Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8AA8F6B8F66711EFB17C5EA1762E951A.roa
File: 8AA8F6B8F66711EFB17C5EA1762E951A.roa (raw, json)
Hash identifier: 1jF9iIIGY5d9OzrAM/M/AtyNVCgfjuySB9eLS0NTb+I=
Subject key identifier: 37:17:AD:5B:22:DF:2A:85:DA:88:01:C2:F2:82:CB:6D:B7:84:58:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D3C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8AA8F6B8F66711EFB17C5EA1762E951A.roa
Signing time: Sat 01 Mar 2025 06:36:44 +0000
ROA not before: Sat 01 Mar 2025 06:36:40 +0000
ROA not after: Sun 20 Feb 2028 06:36:40 +0000
asID: 17561
IP address blocks: 154.86.73.0/24 maxlen: 24
154.86.74.0/24 maxlen: 24
154.86.75.0/24 maxlen: 24
154.86.76.0/24 maxlen: 24
154.86.77.0/24 maxlen: 24
154.86.78.0/24 maxlen: 24
154.86.79.0/24 maxlen: 24
154.86.80.0/24 maxlen: 24
154.86.81.0/24 maxlen: 24
154.86.82.0/24 maxlen: 24
154.86.83.0/24 maxlen: 24
154.86.84.0/24 maxlen: 24
154.86.85.0/24 maxlen: 24
154.86.86.0/24 maxlen: 24
154.86.87.0/24 maxlen: 24
154.86.88.0/24 maxlen: 24
154.86.89.0/24 maxlen: 24
154.86.90.0/24 maxlen: 24
154.86.91.0/24 maxlen: 24
154.86.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93500 (0x16d3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 06:36:40 2025 GMT
Not After : Feb 20 06:36:40 2028 GMT
Subject: CN=67c2aafc-1932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b3:3a:ac:88:7d:ab:43:29:62:18:ff:a6:4a:
8d:d0:42:59:62:9e:8b:c1:2d:d0:25:f4:1a:f4:2c:
da:e5:ff:4e:7a:fb:aa:40:54:69:c6:1a:d6:a7:58:
57:92:3b:d0:46:e8:c3:be:56:bd:3b:7b:7a:47:43:
c4:9a:8f:2f:87:11:45:49:4f:ac:08:f5:f4:b2:27:
14:f0:2d:42:9a:fc:ec:c4:29:4c:68:96:52:d5:de:
d7:86:4e:12:ba:56:8d:2a:9e:92:e9:f8:2b:c1:7b:
58:4b:85:67:aa:ed:ee:b5:c4:bd:6e:4b:35:41:46:
56:05:b1:be:a1:32:86:49:40:df:ae:be:0e:54:c0:
aa:f9:95:4b:8c:c7:8a:2c:23:71:2b:88:f1:a5:c0:
19:76:0a:11:0f:56:6d:17:a8:b9:ae:80:89:f6:2c:
34:7a:d7:f9:88:b3:d7:c9:e9:e1:52:89:2b:8c:3a:
37:12:c4:9b:79:18:a9:b4:a4:e5:44:f0:f8:9c:06:
37:4d:9f:b1:5c:db:bd:4f:85:1a:0e:ae:3e:de:21:
92:fd:d1:dd:b8:07:29:e7:dc:44:c8:bd:21:0b:f3:
92:83:e2:51:bd:c3:63:08:b3:7d:12:ea:f5:51:73:
e9:22:0c:14:1a:c1:07:25:e3:c0:27:a4:e4:35:9f:
11:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:17:AD:5B:22:DF:2A:85:DA:88:01:C2:F2:82:CB:6D:B7:84:58:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8AA8F6B8F66711EFB17C5EA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.73.0-154.86.92.255
Signature Algorithm: sha256WithRSAEncryption
d5:4a:59:9a:42:d7:96:bd:1e:8e:22:b1:4f:03:54:c9:05:5f:
58:54:aa:bc:da:32:25:fb:85:63:f8:72:bd:24:13:43:fe:7f:
5c:65:c9:45:d8:a3:a7:cc:af:a7:3a:f8:2e:d4:39:f0:26:90:
6f:b7:77:54:56:dd:94:ea:42:4d:45:c2:cc:7f:bb:05:5e:8e:
6c:e9:63:06:26:c1:3c:10:6d:6f:a6:1e:a0:55:dc:00:be:64:
f5:9d:fc:7c:b3:36:7c:bd:6b:63:9f:de:e2:37:6f:78:e6:a0:
3e:c6:19:fe:e1:d5:b5:f5:97:be:78:e3:ce:37:54:e9:6f:19:
6e:c1:f4:4d:e8:86:77:35:7d:67:0e:11:b3:26:c7:8c:d3:a4:
cb:d1:fd:d6:af:d4:49:25:11:10:99:46:1f:38:db:01:ae:54:
78:e1:17:cf:24:2d:b3:36:40:ff:df:6a:13:95:49:35:bd:92:
bf:1b:86:59:ad:da:68:25:d6:f5:c5:64:51:47:f3:f8:d7:58:
c7:8d:fd:d7:e8:1c:2c:43:07:98:15:28:1e:bc:f0:ea:30:3f:
5a:ea:1d:96:c5:90:1d:f5:eb:0c:13:8a:77:57:35:be:b7:45:
f1:52:f4:92:36:78:35:db:54:2a:f4:ae:5f:86:27:90:04:ee:
64:9c:48:74
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAW08MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDYzNjQwWhcNMjgwMjIwMDYzNjQwWjAYMRYw
FAYDVQQDEw02N2MyYWFmYy0xOTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzbM6rIh9q0MpYhj/pkqN0EJZYp6LwS3QJfQa9Cza5f9OevuqQFRpxhrW
p1hXkjvQRujDvla9O3t6R0PEmo8vhxFFSU+sCPX0sicU8C1CmvzsxClMaJZS1d7X
hk4SulaNKp6S6fgrwXtYS4Vnqu3utcS9bks1QUZWBbG+oTKGSUDfrr4OVMCq+ZVL
jMeKLCNxK4jxpcAZdgoRD1ZtF6i5roCJ9iw0etf5iLPXyenhUokrjDo3EsSbeRip
tKTlRPD4nAY3TZ+xXNu9T4UaDq4+3iGS/dHduAcp59xEyL0hC/OSg+JRvcNjCLN9
Eur1UXPpIgwUGsEHJePAJ6TkNZ8REQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFDcX
rVsi3yqF2ogBwvKCy223hFg/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QUE4RjZCOEY2NjcxMUVGQjE3QzVFQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaVkkDBACaVlwwDQYJ
KoZIhvcNAQELBQADggEBANVKWZpC15a9Ho4isU8DVMkFX1hUqrzaMiX7hWP4cr0k
E0P+f1xlyUXYo6fMr6c6+C7UOfAmkG+3d1RW3ZTqQk1Fwsx/uwVejmzpYwYmwTwQ
bW+mHqBV3AC+ZPWd/HyzNny9a2Of3uI3b3jmoD7GGf7h1bX1l7544843VOlvGW7B
9E3ohnc1fWcOEbMmx4zTpMvR/dav1EklERCZRh842wGuVHjhF88kLbM2QP/fahOV
STW9kr8bhlmt2mgl1vXFZFFH8/jXWMeN/dfoHCxDB5gVKB688OowP1rqHZbFkB31
6wwTindXNb63RfFS9JI2eDXbVCr0rl+GJ5AE7mScSHQ=
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:42:30 2025 by rpki-client