Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D45641C407011F0B6E2B5D6DAE4EC9C.roa
File: 8D45641C407011F0B6E2B5D6DAE4EC9C.roa (raw, json)
Hash identifier: kZXPi80j51A5IUmnPLYf8POqqUjHJytwFbHFpFdL9wQ=
Subject key identifier: A0:70:27:C9:5F:87:F3:B4:F5:F1:D7:F9:A2:0A:3C:C3:65:7B:21:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01846B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D45641C407011F0B6E2B5D6DAE4EC9C.roa
Signing time: Tue 03 Jun 2025 11:47:41 +0000
ROA not before: Tue 03 Jun 2025 11:47:34 +0000
ROA not after: Tue 15 Jul 2025 11:47:34 +0000
asID: 138915
IP address blocks: 154.205.128.0/24 maxlen: 24
154.205.129.0/24 maxlen: 24
154.205.130.0/24 maxlen: 24
154.205.131.0/24 maxlen: 24
154.205.132.0/24 maxlen: 24
154.205.133.0/24 maxlen: 24
154.205.134.0/24 maxlen: 24
154.205.135.0/24 maxlen: 24
154.205.136.0/23 maxlen: 24
154.205.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99435 (0x1846b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 3 11:47:34 2025 GMT
Not After : Jul 15 11:47:34 2025 GMT
Subject: CN=683ee0dc-a133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bf:8a:01:b7:53:c1:33:43:63:6a:4b:30:25:
ba:2a:e4:8f:06:67:20:44:48:27:12:bd:bc:7c:0b:
ad:59:16:ac:f3:e5:93:2a:45:c4:24:9a:b2:58:be:
25:b0:e1:4b:6f:7b:08:e3:52:95:47:b6:3c:c6:67:
ea:72:5b:9b:d0:ee:e4:2a:58:30:8c:91:1f:11:ac:
01:fb:ea:66:c6:fa:06:e9:81:72:01:5b:72:0c:d8:
d3:51:60:03:dc:a6:ff:e6:46:46:10:17:b6:5a:50:
22:a5:6c:8b:92:b5:04:2f:46:ea:b0:e7:e4:82:ce:
12:5d:4a:62:c9:6d:f0:3f:f7:3f:15:24:03:f9:93:
ac:10:67:77:91:4b:b3:1b:63:a6:aa:da:c7:65:d7:
85:aa:b6:e5:2f:13:f1:79:ed:85:95:16:de:d4:79:
cb:b2:60:ae:e3:85:12:10:a8:b4:48:cd:09:78:92:
9d:cd:bb:48:bb:6f:89:69:b6:18:01:57:94:2a:e7:
75:6e:4b:27:54:15:04:ab:7d:c4:91:cf:76:63:8f:
d9:ba:ff:11:5f:cb:11:9e:f3:b6:0c:1c:e4:ea:09:
e7:25:c7:2b:06:b5:7f:25:33:54:5a:d0:94:f8:04:
61:da:18:76:d0:a4:c1:83:ca:79:75:c6:cd:0f:4d:
e1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:70:27:C9:5F:87:F3:B4:F5:F1:D7:F9:A2:0A:3C:C3:65:7B:21:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D45641C407011F0B6E2B5D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.128.0-154.205.138.255
Signature Algorithm: sha256WithRSAEncryption
41:c2:a5:85:ed:82:4a:9a:3a:8b:c0:6d:a3:9c:5c:59:79:3f:
0f:af:7f:ff:78:42:a9:2e:0c:9f:b3:89:ed:8d:d7:94:6c:20:
81:0a:d6:8a:62:ac:7e:2f:84:bf:7b:63:35:6b:d2:4d:e2:56:
52:37:d7:3c:ba:2a:d7:35:78:02:42:e8:4a:05:39:29:ff:ce:
fd:41:a7:26:8a:d7:48:e6:1e:39:cd:3d:89:52:8c:a9:50:48:
3b:ca:64:e8:2b:01:56:07:d1:77:0c:b0:f9:e2:c9:47:8b:07:
eb:9d:aa:b3:db:1d:32:0d:4a:b2:9e:f0:bf:ed:d2:3d:0f:4f:
9d:bb:56:37:63:73:a5:1e:fd:34:d9:3d:68:b8:8e:76:7a:be:
02:ae:0d:5f:9d:a0:f3:93:7d:5c:d4:e5:e9:e1:b3:8b:0c:70:
ff:49:20:f5:46:65:58:bb:2f:06:94:5f:c8:2e:80:0f:33:fc:
50:11:58:b0:21:c7:0d:43:a0:82:fc:2d:42:6b:b8:1d:1b:58:
21:7a:45:1a:6c:2b:4a:a9:60:2a:f2:a0:f0:74:e0:e2:c4:31:
34:a7:c7:ba:5e:7b:55:7a:76:eb:d5:77:5f:1b:be:c9:03:97:
94:53:9f:ab:f3:45:cf:06:03:fe:13:fd:85:c3:84:d3:15:39:
90:08:e0:ec
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYRrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAzMTE0NzM0WhcNMjUwNzE1MTE0NzM0WjAYMRYw
FAYDVQQDEw02ODNlZTBkYy1hMTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzL+KAbdTwTNDY2pLMCW6KuSPBmcgREgnEr28fAutWRas8+WTKkXEJJqy
WL4lsOFLb3sI41KVR7Y8xmfqclub0O7kKlgwjJEfEawB++pmxvoG6YFyAVtyDNjT
UWAD3Kb/5kZGEBe2WlAipWyLkrUEL0bqsOfkgs4SXUpiyW3wP/c/FSQD+ZOsEGd3
kUuzG2OmqtrHZdeFqrblLxPxee2FlRbe1HnLsmCu44USEKi0SM0JeJKdzbtIu2+J
abYYAVeUKud1bksnVBUEq33Ekc92Y4/Zuv8RX8sRnvO2DBzk6gnnJccrBrV/JTNU
WtCU+ARh2hh20KTBg8p5dcbND03hZQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKBw
J8lfh/O09fHX+aIKPMNleyGrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RDQ1NjQxQzQwNzAxMUYwQjZFMkI1RDZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAeazYADBACazYowDQYJ
KoZIhvcNAQELBQADggEBAEHCpYXtgkqaOovAbaOcXFl5Pw+vf/94QqkuDJ+zie2N
15RsIIEK1opirH4vhL97YzVr0k3iVlI31zy6Ktc1eAJC6EoFOSn/zv1BpyaK10jm
HjnNPYlSjKlQSDvKZOgrAVYH0XcMsPniyUeLB+udqrPbHTINSrKe8L/t0j0PT527
Vjdjc6Ue/TTZPWi4jnZ6vgKuDV+doPOTfVzU5enhs4sMcP9JIPVGZVi7LwaUX8gu
gA8z/FARWLAhxw1DoIL8LUJruB0bWCF6RRpsK0qpYCryoPB04OLEMTSnx7pee1V6
duvVd18bvskDl5RTn6vzRc8GA/4T/YXDhNMVOZAI4Ow=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:37:06 2025 by rpki-client