Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/470B98BE357A11F08F5B3AC1DAE4EC9C.roa
File: 470B98BE357A11F08F5B3AC1DAE4EC9C.roa (raw, json)
Hash identifier: iPfFcJYtNE9YRb+5GcNRNB6UlbP0x5zANKGjve2v32Q=
Subject key identifier: 5F:4A:B4:96:E9:F5:D2:BD:2B:5D:65:2D:61:1E:89:60:9C:76:CF:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0181B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/470B98BE357A11F08F5B3AC1DAE4EC9C.roa
Signing time: Tue 20 May 2025 12:59:35 +0000
ROA not before: Tue 20 May 2025 12:59:30 +0000
ROA not after: Mon 30 Jun 2025 12:59:30 +0000
asID: 62240
IP address blocks: 154.195.108.0/24 maxlen: 24
154.195.111.0/24 maxlen: 24
154.195.112.0/24 maxlen: 24
154.195.120.0/24 maxlen: 24
154.195.124.0/24 maxlen: 24
154.195.136.0/24 maxlen: 24
154.195.137.0/24 maxlen: 24
154.195.138.0/24 maxlen: 24
154.195.140.0/24 maxlen: 24
154.196.30.0/24 maxlen: 24
154.196.31.0/24 maxlen: 24
154.196.33.0/24 maxlen: 24
154.196.36.0/24 maxlen: 24
154.196.40.0/24 maxlen: 24
154.196.41.0/24 maxlen: 24
154.196.42.0/24 maxlen: 24
154.196.43.0/24 maxlen: 24
154.196.44.0/24 maxlen: 24
154.196.45.0/24 maxlen: 24
154.196.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98737 (0x181b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 12:59:30 2025 GMT
Not After : Jun 30 12:59:30 2025 GMT
Subject: CN=682c7cb6-77a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:54:75:8d:e0:1e:3d:3b:17:ce:88:49:47:dc:
d0:f9:76:14:86:6e:9a:8c:b5:c3:69:2c:04:fd:d3:
7d:3e:bc:a7:16:c5:e0:65:35:d9:aa:d9:ba:9d:47:
3b:2e:5e:3d:23:6d:ca:b1:df:58:02:96:3d:65:5e:
71:06:f3:b9:4f:ee:96:cb:bf:07:13:f2:aa:30:52:
d8:80:fb:b0:de:d2:5c:10:7b:9a:5d:e1:4c:f2:84:
7f:a9:97:2b:43:e3:44:f4:c5:82:96:b9:ec:6d:ee:
55:1a:75:42:3c:37:31:61:f4:b8:f0:55:b8:11:8e:
30:2b:35:5e:6c:41:f1:44:d1:6d:ba:84:9d:1a:18:
bf:e3:53:55:33:c8:2f:c7:6c:da:99:54:2d:27:18:
65:dd:20:53:54:8b:2c:2b:6d:31:bf:57:8f:dd:f7:
56:1d:13:8e:a2:7f:33:29:af:ab:6f:07:99:22:d2:
60:d9:b5:ee:16:63:73:77:c1:01:d3:5b:a0:ef:df:
63:f9:49:38:bb:33:33:b9:21:ab:03:03:5a:02:0b:
14:5c:3a:1c:13:c6:45:8e:67:5a:64:cb:c0:41:2c:
f2:57:63:70:5e:78:76:2f:80:3b:06:d9:a2:0c:83:
0c:a9:aa:d5:04:ac:76:bc:be:6c:7f:79:82:3c:1b:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4A:B4:96:E9:F5:D2:BD:2B:5D:65:2D:61:1E:89:60:9C:76:CF:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/470B98BE357A11F08F5B3AC1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.108.0/24
