Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06B1F8F43BB411F0B9498E8EDAE4EC9C.roa
File: 06B1F8F43BB411F0B9498E8EDAE4EC9C.roa (raw, json)
Hash identifier: srudKC9cTv5z00S/YKkE41RT+Yy1BSqP4+e1jbIFo2I=
Subject key identifier: 49:8F:C2:2D:45:70:1F:06:49:00:7C:30:13:B6:DB:FD:56:71:14:F9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01834C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06B1F8F43BB411F0B9498E8EDAE4EC9C.roa
Signing time: Wed 28 May 2025 11:08:05 +0000
ROA not before: Wed 28 May 2025 11:07:59 +0000
ROA not after: Sat 07 Jun 2025 11:07:59 +0000
asID: 9009
IP address blocks: 154.85.124.0/24 maxlen: 24
154.85.125.0/24 maxlen: 24
154.92.120.0/24 maxlen: 24
154.92.121.0/24 maxlen: 24
154.92.122.0/24 maxlen: 24
154.92.123.0/24 maxlen: 24
154.92.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99148 (0x1834c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 11:07:59 2025 GMT
Not After : Jun 7 11:07:59 2025 GMT
Subject: CN=6836ee94-b781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b9:f2:77:67:c5:b8:80:8f:80:db:0e:9c:e4:
ee:6f:b3:4f:7f:3b:a4:9a:ff:f6:76:23:f5:36:f8:
d4:1c:95:3b:cc:5f:3e:f1:66:d7:80:c1:d5:ed:1e:
6c:f4:6f:5e:bb:fe:8f:b1:e9:28:bf:ed:bb:ad:50:
3c:ec:3b:33:de:2a:58:d3:03:5b:76:c0:4e:0e:09:
98:92:35:47:56:c0:4d:1a:1e:24:bb:12:62:10:d4:
b1:49:53:51:88:95:f0:57:23:c7:23:c7:8e:7d:a4:
e6:0b:0b:05:75:37:15:50:06:49:88:c8:0e:cf:ce:
b9:ca:4e:b9:c7:29:88:f5:0f:15:b5:71:36:2c:d0:
38:4d:53:95:34:69:93:89:d4:f3:22:68:77:25:9e:
ef:bf:3d:ca:29:5e:61:3a:73:99:ba:06:40:dc:5a:
e0:03:43:74:71:8b:a5:03:76:de:4f:44:02:25:eb:
ee:51:1d:5a:66:f0:11:fe:56:c1:21:99:f0:ab:8e:
13:70:c9:9e:a7:2a:64:f0:3c:03:a1:fb:cd:a3:58:
a7:cb:73:aa:27:27:cf:0b:2e:13:a6:34:60:84:c4:
10:06:34:63:9e:2d:56:2b:db:c8:2a:d4:c2:6f:6d:
64:be:43:28:92:5f:f3:ba:4f:7d:dc:fd:b5:9a:25:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8F:C2:2D:45:70:1F:06:49:00:7C:30:13:B6:DB:FD:56:71:14:F9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06B1F8F43BB411F0B9498E8EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.124.0/23
154.92.120.0-154.92.124.255
Signature Algorithm: sha256WithRSAEncryption
20:77:6b:ac:53:19:70:3f:14:50:c0:f0:98:96:4a:c6:0c:df:
53:35:a9:6d:bd:6e:1a:04:ee:8a:2f:1c:17:bf:0d:20:be:e7:
32:f9:50:70:0d:ec:ef:d2:12:c0:f4:f4:dc:b9:58:31:7b:c1:
89:eb:cb:15:4c:79:35:74:8c:26:32:40:ad:5f:ba:50:dd:a1:
95:b7:6a:43:b8:c5:c6:cc:e8:12:96:c1:b5:79:74:65:b1:4e:
fb:2a:a2:e5:76:a2:c9:f1:31:08:2b:68:37:3e:91:12:11:13:
aa:c2:6e:5d:70:8d:47:c3:11:23:e2:02:a2:62:fb:f0:eb:02:
b4:80:f7:da:35:14:24:4e:df:7f:ed:9a:b7:ee:44:32:cc:75:
a9:ab:24:20:be:a4:31:1e:14:05:4d:42:14:a1:f9:32:26:dd:
d1:82:0d:a3:e6:db:36:f9:b3:32:3b:14:9b:4b:57:1d:f7:4d:
78:b4:8f:17:f9:63:2e:b5:15:50:a9:3d:96:4f:94:91:fd:d0:
85:96:62:bf:34:7f:37:7e:28:62:9b:ef:0a:e8:93:fe:43:23:
db:dc:a9:c1:d1:18:4f:61:65:58:15:08:21:07:53:d7:79:14:
cc:ec:87:62:b6:d1:40:80:98:6f:2d:5c:48:18:cd:79:76:ae:
ff:bc:c2:3a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYNMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTEwNzU5WhcNMjUwNjA3MTEwNzU5WjAYMRYw
FAYDVQQDEw02ODM2ZWU5NC1iNzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2rnyd2fFuICPgNsOnOTub7NPfzukmv/2diP1NvjUHJU7zF8+8WbXgMHV
7R5s9G9eu/6Psekov+27rVA87Dsz3ipY0wNbdsBODgmYkjVHVsBNGh4kuxJiENSx
SVNRiJXwVyPHI8eOfaTmCwsFdTcVUAZJiMgOz865yk65xymI9Q8VtXE2LNA4TVOV
NGmTidTzImh3JZ7vvz3KKV5hOnOZugZA3FrgA0N0cYulA3beT0QCJevuUR1aZvAR
/lbBIZnwq44TcMmepypk8DwDofvNo1iny3OqJyfPCy4TpjRghMQQBjRjni1WK9vI
KtTCb21kvkMokl/zuk993P21miWS6wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFEmP
wi1FcB8GSQB8MBO22/1WcRT5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNkIxRjhGNDNCQjQxMUYwQjk0OThFOEVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBmlV8MAwDBAOaXHgDBACa
XHwwDQYJKoZIhvcNAQELBQADggEBACB3a6xTGXA/FFDA8JiWSsYM31M1qW29bhoE
7oovHBe/DSC+5zL5UHAN7O/SEsD09Ny5WDF7wYnryxVMeTV0jCYyQK1fulDdoZW3
akO4xcbM6BKWwbV5dGWxTvsqouV2osnxMQgraDc+kRIRE6rCbl1wjUfDESPiAqJi
+/DrArSA99o1FCRO33/tmrfuRDLMdamrJCC+pDEeFAVNQhSh+TIm3dGCDaPm2zb5
szI7FJtLVx33TXi0jxf5Yy61FVCpPZZPlJH90IWWYr80fzd+KGKb7wrok/5DI9vc
qcHRGE9hZVgVCCEHU9d5FMzsh2K20UCAmG8tXEgYzXl2rv+8wjo=
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:22:14 2025 by rpki-client