Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F63C598095D11F0A207F871762E951A.roa
File: 9F63C598095D11F0A207F871762E951A.roa (raw, json)
Hash identifier: gO2wbiPu5yZiHodH8CUnbXlglQwT/ccSYN3C9I8uE3g=
Subject key identifier: AA:60:97:C1:4E:C7:9A:65:60:7C:1C:82:A0:91:4D:DD:99:DB:55:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017618
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F63C598095D11F0A207F871762E951A.roa
Signing time: Tue 25 Mar 2025 09:43:36 +0000
ROA not before: Tue 25 Mar 2025 09:43:32 +0000
ROA not after: Thu 24 Apr 2025 09:43:32 +0000
asID: 55020
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95768 (0x17618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 09:43:32 2025 GMT
Not After : Apr 24 09:43:32 2025 GMT
Subject: CN=67e27ac8-d8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:cf:f5:8c:13:64:59:ca:ef:f3:ff:65:96:
03:07:aa:cd:86:7b:a4:69:a8:07:5d:39:da:7a:82:
c6:b3:0d:55:f9:b3:a1:0d:5d:ea:2d:15:5c:cd:63:
09:29:89:18:db:ca:0c:44:55:33:8e:45:b9:82:b3:
8d:64:d4:b4:78:43:6a:32:ad:b7:54:6b:19:48:8b:
5a:ad:b6:8f:8c:8e:b2:2d:d8:df:b4:51:a1:f1:11:
40:74:e3:51:4d:22:82:4f:c3:c0:d7:6f:11:c4:5d:
5b:45:63:d6:51:a1:a0:21:6a:53:ef:99:9f:03:f3:
35:a1:27:48:58:69:24:d4:b4:8b:10:e4:b9:a1:d9:
b2:fc:92:d8:2e:2b:8e:fe:2c:b5:fb:cd:ae:11:83:
23:d0:5d:5d:fd:36:11:da:41:05:f2:27:30:b7:9d:
68:45:0c:d8:ff:85:ba:5c:f7:50:70:8a:da:ea:51:
d0:aa:5d:9e:d9:00:42:ab:6e:25:e4:98:ee:63:30:
70:7c:e8:44:52:71:da:04:0f:9e:81:53:bf:c7:53:
6d:dc:1d:b2:5c:19:68:38:28:5c:5c:b1:5b:03:2b:
eb:30:2e:8c:00:e9:7f:f9:51:c8:b1:01:6c:14:c0:
74:55:91:f6:d3:70:8c:b5:42:23:bf:bd:0b:84:d6:
61:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:60:97:C1:4E:C7:9A:65:60:7C:1C:82:A0:91:4D:DD:99:DB:55:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F63C598095D11F0A207F871762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
62:f0:1e:1b:a9:09:7d:90:f1:5c:ea:84:5f:ed:f8:f4:82:2d:
a0:2e:f9:70:3a:4d:1d:6e:74:38:19:0e:53:f5:78:a2:37:70:
88:74:9f:05:08:15:c3:73:85:eb:b5:29:28:5b:87:5f:a4:cf:
8a:d4:e2:8a:06:60:e3:c6:07:85:42:b3:20:60:73:d4:e0:e2:
f0:c9:9f:ce:5b:1d:35:af:ec:d8:d3:e3:07:3e:6f:18:3e:ea:
22:20:44:ca:58:d0:fc:25:1b:a0:8b:a1:f9:86:1b:fa:2b:2f:
e4:44:25:9a:9f:88:5c:f4:09:6c:4d:98:a5:1b:39:a5:35:66:
0b:8b:dc:8f:ba:b0:eb:0a:70:90:84:86:91:0b:93:e9:ab:01:
9f:0a:62:33:94:9c:0b:0a:bb:d2:c8:fa:3c:89:22:2f:24:d2:
1d:96:50:27:3e:3c:93:f6:ea:e7:db:b0:ae:e7:d9:62:f4:f1:
64:4a:b7:8f:ab:07:c8:94:01:40:99:9c:cb:da:ef:78:e4:ef:
a5:b1:a9:13:1b:7e:9b:25:47:e1:8d:b4:46:43:85:c3:42:6d:
25:eb:7c:f5:49:51:7a:60:83:fe:53:5d:45:34:45:ae:65:7e:
53:97:ca:0e:57:78:15:9b:7d:79:60:2d:1d:a7:11:60:fc:19:
92:51:54:a0
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAXYYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MDk0MzMyWhcNMjUwNDI0MDk0MzMyWjAYMRYw
FAYDVQQDEw02N2UyN2FjOC1kOGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwO3P9YwTZFnK7/P/ZZYDB6rNhnukaagHXTnaeoLGsw1V+bOhDV3qLRVc
zWMJKYkY28oMRFUzjkW5grONZNS0eENqMq23VGsZSItarbaPjI6yLdjftFGh8RFA
dONRTSKCT8PA128RxF1bRWPWUaGgIWpT75mfA/M1oSdIWGkk1LSLEOS5odmy/JLY
LiuO/iy1+82uEYMj0F1d/TYR2kEF8icwt51oRQzY/4W6XPdQcIra6lHQql2e2QBC
q24l5JjuYzBwfOhEUnHaBA+egVO/x1Nt3B2yXBloOChcXLFbAyvrMC6MAOl/+VHI
sQFsFMB0VZH203CMtUIjv70LhNZhawIDAQABo4ICuDCCArQwHQYDVR0OBBYEFKpg
l8FOx5plYHwcgqCRTd2Z21WIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RjYzQzU5ODA5NUQxMUYwQTIwN0Y4NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAYvAeG6kJfZDxXOqEX+349IItoC75
cDpNHW50OBkOU/V4ojdwiHSfBQgVw3OF67UpKFuHX6TPitTiigZg48YHhUKzIGBz
1ODi8MmfzlsdNa/s2NPjBz5vGD7qIiBEyljQ/CUboIuh+YYb+isv5EQlmp+IXPQJ
bE2YpRs5pTVmC4vcj7qw6wpwkISGkQuT6asBnwpiM5ScCwq70sj6PIkiLyTSHZZQ
Jz48k/bq59uwrufZYvTxZEq3j6sHyJQBQJmcy9rveOTvpbGpExt+myVH4Y20RkOF
w0JtJet89UlRemCD/lNdRTRFrmV+U5fKDld4FZt9eWAtHacRYPwZklFUoA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:16:08 2025 by rpki-client