Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4FFC7F22F50311EFAE231092762E951A.roa
File: 4FFC7F22F50311EFAE231092762E951A.roa (raw, json)
Hash identifier: x9mIvc7BVHVlWxXuQHS8hg2mZnh0FEgD2c370l28Xm4=
Subject key identifier: 22:BF:B8:B9:5D:A6:4A:42:DB:DF:1E:FB:8F:D2:6F:07:E0:31:B1:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016822
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4FFC7F22F50311EFAE231092762E951A.roa
Signing time: Thu 27 Feb 2025 12:06:45 +0000
ROA not before: Thu 27 Feb 2025 12:06:41 +0000
ROA not after: Sat 19 Feb 2028 12:06:41 +0000
asID: 17561
IP address blocks: 154.81.133.0/24 maxlen: 24
154.81.135.0/24 maxlen: 24
154.81.137.0/24 maxlen: 24
154.81.139.0/24 maxlen: 24
154.81.141.0/24 maxlen: 24
154.81.143.0/24 maxlen: 24
154.81.145.0/24 maxlen: 24
154.81.147.0/24 maxlen: 24
154.81.148.0/24 maxlen: 24
154.81.150.0/24 maxlen: 24
154.81.151.0/24 maxlen: 24
154.90.124.0/24 maxlen: 24
154.90.125.0/24 maxlen: 24
154.90.126.0/24 maxlen: 24
154.90.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92194 (0x16822)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 12:06:41 2025 GMT
Not After : Feb 19 12:06:41 2028 GMT
Subject: CN=67c05555-05bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ae:b1:a9:dd:32:6c:c7:04:a6:3f:a1:68:3f:
b1:37:36:97:69:ba:ca:d4:7f:97:e3:0d:f1:07:1b:
d9:ac:5e:fd:38:63:29:92:61:76:9d:0e:8d:c4:10:
09:88:a4:26:7c:cd:70:f9:99:8a:8a:78:c1:71:1d:
fa:a4:92:eb:d2:90:5c:57:33:9b:ef:c3:24:99:55:
d5:80:33:b7:dd:d5:a6:72:ad:21:6c:7f:f2:71:eb:
fc:27:52:fd:2b:cf:4f:e6:b1:5b:f1:46:43:a5:03:
f8:50:7e:68:f8:d9:2e:c7:ce:98:a0:3a:a2:6b:bf:
2e:d0:d9:e6:b6:65:58:03:e7:e5:48:f3:59:a4:08:
b2:a2:63:04:3b:1a:c7:e2:62:fc:20:52:d9:7c:43:
e7:2d:ac:55:4e:ea:1b:e1:19:42:91:62:14:4d:5b:
7c:8f:bb:77:2c:f3:6d:91:d4:56:4e:30:ca:b2:54:
71:d5:8d:b6:62:4c:be:6a:f1:6d:df:e8:b8:73:a7:
ae:43:38:37:c9:27:99:49:4b:df:75:ae:94:b6:1d:
39:9f:8b:23:56:f6:86:83:53:63:7f:a4:1b:89:9b:
5d:b1:52:58:29:db:d5:d5:a7:fc:02:de:d4:a1:fe:
91:83:f2:63:19:11:89:db:61:13:94:f6:8a:84:d7:
8e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BF:B8:B9:5D:A6:4A:42:DB:DF:1E:FB:8F:D2:6F:07:E0:31:B1:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4FFC7F22F50311EFAE231092762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.133.0/24
154.81.135.0/24
