Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5313288272D11F095A7389BDAE4EC9C.roa
File: F5313288272D11F095A7389BDAE4EC9C.roa (raw, json)
Hash identifier: BxUdmYWWop/mu4OF2W1GNp8TvyfeQ+xlS9Ya2c3pKLQ=
Subject key identifier: 3E:CA:36:47:6B:9A:D0:16:4F:A8:B4:FE:00:78:75:59:10:65:BE:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E44
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5313288272D11F095A7389BDAE4EC9C.roa
Signing time: Fri 02 May 2025 08:17:59 +0000
ROA not before: Fri 02 May 2025 08:17:54 +0000
ROA not after: Sun 08 Jun 2025 08:17:54 +0000
asID: 200373
IP address blocks: 154.214.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97860 (0x17e44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 08:17:54 2025 GMT
Not After : Jun 8 08:17:54 2025 GMT
Subject: CN=68147fb7-3e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:47:26:46:07:e9:c0:c0:7b:d2:4f:b8:cd:81:
57:23:79:68:e9:4d:b2:c0:9d:fd:1b:9f:60:9d:18:
f0:9f:35:dd:cf:15:12:33:41:35:1d:fd:a9:14:6a:
e3:b9:a0:43:43:bb:9a:cb:06:dc:ca:9b:8e:54:ea:
56:1b:2f:f6:7b:d2:7e:77:46:7c:df:c6:1a:09:12:
d4:f0:24:3a:f3:f5:e1:43:f0:59:44:1a:bf:54:84:
6b:04:f8:80:7f:65:bd:24:6a:fd:cb:42:8b:a0:06:
5d:18:df:23:94:1e:d3:4a:e6:5e:f6:0b:c9:9d:c3:
e1:ab:74:13:b1:6d:f5:7c:4e:42:3f:d5:26:2c:46:
ea:a6:66:30:ea:7c:71:df:7a:43:04:47:19:0b:49:
c1:13:98:ab:e3:78:34:c0:17:23:fa:b8:6f:1c:33:
69:14:26:27:5e:2d:16:73:cb:dc:17:c6:fd:01:15:
44:f4:37:a2:1b:a6:76:75:30:47:ae:25:7a:e5:59:
c6:61:55:84:63:a1:80:50:8a:5e:37:e9:d9:b5:4c:
c8:95:32:3b:e9:6c:fb:c1:19:06:ec:2e:e6:dc:20:
e5:a9:4e:91:68:ad:f1:e6:09:59:23:ac:6b:86:38:
36:8c:f5:f9:57:c6:0f:d3:84:0d:da:df:90:4a:e0:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CA:36:47:6B:9A:D0:16:4F:A8:B4:FE:00:78:75:59:10:65:BE:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5313288272D11F095A7389BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.1.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0e:6d:28:be:52:a0:c1:6d:26:43:ba:4d:0b:0f:b1:81:f3:
2d:9f:fc:79:f1:03:31:67:35:23:7d:67:46:f9:dc:51:3d:b3:
37:a4:69:c5:c4:ce:aa:ca:a5:56:ca:72:21:2c:1f:a1:d4:c3:
ad:2f:71:f0:04:78:70:ed:4b:64:d0:d3:24:c7:b5:43:9e:51:
38:03:91:e6:74:e3:a0:61:fe:17:59:d0:8a:ba:a1:87:1e:02:
3c:68:d8:64:ec:5b:36:bd:fb:70:09:dc:f6:2a:c2:47:ef:18:
a5:8f:bd:94:22:4e:67:70:e2:9c:02:a3:2e:48:cc:bd:86:e2:
47:e3:45:18:9e:9c:7c:37:a9:e0:00:d9:d7:a2:3d:b0:3f:7f:
42:f4:68:1b:30:e4:7a:84:05:2e:fa:35:da:5d:c1:81:93:d8:
a6:61:35:38:44:c5:25:f8:08:a4:60:57:55:e1:ee:a4:8b:a4:
f3:b3:76:7f:f9:f1:5c:86:42:a1:ee:d2:70:ea:6a:43:93:b7:
01:ee:35:c1:db:e3:09:fb:af:62:59:85:78:c9:e0:c7:e5:3e:
12:f3:0a:b0:54:49:1f:79:75:76:c1:12:be:53:e9:d7:20:ca:
73:a6:a2:80:e4:f4:e2:0c:63:65:95:ed:a5:e8:a0:9e:90:8f:
30:ee:bb:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX5EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAyMDgxNzU0WhcNMjUwNjA4MDgxNzU0WjAYMRYw
FAYDVQQDEw02ODE0N2ZiNy0zZTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3kcmRgfpwMB70k+4zYFXI3lo6U2ywJ39G59gnRjwnzXdzxUSM0E1Hf2p
FGrjuaBDQ7uaywbcypuOVOpWGy/2e9J+d0Z838YaCRLU8CQ68/XhQ/BZRBq/VIRr
BPiAf2W9JGr9y0KLoAZdGN8jlB7TSuZe9gvJncPhq3QTsW31fE5CP9UmLEbqpmYw
6nxx33pDBEcZC0nBE5ir43g0wBcj+rhvHDNpFCYnXi0Wc8vcF8b9ARVE9DeiG6Z2
dTBHriV65VnGYVWEY6GAUIpeN+nZtUzIlTI76Wz7wRkG7C7m3CDlqU6RaK3x5glZ
I6xrhjg2jPX5V8YP04QN2t+QSuBDvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD7K
NkdrmtAWT6i0/gB4dVkQZb4zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNTMxMzI4ODI3MkQxMUYwOTVBNzM4OUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtYBMA0GCSqGSIb3DQEB
CwUAA4IBAQCqDm0ovlKgwW0mQ7pNCw+xgfMtn/x58QMxZzUjfWdG+dxRPbM3pGnF
xM6qyqVWynIhLB+h1MOtL3HwBHhw7Utk0NMkx7VDnlE4A5HmdOOgYf4XWdCKuqGH
HgI8aNhk7Fs2vftwCdz2KsJH7xilj72UIk5ncOKcAqMuSMy9huJH40UYnpx8N6ng
ANnXoj2wP39C9GgbMOR6hAUu+jXaXcGBk9imYTU4RMUl+AikYFdV4e6ki6Tzs3Z/
+fFchkKh7tJw6mpDk7cB7jXB2+MJ+69iWYV4yeDH5T4S8wqwVEkfeXV2wRK+U+nX
IMpzpqKA5PTiDGNlle2l6KCekI8w7rtg
-----END CERTIFICATE-----
Generated at Thu May 15 23:49:07 2025 by rpki-client