Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8236E52267A11F098359BE9DAE4EC9C.roa
File: E8236E52267A11F098359BE9DAE4EC9C.roa (raw, json)
Hash identifier: iuM/913tgFvIwO7X+x1ZdUOecY+5TNHe7UY26XwKjGM=
Subject key identifier: 19:53:F3:C8:BA:1E:7B:68:1E:F9:C5:DF:01:FC:68:74:8C:EE:3A:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DE4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8236E52267A11F098359BE9DAE4EC9C.roa
Signing time: Thu 01 May 2025 10:56:18 +0000
ROA not before: Thu 01 May 2025 10:56:12 +0000
ROA not after: Sat 25 Apr 2026 10:56:12 +0000
asID: 328608
IP address blocks: 154.197.123.0/24 maxlen: 24
154.199.50.0/24 maxlen: 24
154.199.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97764 (0x17de4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 10:56:12 2025 GMT
Not After : Apr 25 10:56:12 2026 GMT
Subject: CN=68135351-115e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ba:96:91:c2:6f:39:87:77:a2:13:3c:d7:88:
cc:c4:bb:2d:a8:22:e9:35:35:8f:63:5d:e7:90:60:
0a:cd:d9:77:60:5c:ca:bc:07:8e:33:a1:29:73:cc:
61:11:25:98:99:d1:08:e1:1e:c3:02:f9:54:84:c0:
d0:f5:8f:78:5b:18:3b:fd:b5:af:0f:7e:df:5c:e6:
e8:a7:25:31:26:25:71:a7:96:bf:16:c6:26:3f:5a:
f8:57:c1:85:c0:f4:41:ce:a8:10:53:c3:74:6a:2a:
7a:0c:49:60:b7:c7:9b:ff:de:12:21:1e:eb:ef:75:
ee:86:66:2d:68:7c:6d:13:6c:a9:47:82:a5:1b:5b:
ce:cf:4a:20:78:0b:12:87:85:c0:9e:74:13:b7:cf:
16:b8:d9:0e:af:53:0a:e5:67:1a:8e:5c:3a:5f:32:
83:da:46:d7:b8:9d:9f:2f:8c:1b:b9:37:1b:55:df:
52:64:b3:01:10:43:f1:e5:44:59:b3:e1:3d:59:d4:
21:65:3a:83:da:4f:ab:f5:a8:e6:34:09:1f:43:8d:
a7:52:6c:d2:09:7c:9f:ec:c5:41:a0:e1:e1:9f:19:
13:56:e0:b5:b1:0c:01:46:0d:c0:00:23:b9:b8:a1:
01:01:f6:2e:47:68:ae:f2:78:b5:8a:b6:a2:c5:f1:
aa:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:53:F3:C8:BA:1E:7B:68:1E:F9:C5:DF:01:FC:68:74:8C:EE:3A:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8236E52267A11F098359BE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.123.0/24
154.199.50.0/24
154.199.55.0/24
Signature Algorithm: sha256WithRSAEncryption
63:13:aa:74:b5:96:17:8b:b9:1e:bb:78:55:d6:a6:fe:59:bd:
1a:79:31:b9:73:5f:38:36:34:6f:aa:0d:77:cd:97:05:7f:b7:
91:9b:73:2d:ea:97:40:61:25:60:fb:fe:8e:c6:19:4a:b3:1c:
79:ac:55:cb:3d:0e:ec:3b:72:12:23:bd:b5:a2:6c:ba:3d:b8:
85:60:d9:52:27:5c:3e:ce:57:d9:4a:28:c5:3b:4f:9b:0e:16:
ef:dd:df:dc:55:eb:85:b7:8a:ee:50:37:35:34:d7:93:eb:70:
b1:9d:7e:88:6c:44:92:16:9b:cc:d4:ee:df:5a:1b:e8:9c:7b:
45:ee:dd:e6:3f:83:d9:4a:a1:c4:69:f0:07:0c:12:13:9f:48:
e3:82:24:a1:52:42:0b:09:38:5a:66:a1:95:55:d7:c2:21:0e:
f9:c7:24:9b:41:b8:5c:64:8e:5d:2b:3d:23:98:54:ae:c1:df:
4b:ac:62:24:32:dc:da:d6:9d:59:6d:8e:0e:bb:c1:85:8b:37:
1d:f8:7f:d9:31:3e:65:13:58:83:de:ef:b0:22:3f:09:88:07:
ba:86:ce:5b:9d:bc:33:89:78:b9:17:e0:1e:ac:d4:7b:82:a9:
7e:4e:18:d1:59:d5:52:f6:66:ea:0c:11:33:b0:82:97:11:0d:
eb:e5:3c:70
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAX3kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTA1NjEyWhcNMjYwNDI1MTA1NjEyWjAYMRYw
FAYDVQQDEw02ODEzNTM1MS0xMTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxLqWkcJvOYd3ohM814jMxLstqCLpNTWPY13nkGAKzdl3YFzKvAeOM6Ep
c8xhESWYmdEI4R7DAvlUhMDQ9Y94Wxg7/bWvD37fXObopyUxJiVxp5a/FsYmP1r4
V8GFwPRBzqgQU8N0aip6DElgt8eb/94SIR7r73XuhmYtaHxtE2ypR4KlG1vOz0og
eAsSh4XAnnQTt88WuNkOr1MK5Wcajlw6XzKD2kbXuJ2fL4wbuTcbVd9SZLMBEEPx
5URZs+E9WdQhZTqD2k+r9ajmNAkfQ42nUmzSCXyf7MVBoOHhnxkTVuC1sQwBRg3A
ACO5uKEBAfYuR2iu8ni1iraixfGqOQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFBlT
88i6HntoHvnF3wH8aHSM7jp7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODIzNkU1MjI2N0ExMUYwOTgzNTlCRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmsV7AwQAmscyAwQAmsc3
MA0GCSqGSIb3DQEBCwUAA4IBAQBjE6p0tZYXi7keu3hV1qb+Wb0aeTG5c184NjRv
qg13zZcFf7eRm3Mt6pdAYSVg+/6OxhlKsxx5rFXLPQ7sO3ISI721omy6PbiFYNlS
J1w+zlfZSijFO0+bDhbv3d/cVeuFt4ruUDc1NNeT63CxnX6IbESSFpvM1O7fWhvo
nHtF7t3mP4PZSqHEafAHDBITn0jjgiShUkILCThaZqGVVdfCIQ75xySbQbhcZI5d
Kz0jmFSuwd9LrGIkMtza1p1ZbY4Ou8GFizcd+H/ZMT5lE1iD3u+wIj8JiAe6hs5b
nbwziXi5F+AerNR7gql+ThjRWdVS9mbqDBEzsIKXEQ3r5Txw
-----END CERTIFICATE-----
Generated at Thu May 15 23:48:01 2025 by rpki-client