154.81.137.0/24
154.81.139.0/24
154.81.141.0/24
154.81.143.0/24
154.81.145.0/24
154.81.147.0-154.81.148.255
154.81.150.0/23
154.90.124.0/22
Signature Algorithm: sha256WithRSAEncryption
51:36:2c:19:b8:bf:5c:79:3d:6a:ea:ef:8e:4d:37:2f:25:eb:
39:5c:25:c9:5f:da:91:98:9c:6f:0f:9d:26:af:4f:b0:7d:3d:
f8:d1:ee:d7:87:06:18:a2:70:fd:3c:e3:31:24:53:30:a2:62:
0e:ac:c1:b0:20:4b:cd:d8:31:49:31:2b:40:da:70:b2:95:f8:
2e:f6:49:21:e2:af:61:d4:52:3c:7c:aa:8f:64:30:f8:e0:6c:
29:51:c0:c1:ee:12:d9:f2:5c:d6:83:47:1b:b6:a1:48:7f:f9:
7a:8d:3d:02:e5:70:7b:88:11:86:3b:1c:d1:66:7e:ce:c7:b7:
56:cd:73:31:02:34:37:b6:86:4b:16:a4:da:8a:ee:0a:a1:0f:
5e:35:38:ea:cb:c3:05:8c:ca:b6:ac:9c:62:69:5e:a7:52:cb:
c9:f2:6a:d1:24:fd:17:a4:f5:6a:2a:13:4c:be:da:30:f3:a7:
4b:84:f6:6c:38:ea:90:ff:c8:98:98:49:6e:73:fe:45:1b:87:
6b:82:fd:e0:ce:1a:b1:23:96:56:bf:78:53:4b:b7:0b:cd:c1:
38:4d:d2:16:76:4b:69:60:ab:4b:e7:88:d1:eb:1b:a7:d1:f6:
6d:d4:d7:c8:e6:81:3b:77:77:ba:f3:86:f4:0b:8c:8f:a9:fd:
3f:ce:43:e3
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIDAWgiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTIwNjQxWhcNMjgwMjE5MTIwNjQxWjAYMRYw
FAYDVQQDEw02N2MwNTU1NS0wNWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs66xqd0ybMcEpj+haD+xNzaXabrK1H+X4w3xBxvZrF79OGMpkmF2nQ6N
xBAJiKQmfM1w+ZmKinjBcR36pJLr0pBcVzOb78MkmVXVgDO33dWmcq0hbH/ycev8
J1L9K89P5rFb8UZDpQP4UH5o+Nkux86YoDqia78u0NnmtmVYA+flSPNZpAiyomME
OxrH4mL8IFLZfEPnLaxVTuob4RlCkWIUTVt8j7t3LPNtkdRWTjDKslRx1Y22Yky+
avFt3+i4c6euQzg3ySeZSUvfda6Uth05n4sjVvaGg1Njf6QbiZtdsVJYKdvV1af8
At7Uof6Rg/JjGRGJ22ETlPaKhNeOzQIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFCK/
uLldpkpC298e+4/SbwfgMbFUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RkZDN0YyMkY1MDMxMUVGQUUyMzEwOTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAmlGFAwQAmlGHAwQAmlGJ
AwQAmlGLAwQAmlGNAwQAmlGPAwQAmlGRMAwDBACaUZMDBACaUZQDBAGaUZYDBAKa
WnwwDQYJKoZIhvcNAQELBQADggEBAFE2LBm4v1x5PWrq745NNy8l6zlcJclf2pGY
nG8PnSavT7B9PfjR7teHBhiicP084zEkUzCiYg6swbAgS83YMUkxK0DacLKV+C72
SSHir2HUUjx8qo9kMPjgbClRwMHuEtnyXNaDRxu2oUh/+XqNPQLlcHuIEYY7HNFm
fs7Ht1bNczECNDe2hksWpNqK7gqhD141OOrLwwWMyrasnGJpXqdSy8nyatEk/Rek
9WoqE0y+2jDzp0uE9mw46pD/yJiYSW5z/kUbh2uC/eDOGrEjlla/eFNLtwvNwThN
0hZ2S2lgq0vniNHrG6fR9m3U18jmgTt3d7rzhvQLjI+p/T/OQ+M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:45 2025 by rpki-client