Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A34D1E4203FF11F0BC050C94762E951A.roa
File: A34D1E4203FF11F0BC050C94762E951A.roa (raw, json)
Hash identifier: U1/BwYA/dK2mLM+jcFfh5R9s521vcj7dX+xO2xj0lZQ=
Subject key identifier: CA:71:B7:8A:98:39:A6:97:4B:1C:C7:59:B7:F1:6A:D6:E4:DD:EB:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01749C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A34D1E4203FF11F0BC050C94762E951A.roa
Signing time: Tue 18 Mar 2025 13:48:14 +0000
ROA not before: Tue 18 Mar 2025 13:48:10 +0000
ROA not after: Wed 30 Apr 2025 13:48:10 +0000
asID: 62240
IP address blocks: 154.194.33.0/24 maxlen: 24
154.194.119.0/24 maxlen: 24
154.194.120.0/24 maxlen: 24
154.194.121.0/24 maxlen: 24
154.194.122.0/24 maxlen: 24
154.194.123.0/24 maxlen: 24
154.194.124.0/24 maxlen: 24
154.194.125.0/24 maxlen: 24
154.194.126.0/24 maxlen: 24
154.194.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 00:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95388 (0x1749c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 18 13:48:10 2025 GMT
Not After : Apr 30 13:48:10 2025 GMT
Subject: CN=67d9799e-563e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:54:b9:b1:95:d5:b4:27:35:bd:4f:1e:7a:
b6:a5:08:84:29:5d:66:06:d9:7b:f9:6a:1e:09:58:
b4:07:3b:e2:4f:d8:81:fd:3f:8f:64:ae:e4:ea:0f:
fd:33:45:eb:06:78:ec:04:fb:07:af:95:73:41:17:
8d:51:51:b2:3c:68:fa:b4:27:94:c8:3d:58:b2:2e:
38:03:a2:58:e8:e8:f6:d4:a0:3c:d3:25:14:e2:4a:
68:30:be:5d:e1:2b:9f:d7:29:4f:dd:d8:a8:61:05:
51:b8:13:e9:27:8e:bc:90:a7:3e:be:32:0a:db:bc:
6a:fd:6f:14:69:79:49:0b:ac:19:99:b9:33:2b:bd:
70:b2:7b:96:37:47:cd:c3:8e:48:65:59:26:19:78:
b8:98:db:0a:7e:f7:3a:0d:fe:9a:fd:ae:e6:11:7c:
82:97:5a:f2:72:df:aa:f8:b7:44:58:be:c9:3d:1b:
68:40:9c:c0:5e:d3:34:58:0a:d6:18:26:56:7d:b3:
fb:b4:bf:5d:c3:06:57:ec:6c:57:65:9c:d9:fe:cd:
71:23:43:da:84:e8:ae:ea:08:8a:1f:97:9d:de:c4:
92:17:ff:9a:b4:37:e7:b1:6e:95:b5:a3:ba:67:9d:
1c:76:ef:23:3b:96:e2:84:ff:ca:ae:b6:11:2d:33:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:71:B7:8A:98:39:A6:97:4B:1C:C7:59:B7:F1:6A:D6:E4:DD:EB:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A34D1E4203FF11F0BC050C94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.33.0/24
154.194.119.0-154.194.127.255
Signature Algorithm: sha256WithRSAEncryption
7b:2d:6a:4b:2e:16:8f:92:36:7f:04:bb:d5:94:4c:7c:e5:a2:
da:8a:ee:00:3c:c2:57:8f:06:3c:19:82:5e:c2:36:66:ba:a2:
ef:57:bc:6e:71:2a:40:cc:dd:ea:be:b4:fc:7a:8f:b7:9f:fd:
7f:9e:cb:71:68:bc:54:58:1b:ab:ff:18:cf:43:b4:8c:a0:2a:
c3:44:5e:e6:ca:5e:7f:03:ec:c1:86:3c:fc:d4:f3:d9:6d:1c:
ce:e6:b7:8c:1a:fa:10:52:7b:17:48:ca:93:58:31:4c:8f:e0:
0c:95:ce:b3:a9:93:77:30:d2:57:6f:73:1b:28:91:a4:17:bb:
65:6f:9a:0d:ee:15:c4:1c:a6:55:7b:29:3f:bf:7c:ca:9a:38:
25:87:f9:70:53:6a:52:24:4e:94:e1:85:fc:cb:e2:70:32:17:
e5:fb:86:f7:aa:9a:f1:0d:be:b9:aa:4b:be:7c:67:f6:20:97:
ad:60:b5:45:7e:82:f4:ea:53:39:c9:16:d9:e0:73:d1:35:06:
10:9c:2f:57:63:11:46:64:5f:76:99:87:8d:2c:f8:30:dc:84:
2e:b8:71:89:89:2c:c8:47:c3:bd:55:4a:d8:67:74:20:06:b3:
fb:08:35:ce:b3:ed:98:88:ac:1a:36:f9:f8:9a:40:a1:03:fe:
3f:f1:7a:0e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXScMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MTM0ODEwWhcNMjUwNDMwMTM0ODEwWjAYMRYw
FAYDVQQDEw02N2Q5Nzk5ZS01NjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu3VUubGV1bQnNb1PHnq2pQiEKV1mBtl7+WoeCVi0BzviT9iB/T+PZK7k
6g/9M0XrBnjsBPsHr5VzQReNUVGyPGj6tCeUyD1Ysi44A6JY6Oj21KA80yUU4kpo
ML5d4Suf1ylP3dioYQVRuBPpJ468kKc+vjIK27xq/W8UaXlJC6wZmbkzK71wsnuW
N0fNw45IZVkmGXi4mNsKfvc6Df6a/a7mEXyCl1ryct+q+LdEWL7JPRtoQJzAXtM0
WArWGCZWfbP7tL9dwwZX7GxXZZzZ/s1xI0PahOiu6giKH5ed3sSSF/+atDfnsW6V
taO6Z50cdu8jO5bihP/KrrYRLTPPpQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMpx
t4qYOaaXSxzHWbfxatbk3etBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzREMUU0MjAzRkYxMUYwQkMwNTBDOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAmsIhMAwDBACawncDBAea
wgAwDQYJKoZIhvcNAQELBQADggEBAHstaksuFo+SNn8Eu9WUTHzlotqK7gA8wleP
BjwZgl7CNma6ou9XvG5xKkDM3eq+tPx6j7ef/X+ey3FovFRYG6v/GM9DtIygKsNE
XubKXn8D7MGGPPzU89ltHM7mt4wa+hBSexdIypNYMUyP4AyVzrOpk3cw0ldvcxso
kaQXu2Vvmg3uFcQcplV7KT+/fMqaOCWH+XBTalIkTpThhfzL4nAyF+X7hveqmvEN
vrmqS758Z/Ygl61gtUV+gvTqUznJFtngc9E1BhCcL1djEUZkX3aZh40s+DDchC64
cYmJLMhHw71VSthndCAGs/sINc6z7ZiIrBo2+fiaQKED/j/xeg4=
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:31:28 2025 by rpki-client