154.195.111.0-154.195.112.255
154.195.120.0/24
154.195.124.0/24
154.195.136.0-154.195.138.255
154.195.140.0/24
154.196.30.0/23
154.196.33.0/24
154.196.36.0/24
154.196.40.0-154.196.46.255
Signature Algorithm: sha256WithRSAEncryption
b7:ba:7c:df:64:af:9d:8b:d3:fb:fe:60:7b:d5:27:23:1e:6f:
e4:c6:6b:d6:e6:5a:da:b6:41:14:a4:31:25:d4:aa:eb:83:e7:
7c:9c:3b:13:45:28:d9:83:55:dd:e6:3c:4a:24:52:ab:89:8e:
fc:4d:25:11:97:46:a1:8d:e9:73:ef:f5:a4:01:30:05:d3:c4:
97:8e:42:f3:1f:19:6b:e7:cf:73:80:84:08:6f:31:2b:09:ae:
e8:d8:af:cf:10:40:e8:82:18:5f:51:9e:9e:d9:37:75:64:6f:
8e:b7:ba:09:fc:05:f2:e3:7f:a0:de:6d:9a:55:51:ad:a9:05:
69:dd:ff:59:8f:11:66:bc:65:48:ff:76:87:45:c9:91:dc:18:
37:49:61:41:e7:12:af:ac:e8:74:3d:7e:48:ff:34:ab:b7:8f:
b7:a4:67:9d:d5:71:5c:0c:c0:3e:c1:47:ff:68:e6:7d:23:ff:
0c:f3:35:ec:f7:ed:26:3b:0c:5e:9e:ef:18:ff:bd:d6:4a:9e:
8a:23:b9:e0:12:83:04:9a:45:e5:19:d3:ea:dc:97:c5:13:0c:
41:20:0a:57:d9:08:1c:f8:6b:04:10:2e:09:28:6d:15:23:7c:
13:4b:ed:47:6b:72:92:cc:50:01:87:73:85:99:c1:25:06:89:
82:4b:70:93
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDAYGxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIwMTI1OTMwWhcNMjUwNjMwMTI1OTMwWjAYMRYw
FAYDVQQDEw02ODJjN2NiNi03N2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp1R1jeAePTsXzohJR9zQ+XYUhm6ajLXDaSwE/dN9PrynFsXgZTXZqtm6
nUc7Ll49I23Ksd9YApY9ZV5xBvO5T+6Wy78HE/KqMFLYgPuw3tJcEHuaXeFM8oR/
qZcrQ+NE9MWClrnsbe5VGnVCPDcxYfS48FW4EY4wKzVebEHxRNFtuoSdGhi/41NV
M8gvx2zamVQtJxhl3SBTVIssK20xv1eP3fdWHROOon8zKa+rbweZItJg2bXuFmNz
d8EB01ug799j+Uk4uzMzuSGrAwNaAgsUXDocE8ZFjmdaZMvAQSzyV2NwXnh2L4A7
BtmiDIMMqarVBKx2vL5sf3mCPBvfjwIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFF9K
tJbp9dK9K11lLWEeiWCcds8KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzBCOThCRTM1N0ExMUYwOEY1QjNBQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAmsNsMAwDBACaw28DBACa
w3ADBACaw3gDBACaw3wwDAMEA5rDiAMEAJrDigMEAJrDjAMEAZrEHgMEAJrEIQME
AJrEJDAMAwQDmsQoAwQAmsQuMA0GCSqGSIb3DQEBCwUAA4IBAQC3unzfZK+di9P7
/mB71ScjHm/kxmvW5lratkEUpDEl1Krrg+d8nDsTRSjZg1Xd5jxKJFKriY78TSUR
l0ahjelz7/WkATAF08SXjkLzHxlr589zgIQIbzErCa7o2K/PEEDoghhfUZ6e2Td1
ZG+Ot7oJ/AXy43+g3m2aVVGtqQVp3f9ZjxFmvGVI/3aHRcmR3Bg3SWFB5xKvrOh0
PX5I/zSrt4+3pGed1XFcDMA+wUf/aOZ9I/8M8zXs9+0mOwxenu8Y/73WSp6KI7ng
EoMEmkXlGdPq3JfFEwxBIApX2Qgc+GsEEC4JKG0VI3wTS+1Ha3KSzFABh3OFmcEl
BomCS3CT
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:02:12 2025 by rpki-client