Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/433B7B503BBA11F0AD8BCCB5DAE4EC9C.roa
File: 433B7B503BBA11F0AD8BCCB5DAE4EC9C.roa (raw, json)
Hash identifier: 5grhE+ixb3Kl/gxHdp15iThT/MHEX2ZywTFrriZT3x8=
Subject key identifier: 37:9A:BB:69:EC:ED:7A:41:C5:95:AF:44:3B:1F:E6:A7:1C:FE:C9:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018358
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/433B7B503BBA11F0AD8BCCB5DAE4EC9C.roa
Signing time: Wed 28 May 2025 11:52:43 +0000
ROA not before: Wed 28 May 2025 11:52:38 +0000
ROA not after: Sun 06 Jul 2025 11:52:38 +0000
asID: 49505
IP address blocks: 154.209.208.0/24 maxlen: 24
154.209.209.0/24 maxlen: 24
154.209.210.0/24 maxlen: 24
154.209.211.0/24 maxlen: 24
154.209.212.0/24 maxlen: 24
154.209.213.0/24 maxlen: 24
154.209.214.0/24 maxlen: 24
154.209.221.0/24 maxlen: 24
154.209.222.0/24 maxlen: 24
154.209.223.0/24 maxlen: 24
154.211.9.0/24 maxlen: 24
154.211.10.0/24 maxlen: 24
154.211.11.0/24 maxlen: 24
154.211.16.0/24 maxlen: 24
154.211.17.0/24 maxlen: 24
154.211.18.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
154.212.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99160 (0x18358)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 11:52:38 2025 GMT
Not After : Jul 6 11:52:38 2025 GMT
Subject: CN=6836f90b-3fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ad:e2:44:27:15:2e:4d:83:ce:54:13:17:fc:
92:03:76:4c:b6:d1:3c:c3:52:8b:57:ac:23:aa:e5:
ee:ed:b0:93:2a:28:d2:4e:18:4b:ff:b8:50:fc:24:
ea:8a:a0:06:8f:65:e8:96:83:65:56:01:1e:5e:d4:
c8:15:66:81:bc:7c:65:f8:ab:c6:05:aa:fd:37:57:
df:36:23:e3:ad:30:8d:31:78:17:e0:3b:89:67:d5:
1a:f6:8e:43:98:9b:4b:a2:65:50:6a:ec:32:74:f5:
a4:61:54:04:2c:9e:46:03:db:b6:3d:34:e8:f6:bc:
82:e0:b1:ee:a0:62:38:cd:cb:aa:39:85:17:cd:d3:
6a:d7:2d:09:8d:50:2a:05:5f:ed:99:f3:bb:86:b8:
e7:6e:29:3f:31:a1:f6:44:55:65:db:d6:3c:ba:c1:
da:77:c3:30:d4:fc:39:e7:29:65:71:65:e2:56:93:
1a:84:d8:f7:b1:47:2c:c0:6a:2e:b6:e5:4f:34:05:
5f:8d:ee:3a:c4:95:0e:23:8b:91:07:ac:05:46:7e:
12:38:02:5b:72:a1:96:e2:b5:55:d4:26:d4:a4:97:
98:e2:0a:4d:10:3b:0b:be:3c:95:9e:d2:fc:af:10:
e1:d3:2b:de:99:b1:22:d1:7b:64:11:c7:30:16:c0:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9A:BB:69:EC:ED:7A:41:C5:95:AF:44:3B:1F:E6:A7:1C:FE:C9:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/433B7B503BBA11F0AD8BCCB5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.208.0-154.209.214.255
154.209.221.0-154.209.223.255
154.211.9.0-154.211.11.255
154.211.16.0/22
154.212.28.0/23
154.212.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:aa:07:6c:ad:37:5d:bf:b6:6f:b2:7d:11:e7:fc:3c:1f:3f:
a4:79:bb:6d:16:ac:4c:7b:e5:9c:01:a1:d1:bb:c2:0d:71:ad:
c2:28:c4:6e:db:95:00:32:51:6f:07:6f:02:91:03:22:f7:88:
aa:c0:bd:fa:a6:fd:73:5e:83:db:ec:80:48:cf:25:21:8e:23:
f4:1e:94:f9:a5:61:5d:55:a8:fe:64:93:83:79:c9:4f:8d:5b:
05:5c:98:d5:dc:96:52:84:2c:a7:33:7c:04:52:1a:f3:7a:41:
f0:f4:0c:87:3c:2f:bd:26:9b:94:35:c2:c9:b2:45:6b:a6:d1:
41:ad:ac:23:1c:de:76:85:36:64:cc:4b:b0:ff:f0:d2:44:5d:
aa:b9:79:80:38:f6:8c:7c:5e:d1:03:62:41:eb:e3:8b:7b:e9:
81:d8:3f:28:4d:45:20:bb:58:6d:f3:9d:1c:99:0b:3b:f3:33:
0e:99:08:bb:71:05:49:cc:e3:ca:bd:c0:58:f5:a9:90:1b:21:
38:f5:e7:9b:f8:3d:0f:fb:bd:1c:ee:38:43:90:5a:7b:8c:31:
95:5c:c0:f1:1e:54:86:09:c3:39:ad:74:09:09:38:f9:5a:bb:
c9:e3:61:16:17:52:60:d8:9d:de:0e:a9:d3:44:2c:b9:77:b0:
3c:2e:e4:88
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAYNYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTE1MjM4WhcNMjUwNzA2MTE1MjM4WjAYMRYw
FAYDVQQDEw02ODM2ZjkwYi0zZmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA463iRCcVLk2DzlQTF/ySA3ZMttE8w1KLV6wjquXu7bCTKijSThhL/7hQ
/CTqiqAGj2XoloNlVgEeXtTIFWaBvHxl+KvGBar9N1ffNiPjrTCNMXgX4DuJZ9Ua
9o5DmJtLomVQauwydPWkYVQELJ5GA9u2PTTo9ryC4LHuoGI4zcuqOYUXzdNq1y0J
jVAqBV/tmfO7hrjnbik/MaH2RFVl29Y8usHad8Mw1Pw55yllcWXiVpMahNj3sUcs
wGoutuVPNAVfje46xJUOI4uRB6wFRn4SOAJbcqGW4rVV1CbUpJeY4gpNEDsLvjyV
ntL8rxDh0yvembEi0XtkEccwFsDc6wIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFDea
u2ns7XpBxZWvRDsf5qcc/snuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MzNCN0I1MDNCQkExMUYwQUQ4QkNDQjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBASa0dADBACa0dYwDAME
AJrR3QMEBZrRwDAMAwQAmtMJAwQCmtMIAwQCmtMQAwQBmtQcAwQAmtQfMA0GCSqG
SIb3DQEBCwUAA4IBAQBcqgdsrTddv7Zvsn0R5/w8Hz+kebttFqxMe+WcAaHRu8IN
ca3CKMRu25UAMlFvB28CkQMi94iqwL36pv1zXoPb7IBIzyUhjiP0HpT5pWFdVaj+
ZJODeclPjVsFXJjV3JZShCynM3wEUhrzekHw9AyHPC+9JpuUNcLJskVrptFBrawj
HN52hTZkzEuw//DSRF2quXmAOPaMfF7RA2JB6+OLe+mB2D8oTUUgu1ht850cmQs7
8zMOmQi7cQVJzOPKvcBY9amQGyE49eeb+D0P+70c7jhDkFp7jDGVXMDxHlSGCcM5
rXQJCTj5WrvJ42EWF1Jg2J3eDqnTRCy5d7A8LuSI
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:23:11 2025 by rpki-client