Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/354B2A2C0A2D11F0BA6E6264762E951A.roa
File: 354B2A2C0A2D11F0BA6E6264762E951A.roa (raw, json)
Hash identifier: X8N7iOAe26p/jOVrDgb1JfnMrIezTVmZKvIiB6xXkVo=
Subject key identifier: F9:9E:CC:44:87:27:A6:D4:51:82:03:F3:96:B3:7B:5E:23:A3:5A:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017677
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/354B2A2C0A2D11F0BA6E6264762E951A.roa
Signing time: Wed 26 Mar 2025 10:29:33 +0000
ROA not before: Wed 26 Mar 2025 10:29:30 +0000
ROA not after: Sat 17 May 2025 10:29:30 +0000
asID: 138915
IP address blocks: 154.206.56.0/23 maxlen: 24
154.206.58.0/23 maxlen: 24
154.206.60.0/23 maxlen: 24
154.206.62.0/23 maxlen: 24
154.206.96.0/23 maxlen: 24
154.206.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95863 (0x17677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 26 10:29:30 2025 GMT
Not After : May 17 10:29:30 2025 GMT
Subject: CN=67e3d70d-2a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4e:7a:1c:ed:46:b2:55:ff:a7:f7:f7:87:cf:
b6:4f:5b:1f:ab:cc:96:cd:03:c7:1e:6b:2d:7a:aa:
10:77:97:2e:6a:ad:de:06:86:79:a4:72:0d:fa:20:
79:ad:c8:5f:37:20:e3:94:d5:8a:7f:9c:36:60:75:
f9:76:27:be:7a:57:47:67:0f:f4:e6:d9:15:6a:a3:
ff:28:aa:c8:e0:7a:70:17:18:1c:ad:f5:ea:26:cb:
cd:da:b1:ba:91:ac:8a:74:1c:9f:eb:38:85:c9:46:
1c:5e:3a:9b:19:f7:ec:17:16:08:53:25:18:b9:31:
5a:4c:be:15:8f:dd:25:62:81:c5:a1:49:42:20:11:
0f:f0:6b:de:96:e3:33:e8:42:4e:5b:93:14:c7:d5:
a3:83:65:f8:06:e4:a8:47:c5:0e:00:75:d9:6e:95:
72:2a:26:7e:91:9c:cc:32:2d:72:f8:41:9c:01:8d:
12:36:4e:70:09:38:d3:fc:2b:4d:0e:b8:64:27:b0:
49:40:0c:7d:e9:df:9b:c6:cb:4f:0c:43:33:f4:09:
cb:ca:0a:86:6c:02:94:05:41:f3:8e:1a:b8:5e:ba:
a8:e6:9c:0b:78:df:70:33:43:83:cc:1e:f7:0c:ad:
28:34:41:9d:91:73:1e:7b:fd:b2:3e:11:32:55:cc:
7c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9E:CC:44:87:27:A6:D4:51:82:03:F3:96:B3:7B:5E:23:A3:5A:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/354B2A2C0A2D11F0BA6E6264762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.56.0/21
154.206.96.0/23
154.206.100.0/23
Signature Algorithm: sha256WithRSAEncryption
61:32:64:78:4a:6d:c4:fa:f1:02:2b:1c:81:1e:53:a6:71:0a:
40:c3:b6:6b:4c:3b:3d:03:b3:65:c4:b5:2e:cb:c5:d7:bd:97:
38:c1:30:3e:27:b2:ca:c7:f6:c8:0f:0e:71:48:32:49:56:3d:
df:6d:00:72:89:cd:cc:23:d3:d8:47:fd:4f:da:85:f6:f9:2a:
c4:9c:c7:52:f7:aa:ac:66:1a:21:ce:6c:a8:25:f6:c4:c7:9e:
61:6f:d3:11:b8:7b:5b:03:05:14:77:2e:f4:98:72:39:e2:28:
38:c0:b3:38:80:4f:88:07:bc:77:2e:9c:9c:9e:e0:de:4f:30:
cb:21:cf:88:bd:ac:e9:e8:4e:62:8f:34:fc:76:83:d3:ce:ae:
7b:d9:b9:57:2e:ed:fb:6d:c0:a4:3a:e5:ec:9a:54:7d:2e:26:
fe:61:ef:0e:f1:c6:6d:b0:ac:9f:96:95:1a:ab:7b:f5:24:71:
b4:57:b0:2f:e5:3e:99:3d:18:b2:44:df:63:3f:bb:07:4f:b9:
20:17:f3:d9:77:4e:74:73:2f:bc:1b:4d:a1:8c:ca:cd:18:55:
da:e6:00:c5:0f:41:5b:83:01:45:fd:28:ea:a9:3d:a3:01:6b:
c3:86:16:93:85:56:ed:14:cb:e3:3f:10:33:2d:30:e0:0a:ac:
8c:68:19:38
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXZ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI2MTAyOTMwWhcNMjUwNTE3MTAyOTMwWjAYMRYw
FAYDVQQDEw02N2UzZDcwZC0yYTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2E56HO1GslX/p/f3h8+2T1sfq8yWzQPHHmsteqoQd5cuaq3eBoZ5pHIN
+iB5rchfNyDjlNWKf5w2YHX5die+eldHZw/05tkVaqP/KKrI4HpwFxgcrfXqJsvN
2rG6kayKdByf6ziFyUYcXjqbGffsFxYIUyUYuTFaTL4Vj90lYoHFoUlCIBEP8Gve
luMz6EJOW5MUx9Wjg2X4BuSoR8UOAHXZbpVyKiZ+kZzMMi1y+EGcAY0SNk5wCTjT
/CtNDrhkJ7BJQAx96d+bxstPDEMz9AnLygqGbAKUBUHzjhq4Xrqo5pwLeN9wM0OD
zB73DK0oNEGdkXMee/2yPhEyVcx8XQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFPme
zESHJ6bUUYID85aze14jo1pGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNTRCMkEyQzBBMkQxMUYwQkE2RTYyNjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDms44AwQBms5gAwQBms5k
MA0GCSqGSIb3DQEBCwUAA4IBAQBhMmR4Sm3E+vECKxyBHlOmcQpAw7ZrTDs9A7Nl
xLUuy8XXvZc4wTA+J7LKx/bIDw5xSDJJVj3fbQByic3MI9PYR/1P2oX2+SrEnMdS
96qsZhohzmyoJfbEx55hb9MRuHtbAwUUdy70mHI54ig4wLM4gE+IB7x3LpycnuDe
TzDLIc+Ivazp6E5ijzT8doPTzq572blXLu37bcCkOuXsmlR9Lib+Ye8O8cZtsKyf
lpUaq3v1JHG0V7Av5T6ZPRiyRN9jP7sHT7kgF/PZd050cy+8G02hjMrNGFXa5gDF
D0FbgwFF/SjqqT2jAWvDhhaThVbtFMvjPxAzLTDgCqyMaBk4
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:06 2025 by rpki-client