Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE91EB3A2CA811F081F036C6DAE4EC9C.roa
File: FE91EB3A2CA811F081F036C6DAE4EC9C.roa (raw, json)
Hash identifier: 7nEM0JMDbScjxppYu+BMoipiT6bJussFqkKdWFh7SO4=
Subject key identifier: 15:89:AF:D9:88:22:40:8B:6F:A0:24:8C:BC:88:76:94:5B:FE:93:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FA1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE91EB3A2CA811F081F036C6DAE4EC9C.roa
Signing time: Fri 09 May 2025 07:41:19 +0000
ROA not before: Fri 09 May 2025 07:41:14 +0000
ROA not after: Sat 07 Jun 2025 07:41:14 +0000
asID: 21859
IP address blocks: 154.194.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98209 (0x17fa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 07:41:14 2025 GMT
Not After : Jun 7 07:41:14 2025 GMT
Subject: CN=681db19f-bcdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:69:71:c9:71:6d:a3:a0:3a:b2:fa:80:15:b3:
e6:4d:a7:49:a7:2c:36:d9:97:6b:13:f2:fd:98:93:
93:fd:1f:86:9f:4f:cb:a3:df:5c:b3:49:b2:f7:e1:
43:98:47:f4:8d:42:b2:da:98:4c:d2:7c:54:b2:23:
32:88:2f:85:ea:57:1b:a8:f1:97:42:52:62:14:4a:
cf:fa:71:12:ca:65:64:6b:38:b1:19:82:38:be:1a:
6d:51:2b:03:e7:36:c6:10:8b:92:68:61:d7:86:e0:
c8:41:aa:11:72:ba:1d:90:d4:b2:42:5b:41:be:70:
ff:1c:9c:7c:42:69:8f:84:33:b3:aa:1c:5f:ca:51:
59:02:43:6a:b8:11:88:21:4c:cf:e7:b2:86:cf:ca:
15:d5:98:4d:bb:00:ae:92:e1:b4:b0:9c:7b:4a:5a:
b6:85:6c:fc:ec:94:8d:2a:c1:48:9e:9a:cb:70:61:
ab:97:62:cd:20:f2:a8:7d:37:e9:fd:29:f0:9d:83:
b6:c8:b1:ad:02:03:38:2f:ff:3a:a7:0f:77:1b:0a:
9d:09:a4:ea:f9:cb:d6:62:69:4e:71:ad:44:fe:4d:
37:9d:2a:ac:12:a2:87:22:72:cd:56:30:ec:35:d5:
40:c6:dc:05:15:9a:23:31:cd:e2:e1:3c:ce:8f:78:
fe:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:89:AF:D9:88:22:40:8B:6F:A0:24:8C:BC:88:76:94:5B:FE:93:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE91EB3A2CA811F081F036C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.56.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:82:eb:62:d6:4c:57:2f:32:8c:1c:26:14:16:fb:65:bb:29:
80:22:88:bf:ea:c4:fd:00:69:8f:d2:c8:32:d3:36:dc:53:d1:
86:6c:90:81:7e:69:ff:9d:a4:6b:5b:dd:ce:92:4f:35:a5:a7:
85:ce:3c:2b:d3:90:91:f9:a4:57:2e:f5:75:f0:9c:9c:fe:e7:
10:8e:35:95:bd:25:f4:4c:f2:ae:e0:45:7d:88:ec:87:64:63:
40:a9:35:28:5c:6c:de:42:59:5d:d6:ba:a5:8b:6a:91:bf:6f:
48:de:ab:99:46:cb:f0:c8:5b:ce:e5:36:0a:0d:b5:80:db:da:
80:0a:f5:2d:9a:e3:2f:eb:d3:9f:2b:82:55:6e:ac:5e:6d:3e:
6e:4c:4c:f9:a0:c1:e1:b8:ae:20:67:39:c0:49:d8:b2:08:f6:
ef:88:05:98:cc:e7:4c:ba:35:c3:1b:54:dc:37:ee:1b:c9:ee:
cd:02:d4:40:9e:0e:c1:98:fb:a9:04:24:f4:1e:a6:98:84:c6:
29:27:bd:50:95:2a:d0:42:63:aa:f7:25:30:bf:02:33:29:8d:
48:50:75:b3:41:e6:71:c4:ae:33:da:b3:0c:22:2e:99:49:1c:
a8:45:73:64:12:ea:9f:b3:f8:ec:2e:89:c8:eb:a1:95:0e:1d:
77:1f:04:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX+hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA5MDc0MTE0WhcNMjUwNjA3MDc0MTE0WjAYMRYw
FAYDVQQDEw02ODFkYjE5Zi1iY2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsGlxyXFto6A6svqAFbPmTadJpyw22ZdrE/L9mJOT/R+Gn0/Lo99cs0my
9+FDmEf0jUKy2phM0nxUsiMyiC+F6lcbqPGXQlJiFErP+nESymVkazixGYI4vhpt
USsD5zbGEIuSaGHXhuDIQaoRcrodkNSyQltBvnD/HJx8QmmPhDOzqhxfylFZAkNq
uBGIIUzP57KGz8oV1ZhNuwCukuG0sJx7Slq2hWz87JSNKsFInprLcGGrl2LNIPKo
fTfp/SnwnYO2yLGtAgM4L/86pw93GwqdCaTq+cvWYmlOca1E/k03nSqsEqKHInLN
VjDsNdVAxtwFFZojMc3i4TzOj3j+rQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBWJ
r9mIIkCLb6AkjLyIdpRb/pPLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRTkxRUIzQTJDQTgxMUYwODFGMDM2QzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI4MA0GCSqGSIb3DQEB
CwUAA4IBAQAOguti1kxXLzKMHCYUFvtluymAIoi/6sT9AGmP0sgy0zbcU9GGbJCB
fmn/naRrW93Okk81paeFzjwr05CR+aRXLvV18Jyc/ucQjjWVvSX0TPKu4EV9iOyH
ZGNAqTUoXGzeQlld1rqli2qRv29I3quZRsvwyFvO5TYKDbWA29qACvUtmuMv69Of
K4JVbqxebT5uTEz5oMHhuK4gZznASdiyCPbviAWYzOdMujXDG1TcN+4bye7NAtRA
ng7BmPupBCT0HqaYhMYpJ71QlSrQQmOq9yUwvwIzKY1IUHWzQeZxxK4z2rMMIi6Z
SRyoRXNkEuqfs/jsLonI66GVDh13HwRB
-----END CERTIFICATE-----
Generated at Thu May 15 23:46:07 2025 by rpki-client