Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBFCB758298811F0A23B8DDBDAE4EC9C.roa
File: DBFCB758298811F0A23B8DDBDAE4EC9C.roa (raw, json)
Hash identifier: vzRcgNGO+9iT0zhki/vcU6Gr6kJ1R2TEY06cf5JJkHE=
Subject key identifier: 47:9D:50:7B:FA:24:27:CE:12:65:44:CB:63:60:97:8A:9B:B6:8A:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EE7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBFCB758298811F0A23B8DDBDAE4EC9C.roa
Signing time: Mon 05 May 2025 08:13:43 +0000
ROA not before: Mon 05 May 2025 08:13:39 +0000
ROA not after: Wed 11 Jun 2025 08:13:39 +0000
asID: 203020
IP address blocks: 154.85.28.0/22 maxlen: 24
154.94.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98023 (0x17ee7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 5 08:13:39 2025 GMT
Not After : Jun 11 08:13:39 2025 GMT
Subject: CN=68187337-5bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:65:62:4e:28:9a:1e:2f:e2:1b:a3:e5:49:
5f:38:e7:5b:40:ca:99:6c:20:db:b8:3d:ad:a0:1b:
3c:62:91:19:7a:53:4a:ff:3e:a3:bf:a7:a4:9c:73:
48:d1:25:d8:14:d1:80:ee:9a:6a:9c:dd:17:0f:9c:
62:ff:d5:d5:cc:1b:94:60:92:41:32:72:73:47:fc:
36:93:fd:b1:59:c1:5a:6e:02:8b:8f:94:22:18:12:
d6:0f:9a:96:83:77:9c:3e:b6:c0:18:9e:f2:eb:c5:
e9:13:62:b2:62:6c:f8:9f:1e:57:1e:b0:10:ef:4e:
59:23:cb:be:3f:96:61:8c:d2:2e:a4:b6:0f:d2:de:
e1:38:c2:15:c6:0d:26:b8:75:cb:cd:2f:33:cf:0d:
df:ef:f7:e4:6d:cd:21:23:6e:85:81:ab:a7:1f:7f:
53:2d:fd:ec:6b:54:a6:4f:c1:a3:e4:bf:11:82:90:
a2:f2:86:8d:f2:54:6f:ee:11:44:68:8e:8b:71:65:
3a:48:12:34:f4:ca:da:8f:da:6a:5f:f7:8f:6a:5a:
11:76:e4:02:c3:e3:08:b7:83:62:b4:b6:fa:ce:69:
f7:07:2f:c9:4d:6a:a7:4b:11:57:4d:18:f3:fc:ad:
ad:4a:1b:e1:6a:38:c3:02:f5:27:1c:50:2b:21:0b:
92:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9D:50:7B:FA:24:27:CE:12:65:44:CB:63:60:97:8A:9B:B6:8A:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBFCB758298811F0A23B8DDBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.28.0/22
154.94.240.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:23:d9:25:ef:d2:71:36:22:32:34:bd:f3:72:2d:33:fa:62:
c1:ee:45:12:d7:ff:52:db:da:47:2e:cc:bb:e9:94:fd:73:96:
b0:92:37:84:55:a8:f2:0b:97:76:f5:05:a7:9a:9c:ed:be:ed:
7c:ae:98:64:a9:88:97:8a:c7:bb:07:d6:1d:a8:fa:d4:7f:99:
54:12:f1:84:f2:07:c2:c9:6f:c8:12:da:3f:4a:02:fa:29:ba:
11:ff:47:9d:e7:c4:92:b0:f6:ab:cf:e5:31:8f:c4:1e:c3:de:
b6:99:d0:3f:73:ed:2b:5e:26:6b:b5:c0:c8:ea:e9:b7:98:3c:
f0:65:c4:f8:a1:bd:5e:46:2e:63:fa:7d:cc:87:7c:de:32:5b:
c6:01:da:b2:4d:35:da:5d:01:8b:c9:5d:7b:bc:3d:6e:b5:2f:
a7:8d:e6:bc:69:38:67:f7:56:73:6e:0d:63:c8:67:bf:8a:de:
6f:01:72:39:63:88:4d:52:ae:1a:3c:bf:a5:90:a2:a9:ec:ca:
b6:5e:f1:87:2d:17:b9:d7:49:f7:8c:6a:96:19:ab:76:93:c9:
d2:b8:bc:4a:5a:dd:c0:dc:71:b3:36:73:d5:08:3c:5d:78:dc:
ec:26:3d:1a:32:f0:cb:19:30:5a:41:7c:c2:16:4a:d5:f3:8a:
f4:c8:bb:e4
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX7nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA1MDgxMzM5WhcNMjUwNjExMDgxMzM5WjAYMRYw
FAYDVQQDEw02ODE4NzMzNy01YmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu7NlYk4omh4v4huj5UlfOOdbQMqZbCDbuD2toBs8YpEZelNK/z6jv6ek
nHNI0SXYFNGA7ppqnN0XD5xi/9XVzBuUYJJBMnJzR/w2k/2xWcFabgKLj5QiGBLW
D5qWg3ecPrbAGJ7y68XpE2KyYmz4nx5XHrAQ705ZI8u+P5ZhjNIupLYP0t7hOMIV
xg0muHXLzS8zzw3f7/fkbc0hI26FgaunH39TLf3sa1SmT8Gj5L8RgpCi8oaN8lRv
7hFEaI6LcWU6SBI09Mraj9pqX/ePaloRduQCw+MIt4NitLb6zmn3By/JTWqnSxFX
TRjz/K2tShvhajjDAvUnHFArIQuSDQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFEed
UHv6JCfOEmVEy2Ngl4qbtoowMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQkZDQjc1ODI5ODgxMUYwQTIzQjhEREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlUcAwQEml7wMA0GCSqG
SIb3DQEBCwUAA4IBAQBfI9kl79JxNiIyNL3zci0z+mLB7kUS1/9S29pHLsy76ZT9
c5awkjeEVajyC5d29QWnmpztvu18rphkqYiXise7B9YdqPrUf5lUEvGE8gfCyW/I
Eto/SgL6KboR/0ed58SSsParz+Uxj8Qew962mdA/c+0rXiZrtcDI6um3mDzwZcT4
ob1eRi5j+n3Mh3zeMlvGAdqyTTXaXQGLyV17vD1utS+njea8aThn91Zzbg1jyGe/
it5vAXI5Y4hNUq4aPL+lkKKp7Mq2XvGHLRe510n3jGqWGat2k8nSuLxKWt3A3HGz
NnPVCDxdeNzsJj0aMvDLGTBaQXzCFkrV84r0yLvk
-----END CERTIFICATE-----
Generated at Wed May 7 06:23:55 2025 by rpki-client