Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E856E00427F411F0B30FFFCFDAE4EC9C.roa
File: E856E00427F411F0B30FFFCFDAE4EC9C.roa (raw, json)
Hash identifier: k2YhX35LDB14/XqTH+cYR61JzC+2LkIEI1BYWNW+9YM=
Subject key identifier: DF:5D:2A:0B:90:7A:FF:A3:C6:14:08:CE:2E:F4:A8:24:FF:DF:E6:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E96
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E856E00427F411F0B30FFFCFDAE4EC9C.roa
Signing time: Sat 03 May 2025 08:02:08 +0000
ROA not before: Sat 03 May 2025 08:02:03 +0000
ROA not after: Tue 10 Jun 2025 08:02:03 +0000
asID: 150698
IP address blocks: 154.197.72.0/24 maxlen: 24
154.197.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97942 (0x17e96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 3 08:02:03 2025 GMT
Not After : Jun 10 08:02:03 2025 GMT
Subject: CN=6815cd7f-2d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fb:6c:27:ea:a5:aa:b4:8f:cc:0c:da:ca:d6:
b7:b9:0c:fe:8d:46:cd:ea:68:b8:bf:d1:13:b5:fe:
7b:0b:0f:aa:81:1b:5b:bd:b8:d0:62:f6:ee:9a:06:
ab:80:73:3d:30:82:f0:ec:c1:ed:38:35:ad:83:55:
f8:e2:39:a2:0c:c0:f4:5c:16:a8:c4:01:83:2d:91:
2e:f3:00:f3:2c:d2:70:53:64:dc:e6:2e:53:33:22:
59:9c:e3:ea:9f:60:b4:d3:95:cd:b8:97:ef:a7:85:
c1:17:3c:ab:e6:1d:2f:7c:af:f3:c0:de:9f:44:a5:
d3:0a:f3:b4:94:75:34:c5:23:40:89:8c:f8:85:8d:
8d:f8:da:db:f0:66:5e:7d:e5:24:09:b0:3f:f7:95:
f7:05:31:16:fd:0a:c0:38:28:1e:da:d2:61:e3:12:
d4:da:f5:74:23:33:65:1d:40:41:98:55:f9:47:bc:
83:72:14:61:2a:a6:46:ad:4b:06:4b:9e:f7:95:c5:
30:e8:1a:ee:ec:d7:4f:ba:5c:4b:be:9d:a2:4c:f0:
56:c1:d5:3e:ff:ed:e3:4b:b0:1e:5f:22:37:02:08:
c9:5f:7a:27:25:21:b5:69:dd:f4:22:e9:71:2f:06:
30:f7:98:0d:78:f3:01:60:2a:dd:8a:b8:9e:d6:d2:
fc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5D:2A:0B:90:7A:FF:A3:C6:14:08:CE:2E:F4:A8:24:FF:DF:E6:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E856E00427F411F0B30FFFCFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.72.0/23
Signature Algorithm: sha256WithRSAEncryption
63:55:d2:99:a2:23:89:f1:a3:ea:70:5b:7f:f5:3f:3a:bf:04:
8f:44:b2:fe:30:32:51:c5:f5:7f:bb:24:fb:49:2c:fd:55:49:
ab:ac:a6:f8:59:97:a6:fd:ec:01:0d:96:6a:88:f0:5a:46:31:
6d:fc:87:6e:94:57:b0:dc:18:cd:02:06:6e:d5:e9:10:cb:e5:
78:ec:0e:9b:b5:76:73:48:e2:4e:9d:10:4d:f5:8c:f2:ff:0b:
8f:d6:98:58:01:52:07:c5:bd:6f:2a:fa:95:4f:a6:e7:34:3d:
ba:7b:53:93:e9:c0:b7:aa:3f:00:16:3d:6a:1f:a2:9b:c9:3a:
74:65:e4:37:a8:6a:ec:ae:51:94:82:8b:92:e5:d1:43:ce:2f:
9a:9f:d5:0b:a6:c7:fa:93:cd:9c:9b:2a:71:2a:42:75:df:ab:
50:17:38:e8:3d:d6:05:26:3e:ac:9b:f9:15:67:0b:ea:eb:05:
c2:b0:60:09:43:66:58:65:53:d6:9e:fb:e6:7b:98:10:b3:27:
ee:57:93:69:1b:c8:a7:ad:5b:89:ac:e5:95:9f:22:d3:8d:2f:
83:db:fb:1d:e9:dd:b1:e3:f8:10:f6:06:16:72:81:c2:40:cf:
be:5a:38:9b:65:fc:1d:33:4f:fe:62:52:5c:ef:de:3e:6f:4e:
03:ce:1d:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX6WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAzMDgwMjAzWhcNMjUwNjEwMDgwMjAzWjAYMRYw
FAYDVQQDEw02ODE1Y2Q3Zi0yZDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzftsJ+qlqrSPzAzayta3uQz+jUbN6mi4v9ETtf57Cw+qgRtbvbjQYvbu
mgargHM9MILw7MHtODWtg1X44jmiDMD0XBaoxAGDLZEu8wDzLNJwU2Tc5i5TMyJZ
nOPqn2C005XNuJfvp4XBFzyr5h0vfK/zwN6fRKXTCvO0lHU0xSNAiYz4hY2N+Nrb
8GZefeUkCbA/95X3BTEW/QrAOCge2tJh4xLU2vV0IzNlHUBBmFX5R7yDchRhKqZG
rUsGS573lcUw6Bru7NdPulxLvp2iTPBWwdU+/+3jS7AeXyI3AgjJX3onJSG1ad30
IulxLwYw95gNePMBYCrdirie1tL8HwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN9d
KguQev+jxhQIzi70qCT/3+aXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODU2RTAwNDI3RjQxMUYwQjMwRkZGQ0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsVIMA0GCSqGSIb3DQEB
CwUAA4IBAQBjVdKZoiOJ8aPqcFt/9T86vwSPRLL+MDJRxfV/uyT7SSz9VUmrrKb4
WZem/ewBDZZqiPBaRjFt/IdulFew3BjNAgZu1ekQy+V47A6btXZzSOJOnRBN9Yzy
/wuP1phYAVIHxb1vKvqVT6bnND26e1OT6cC3qj8AFj1qH6KbyTp0ZeQ3qGrsrlGU
gouS5dFDzi+an9ULpsf6k82cmypxKkJ136tQFzjoPdYFJj6sm/kVZwvq6wXCsGAJ
Q2ZYZVPWnvvme5gQsyfuV5NpG8inrVuJrOWVnyLTjS+D2/sd6d2x4/gQ9gYWcoHC
QM++WjibZfwdM0/+YlJc794+b04Dzh22
-----END CERTIFICATE-----
Generated at Sat May 10 05:09:01 2025 by rpki-client