Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FBD103B82BEA11F0938804CEDAE4EC9C.roa
File: FBD103B82BEA11F0938804CEDAE4EC9C.roa (raw, json)
Hash identifier: ET6ngM3WkIGatgn5hG1Dfxs2YRyRfLp1mFLftGUXcXg=
Subject key identifier: 89:DA:6D:4B:15:55:15:38:25:11:9A:3D:2C:5C:0B:60:11:76:EA:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017F80
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FBD103B82BEA11F0938804CEDAE4EC9C.roa
Signing time: Thu 08 May 2025 09:01:10 +0000
ROA not before: Thu 08 May 2025 09:01:06 +0000
ROA not after: Sun 18 May 2025 09:01:06 +0000
asID: 150706
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98176 (0x17f80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 09:01:06 2025 GMT
Not After : May 18 09:01:06 2025 GMT
Subject: CN=681c72d6-d5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:60:a6:ef:1c:8f:80:e6:6c:bd:90:8f:34:1d:
6f:3d:69:4b:3f:41:8b:41:41:0e:4e:94:44:5c:d9:
a6:fe:9f:79:ab:76:62:88:d2:b8:c1:c4:f5:3d:70:
9c:f3:c9:ef:fa:3f:b7:71:a0:86:8d:b9:1f:7e:80:
ff:f1:e3:41:b7:53:7d:57:dc:ab:b2:1a:65:f9:3d:
dc:c8:71:7b:f5:bf:a4:b0:20:44:ff:5f:40:36:9f:
7b:69:a2:72:8a:1f:ae:1c:06:f3:c3:29:fe:fe:d4:
0b:1c:ce:45:f6:0c:88:7f:93:79:5a:67:67:c4:78:
00:e9:fc:4c:d6:f3:5e:fc:d5:54:5d:fe:08:45:23:
1c:32:96:fe:76:9a:44:32:f1:d9:4b:53:94:91:a1:
09:fa:c5:d1:ec:36:57:e3:d6:ef:77:7b:0a:51:fa:
4e:bb:f2:cc:ef:a2:0b:43:12:0c:01:22:86:c5:f8:
9f:67:a9:ee:35:ac:61:8b:bc:de:fd:34:31:99:c2:
ce:65:65:0e:49:78:b5:69:ca:9e:69:44:5a:4a:f1:
97:da:c0:c6:7e:b7:37:a8:50:18:a1:aa:20:6d:6a:
50:f0:73:eb:97:59:7a:f9:a3:70:33:aa:d5:cf:cc:
c9:67:30:54:66:79:6e:3e:6e:ba:17:74:b5:be:5a:
bb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DA:6D:4B:15:55:15:38:25:11:9A:3D:2C:5C:0B:60:11:76:EA:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FBD103B82BEA11F0938804CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
55:51:79:f8:5c:69:a7:93:a2:af:a0:98:12:79:5a:f6:79:db:
25:12:79:26:bc:56:b6:8f:4b:5f:37:e2:56:b4:b6:b1:5b:ce:
ef:54:b3:9d:ad:29:27:45:0e:82:51:7a:8f:82:2a:9e:99:d1:
e9:ec:02:c0:97:0b:92:b5:b7:6d:e8:aa:89:f1:e2:59:36:74:
ca:55:74:e7:98:65:8b:7e:4a:46:6b:1f:4f:ad:06:ab:99:80:
6a:f2:61:5c:ac:74:2d:dc:9e:e6:5b:18:2d:cc:23:25:03:92:
2c:c3:d2:cf:3e:9c:b5:02:d9:4f:c1:00:7f:0e:b5:d7:11:45:
69:0d:e1:77:26:9a:7f:bc:76:e2:98:7b:4f:e3:7e:30:a6:ec:
56:e1:b9:a7:61:bf:d4:75:d1:dd:90:f7:bf:de:c9:4d:cd:ac:
a7:80:81:97:ed:63:1f:c1:a9:79:9f:4e:28:fa:fe:7c:82:f0:
36:1f:68:d0:4d:f4:b4:31:2c:0c:57:86:06:15:ba:47:3a:7d:
cb:47:3d:58:d6:67:8d:25:6a:f8:bb:10:64:a2:ec:98:0b:e8:
5e:a1:34:10:bf:26:aa:ff:dc:9c:e1:03:02:bb:6e:0c:0b:85:
dc:2b:83:f6:f3:e0:be:b4:1f:34:14:80:ad:b3:53:f4:0e:9e:
41:05:58:55
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAX+AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA4MDkwMTA2WhcNMjUwNTE4MDkwMTA2WjAYMRYw
FAYDVQQDEw02ODFjNzJkNi1kNWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzmCm7xyPgOZsvZCPNB1vPWlLP0GLQUEOTpREXNmm/p95q3ZiiNK4wcT1
PXCc88nv+j+3caCGjbkffoD/8eNBt1N9V9yrshpl+T3cyHF79b+ksCBE/19ANp97
aaJyih+uHAbzwyn+/tQLHM5F9gyIf5N5WmdnxHgA6fxM1vNe/NVUXf4IRSMcMpb+
dppEMvHZS1OUkaEJ+sXR7DZX49bvd3sKUfpOu/LM76ILQxIMASKGxfifZ6nuNaxh
i7ze/TQxmcLOZWUOSXi1acqeaURaSvGX2sDGfrc3qFAYoaogbWpQ8HPrl1l6+aNw
M6rVz8zJZzBUZnluPm66F3S1vlq7MQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIna
bUsVVRU4JRGaPSxcC2ARdupyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQkQxMDNCODJCRUExMUYwOTM4ODA0Q0VEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQBVUXn4XGmnk6KvoJgSeVr2edslEnkmvFa2j0tf
N+JWtLaxW87vVLOdrSknRQ6CUXqPgiqemdHp7ALAlwuStbdt6KqJ8eJZNnTKVXTn
mGWLfkpGax9PrQarmYBq8mFcrHQt3J7mWxgtzCMlA5Isw9LPPpy1AtlPwQB/DrXX
EUVpDeF3Jpp/vHbimHtP434wpuxW4bmnYb/UddHdkPe/3slNzayngIGX7WMfwal5
n04o+v58gvA2H2jQTfS0MSwMV4YGFbpHOn3LRz1Y1meNJWr4uxBkouyYC+heoTQQ
vyaq/9yc4QMCu24MC4XcK4P28+C+tB80FICts1P0Dp5BBVhV
-----END CERTIFICATE-----
Generated at Thu May 15 23:45:53 2025 by rpki-client