Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70070698041C11F0AC4C5344762E951A.roa
File: 70070698041C11F0AC4C5344762E951A.roa (raw, json)
Hash identifier: G/ztKw8B3vzgXB1vjV/kmlvuZM7OUCilbWKsD6y2F1g=
Subject key identifier: E5:A5:02:B8:D0:FF:CA:A5:42:4B:D3:2D:F2:12:A4:FE:F1:D8:97:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0174D6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70070698041C11F0AC4C5344762E951A.roa
Signing time: Tue 18 Mar 2025 17:14:23 +0000
ROA not before: Tue 18 Mar 2025 17:14:20 +0000
ROA not after: Mon 05 May 2025 17:14:20 +0000
asID: 202656
IP address blocks: 154.218.28.0/24 maxlen: 24
154.218.29.0/24 maxlen: 24
154.219.193.0/24 maxlen: 24
154.220.1.0/24 maxlen: 24
154.221.1.0/24 maxlen: 24
154.221.53.0/24 maxlen: 24
154.221.54.0/24 maxlen: 24
154.221.55.0/24 maxlen: 24
154.221.62.0/24 maxlen: 24
154.221.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95446 (0x174d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 18 17:14:20 2025 GMT
Not After : May 5 17:14:20 2025 GMT
Subject: CN=67d9a9ef-33c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4a:77:3f:73:16:b9:91:3b:3f:41:c8:15:5e:
da:19:0a:aa:26:8f:1a:04:84:9d:a2:88:a8:cb:d6:
ab:87:64:8d:6c:bc:17:01:38:9e:aa:6f:c2:91:da:
71:3c:31:a0:d1:7f:31:19:ef:54:80:04:f4:d0:71:
79:7a:f6:e0:38:c1:ea:8f:26:7d:36:10:5d:f1:41:
c7:9d:66:81:03:3f:51:49:7b:31:a3:79:f8:5d:34:
3f:28:0f:26:6c:87:e0:8f:10:f1:e9:ee:e0:4e:d0:
79:f8:7b:2d:cb:bb:a1:d0:50:d8:93:13:ca:8b:1c:
2b:23:a4:81:84:db:eb:df:39:75:5e:d7:4c:e0:63:
40:d8:e6:dd:3b:ba:c3:03:90:cb:de:a0:de:7e:ed:
bc:c3:07:91:20:b7:e1:8d:05:47:ba:70:d9:25:d9:
f6:b0:bc:30:37:c4:d3:f7:aa:dc:d8:57:02:6e:7a:
7e:ca:fd:5e:5f:46:1a:d4:62:02:a3:bf:46:94:ec:
ef:d5:f6:31:7b:bc:50:8f:ac:c1:40:5b:e0:6e:e5:
98:a8:95:d0:ae:65:3f:23:62:92:7f:51:e8:f6:e6:
08:42:54:f1:8a:02:ab:d1:9e:0a:56:83:1b:78:83:
fa:d4:4b:28:63:3d:ec:34:19:d3:25:d0:6c:1c:4a:
16:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A5:02:B8:D0:FF:CA:A5:42:4B:D3:2D:F2:12:A4:FE:F1:D8:97:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70070698041C11F0AC4C5344762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.28.0/23
154.219.193.0/24
154.220.1.0/24
154.221.1.0/24
154.221.53.0-154.221.55.255
154.221.62.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:86:6a:1a:76:72:8c:52:4e:b8:95:e1:41:4d:f4:b9:8b:d4:
2a:09:d0:8c:00:d6:a5:91:8e:7b:37:54:20:b3:59:39:57:89:
30:8f:bd:14:6d:02:26:a2:3c:15:af:20:a1:4e:6c:62:93:80:
2e:57:8f:43:ec:ff:db:59:c2:7b:8a:ff:89:7a:66:4c:48:00:
b4:ec:59:ee:2e:c8:b3:1b:4f:3a:f4:58:a4:60:82:9f:fe:15:
0e:40:f6:dc:e9:c3:f4:db:ca:3b:50:90:9d:03:51:69:c5:3f:
07:ee:0a:de:4b:64:10:23:af:04:f2:ac:97:86:df:30:2a:e8:
ba:c1:c5:fe:30:50:0e:a9:21:3d:78:c8:c3:12:a7:78:86:cb:
69:ee:6a:5e:7a:d5:36:71:91:00:6e:dc:e9:30:3e:a9:0a:72:
46:f4:9a:d8:d9:7c:60:34:f1:80:a9:08:e0:e6:ba:9a:2a:54:
6d:de:aa:2f:00:d5:e9:92:43:76:77:40:94:f0:da:31:27:1d:
7b:e7:69:28:fe:6a:f6:07:3e:26:25:58:c2:69:ed:9f:79:9a:
b2:df:0d:0c:b4:61:dc:41:1e:88:c6:ba:7c:44:c4:96:db:c1:
f1:8c:2f:ef:e0:e6:06:f9:60:13:ad:23:1e:73:b5:9a:b5:9f:
c1:02:be:72
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAXTWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MTcxNDIwWhcNMjUwNTA1MTcxNDIwWjAYMRYw
FAYDVQQDEw02N2Q5YTllZi0zM2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA40p3P3MWuZE7P0HIFV7aGQqqJo8aBISdooioy9arh2SNbLwXATieqm/C
kdpxPDGg0X8xGe9UgAT00HF5evbgOMHqjyZ9NhBd8UHHnWaBAz9RSXsxo3n4XTQ/
KA8mbIfgjxDx6e7gTtB5+Hsty7uh0FDYkxPKixwrI6SBhNvr3zl1XtdM4GNA2Obd
O7rDA5DL3qDefu28wweRILfhjQVHunDZJdn2sLwwN8TT96rc2FcCbnp+yv1eX0Ya
1GICo79GlOzv1fYxe7xQj6zBQFvgbuWYqJXQrmU/I2KSf1Ho9uYIQlTxigKr0Z4K
VoMbeIP61EsoYz3sNBnTJdBsHEoWHwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFOWl
ArjQ/8qlQkvTLfISpP7x2JeGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MDA3MDY5ODA0MUMxMUYwQUM0QzUzNDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBmtocAwQAmtvBAwQAmtwB
AwQAmt0BMAwDBACa3TUDBAOa3TADBAGa3T4wDQYJKoZIhvcNAQELBQADggEBANWG
ahp2coxSTriV4UFN9LmL1CoJ0IwA1qWRjns3VCCzWTlXiTCPvRRtAiaiPBWvIKFO
bGKTgC5Xj0Ps/9tZwnuK/4l6ZkxIALTsWe4uyLMbTzr0WKRggp/+FQ5A9tzpw/Tb
yjtQkJ0DUWnFPwfuCt5LZBAjrwTyrJeG3zAq6LrBxf4wUA6pIT14yMMSp3iGy2nu
al561TZxkQBu3OkwPqkKckb0mtjZfGA08YCpCODmupoqVG3eqi8A1emSQ3Z3QJTw
2jEnHXvnaSj+avYHPiYlWMJp7Z95mrLfDQy0YdxBHojGunxExJbbwfGML+/g5gb5
YBOtIx5ztZq1n8ECvnI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:38:58 2025 by rpki-client