe90pEiW/bTXooRz494Q3ggkLtdDUdLT7ND6rzWsjao/8T8JjN4N
9yFXd/wwe2dhfmt9wquTTo+xMsUajRTaDL4Rg+oZA/fMgcdA5je2WXOIJU2SKSmQ
4fvEtiJKk/bgA9WlmzJTZij+k8yidK0d3vZFTd6iJg99Z+h0vAfsLDfjOYF9pJ14
wpo5vyt2m/T5VLJRVHavkCyCZBU+uZdp+k1hT1XL4yZzTLblt1Z2K8rIrzmJWKkx
IGdI44MzHUwxiUPloqJ4v7f79/4Gx32TnGXXDCuR5+21R2VkFfPcCUa1e9RI/7hT
haxkDe++ch3am8vzOhIC0jP3bNeSywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ+g
SXx6jMo3FjbiAJUPmgmCbb4UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DODhENzM5MDI4QkQxMUYwQTMyMTE4OTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQCnWvyKoAkGyHapmVEkemFAso0msTIonqd8nKxVOtUOSZrHV5WPY7OL
EuZDGzex6sIK9JFxi+k8vAqovuQYIhgF9AMtBiv6Mvj1+WUGlqXMQvia/6ELjc7+
YUMk+IhIJx0RAJ0HJJ4mo6gLL6vztzkObxDI+vSOev3hnxuU/quEUXlr2QkhBYEG
RCGXrkjfMzAG2YBL48QhOhWBCp8rWI3QiYM0s5s6PV0NbUUOJpQrrcAa6bQvcs4e
1KwQcbXhf4ZOsSwstzmTqBU2LFUULrBynToiDay2O4w8sHbW34BNj3S+mJP+fl85
AgYmkErs+ZCKXXXiPKXC79luifLJ8jM4
-----END CERTIFICATE-----
Generated at Sat May 10 19:40:55 2025 by rpki-client