Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA5EB6F42F3211F0A569C0BADAE4EC9C.roa
File: CA5EB6F42F3211F0A569C0BADAE4EC9C.roa (raw, json)
Hash identifier: aq1x6NB92xr0DTgslSZUkP6FH93nERvgS3ctSLCJrpk=
Subject key identifier: 08:D8:3C:3E:D7:8A:59:C7:87:D0:FD:45:68:8F:53:F8:52:13:07:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018019
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA5EB6F42F3211F0A569C0BADAE4EC9C.roa
Signing time: Mon 12 May 2025 13:12:44 +0000
ROA not before: Mon 12 May 2025 13:12:38 +0000
ROA not after: Wed 18 Jun 2025 13:12:38 +0000
asID: 57043
IP address blocks: 154.193.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98329 (0x18019)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 13:12:38 2025 GMT
Not After : Jun 18 13:12:38 2025 GMT
Subject: CN=6821f3cc-2a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:3b:ad:9f:6b:95:99:50:f0:b8:b3:0d:e2:a5:
3b:50:32:2f:7d:ce:9e:e2:ef:a7:d2:8a:37:15:01:
9c:be:ff:dd:71:7b:04:b6:ce:9b:e0:3b:a6:ba:36:
8e:c1:a1:27:f9:d8:8f:d1:fe:0f:e0:e0:6a:a4:33:
0a:9e:da:cd:31:6d:7e:0b:bb:52:6c:75:01:c5:e4:
26:99:5b:06:30:ca:fa:77:d2:c2:04:cf:a0:ad:15:
01:16:af:91:33:f8:22:63:6c:bb:38:55:04:24:c9:
99:64:15:19:1c:ee:b0:1c:a2:7c:68:c5:9c:2d:a5:
21:5f:4d:6d:67:c1:94:a6:49:f4:e5:41:7c:03:6f:
6a:a7:59:fb:43:54:2d:77:38:95:fc:4d:92:2e:35:
2b:a1:5c:a2:9b:8a:3a:0a:77:65:47:f9:f2:b3:c7:
d2:7c:28:c6:4b:f1:a7:3f:a0:f8:92:6f:48:c0:d6:
c4:24:06:63:76:1d:49:95:f5:45:15:17:74:c0:0d:
33:06:6c:5a:0c:94:a3:29:54:d8:49:95:d2:bc:01:
eb:c9:42:76:95:cf:24:a6:2f:78:90:be:1f:8e:84:
e7:f4:68:db:28:54:6e:17:4c:5b:4c:ff:39:40:7c:
c9:f3:5f:cd:52:08:31:18:ce:1f:46:14:46:af:2e:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:3C:3E:D7:8A:59:C7:87:D0:FD:45:68:8F:53:F8:52:13:07:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA5EB6F42F3211F0A569C0BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.130.0/24
Signature Algorithm: sha256WithRSAEncryption
27:15:c5:25:28:b8:0c:d3:a0:98:31:23:db:34:29:85:be:f0:
ea:ef:04:90:f4:87:96:01:89:37:1f:44:82:53:55:22:82:88:
13:19:d0:16:99:02:58:db:e4:8d:03:d9:a0:70:84:7d:c5:bc:
4e:bc:f5:f5:f3:c3:2a:14:16:89:81:86:52:fb:ad:aa:da:43:
01:25:3f:d7:54:af:50:04:b6:4c:2a:03:fe:1b:05:7f:13:99:
1d:45:82:12:da:e1:47:49:c3:18:3c:f4:80:c2:c5:66:23:55:
2d:7f:e4:1a:ce:b6:5b:8b:15:06:46:e5:eb:e0:20:b0:34:88:
ad:e4:c1:0e:40:f5:3b:96:5e:9d:19:a8:31:1b:75:51:7e:73:
7f:3c:68:7a:83:f7:27:21:b9:9b:99:54:ff:5d:66:d7:93:be:
f4:88:e7:ca:38:41:95:3b:2a:05:4d:db:6e:f8:26:46:d2:c5:
04:b9:7a:40:4b:01:60:62:53:f8:e3:3e:85:47:8c:b7:b8:a8:
94:c2:8f:f9:02:60:69:cd:c0:91:ab:89:22:0a:5a:f2:19:16:
d0:3c:3c:87:d2:da:37:8c:8d:1f:20:62:a8:cf:f9:a4:c3:d8:
46:5f:05:7e:2d:9a:ad:96:fb:b7:1f:45:be:3b:db:2b:87:27:
24:9a:23:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYAZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTMxMjM4WhcNMjUwNjE4MTMxMjM4WjAYMRYw
FAYDVQQDEw02ODIxZjNjYy0yYTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/Dutn2uVmVDwuLMN4qU7UDIvfc6e4u+n0oo3FQGcvv/dcXsEts6b4Dum
ujaOwaEn+diP0f4P4OBqpDMKntrNMW1+C7tSbHUBxeQmmVsGMMr6d9LCBM+grRUB
Fq+RM/giY2y7OFUEJMmZZBUZHO6wHKJ8aMWcLaUhX01tZ8GUpkn05UF8A29qp1n7
Q1QtdziV/E2SLjUroVyim4o6CndlR/nys8fSfCjGS/GnP6D4km9IwNbEJAZjdh1J
lfVFFRd0wA0zBmxaDJSjKVTYSZXSvAHryUJ2lc8kpi94kL4fjoTn9GjbKFRuF0xb
TP85QHzJ81/NUggxGM4fRhRGry7DeQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAjY
PD7XilnHh9D9RWiPU/hSEwdyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTVFQjZGNDJGMzIxMUYwQTU2OUMwQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGCMA0GCSqGSIb3DQEB
CwUAA4IBAQAnFcUlKLgM06CYMSPbNCmFvvDq7wSQ9IeWAYk3H0SCU1UigogTGdAW
mQJY2+SNA9mgcIR9xbxOvPX188MqFBaJgYZS+62q2kMBJT/XVK9QBLZMKgP+GwV/
E5kdRYIS2uFHScMYPPSAwsVmI1Utf+QazrZbixUGRuXr4CCwNIit5MEOQPU7ll6d
GagxG3VRfnN/PGh6g/cnIbmbmVT/XWbXk770iOfKOEGVOyoFTdtu+CZG0sUEuXpA
SwFgYlP44z6FR4y3uKiUwo/5AmBpzcCRq4kiClryGRbQPDyH0to3jI0fIGKoz/mk
w9hGXwV+LZqtlvu3H0W+O9srhyckmiPi
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:04 2025 by rpki-client