Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CACEDEF62CC211F082636AEFDAE4EC9C.roa
File: CACEDEF62CC211F082636AEFDAE4EC9C.roa (raw, json)
Hash identifier: Cg92XUseH+S5pvviJTG/e5qsGX3ARueal32U0iZVmq8=
Subject key identifier: 50:E7:17:D8:EA:1F:60:04:4E:ED:14:1E:21:E2:F5:28:E0:28:CE:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FB0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CACEDEF62CC211F082636AEFDAE4EC9C.roa
Signing time: Fri 09 May 2025 10:45:59 +0000
ROA not before: Fri 09 May 2025 10:45:54 +0000
ROA not after: Sat 15 Nov 2025 10:45:54 +0000
asID: 139871
IP address blocks: 154.197.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98224 (0x17fb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 10:45:54 2025 GMT
Not After : Nov 15 10:45:54 2025 GMT
Subject: CN=681ddce7-dafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b2:66:e2:fd:5d:6b:8b:af:fb:d3:32:fd:f6:
97:ca:8f:2c:8f:2d:cb:76:84:80:c2:f8:71:e0:5c:
e6:a5:b3:a3:4a:74:eb:ff:75:e6:77:b3:63:de:28:
83:e6:bd:69:ab:6b:29:f4:cd:0f:80:50:fd:ef:c4:
5e:e2:a3:09:ca:2a:92:0a:8b:8f:c6:2d:19:6b:06:
8a:2c:c5:6d:c0:ff:ea:0c:5f:4f:74:64:6b:60:fc:
9f:01:b0:ce:ca:48:3f:21:38:1e:23:c1:f7:db:6d:
4d:20:9c:a6:b2:ed:b0:8f:e4:e3:68:f4:a1:9a:82:
ec:54:e5:eb:02:cd:ee:fc:b2:ef:f1:a5:e2:18:ff:
55:9a:9e:eb:e7:4a:1c:bb:ea:65:05:34:8a:3b:15:
ea:a5:cd:ff:ff:d4:b7:78:60:8f:04:20:9f:a6:6e:
18:6b:36:89:41:37:03:50:f4:ed:2f:d6:f4:fc:63:
9a:a1:01:d8:fd:85:e6:ae:ea:7a:0a:03:50:4f:64:
47:05:de:29:f6:a1:37:f0:fe:b3:61:28:89:64:10:
44:37:d0:73:78:e1:28:d3:fb:5c:c8:31:5d:93:95:
62:4f:ec:90:4c:75:80:50:5f:42:f2:74:28:72:5c:
7d:0b:32:5b:77:77:00:71:1a:77:55:76:2d:96:b0:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E7:17:D8:EA:1F:60:04:4E:ED:14:1E:21:E2:F5:28:E0:28:CE:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CACEDEF62CC211F082636AEFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.109.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:9a:26:a6:af:1f:55:21:7c:ba:f2:cd:b3:f8:2c:12:ba:8a:
2d:df:57:30:92:8c:ff:28:54:03:a0:23:a2:5b:c1:69:fd:5f:
64:f0:f0:2e:55:70:f0:cf:3c:85:e9:86:a5:47:d9:64:80:c9:
1e:29:b0:1b:21:88:f7:d9:56:e5:91:4c:f1:da:1f:94:9c:7a:
47:50:cd:c7:ea:2d:42:b5:a2:da:02:fa:06:dc:57:cd:19:4a:
77:df:74:00:50:13:c3:3d:2d:c0:44:7c:3d:1c:4d:a1:96:d6:
48:b5:6f:e7:41:5a:aa:a9:59:5e:8e:b0:12:6d:a2:d2:d5:b6:
a2:88:d6:e4:e6:57:7e:77:a5:f4:b4:19:7b:9e:ef:53:99:ad:
a6:f5:45:b2:a7:0f:9c:f7:2a:42:81:99:6f:b3:6f:46:ac:b0:
24:2f:a0:f7:25:54:fe:e0:93:f3:6d:b6:ee:40:75:b2:32:e8:
39:be:16:88:dc:1b:0d:05:bb:6c:a3:5c:84:ef:05:3a:1a:5e:
56:6e:4d:ad:c4:00:16:e0:00:c1:a5:03:e3:71:af:d8:36:4d:
fd:4f:68:b1:e6:57:eb:c9:ba:25:88:a2:b2:8e:de:7f:ea:2b:
0b:42:89:8e:c9:13:86:7e:38:d7:ea:4c:e9:8c:77:56:75:dc:
6e:50:1c:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX+wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MTA0NTU0WhcNMjUxMTE1MTA0NTU0WjAYMRYw
FAYDVQQDEw02ODFkZGNlNy1kYWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnLJm4v1da4uv+9My/faXyo8sjy3LdoSAwvhx4FzmpbOjSnTr/3Xmd7Nj
3iiD5r1pq2sp9M0PgFD978Re4qMJyiqSCouPxi0ZawaKLMVtwP/qDF9PdGRrYPyf
AbDOykg/ITgeI8H3221NIJymsu2wj+TjaPShmoLsVOXrAs3u/LLv8aXiGP9Vmp7r
50ocu+plBTSKOxXqpc3//9S3eGCPBCCfpm4YazaJQTcDUPTtL9b0/GOaoQHY/YXm
rup6CgNQT2RHBd4p9qE38P6zYSiJZBBEN9BzeOEo0/tcyDFdk5ViT+yQTHWAUF9C
8nQoclx9CzJbd3cAcRp3VXYtlrCAywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFDn
F9jqH2AETu0UHiHi9SjgKM73MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQUNFREVGNjJDQzIxMUYwODI2MzZBRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVtMA0GCSqGSIb3DQEB
CwUAA4IBAQBLmiamrx9VIXy68s2z+CwSuoot31cwkoz/KFQDoCOiW8Fp/V9k8PAu
VXDwzzyF6YalR9lkgMkeKbAbIYj32VblkUzx2h+UnHpHUM3H6i1CtaLaAvoG3FfN
GUp333QAUBPDPS3ARHw9HE2hltZItW/nQVqqqVlejrASbaLS1baiiNbk5ld+d6X0
tBl7nu9Tma2m9UWypw+c9ypCgZlvs29GrLAkL6D3JVT+4JPzbbbuQHWyMug5vhaI
3BsNBbtso1yE7wU6Gl5Wbk2txAAW4ADBpQPjca/YNk39T2ix5lfryboliKKyjt5/
6isLQomOyROGfjjX6kzpjHdWddxuUBwU
-----END CERTIFICATE-----
Generated at Thu May 15 23:43:44 2025 by rpki-client