Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9F6806E04C511F0B876326B762E951A.roa
File: A9F6806E04C511F0B876326B762E951A.roa (raw, json)
Hash identifier: rzcSlvgxamXP9x5uOJk9kc+nVoeffrPgICoK3pG+ORU=
Subject key identifier: 1D:C5:E1:3B:88:C7:F0:36:C7:A0:46:B8:CD:17:FF:4D:21:76:7A:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01751C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9F6806E04C511F0B876326B762E951A.roa
Signing time: Wed 19 Mar 2025 13:25:45 +0000
ROA not before: Wed 19 Mar 2025 13:25:41 +0000
ROA not after: Wed 30 Apr 2025 13:25:41 +0000
asID: 62240
IP address blocks: 154.195.171.0/24 maxlen: 24
154.195.172.0/24 maxlen: 24
154.195.173.0/24 maxlen: 24
154.195.174.0/24 maxlen: 24
154.195.175.0/24 maxlen: 24
154.195.176.0/24 maxlen: 24
154.195.177.0/24 maxlen: 24
154.195.178.0/24 maxlen: 24
154.195.179.0/24 maxlen: 24
154.195.180.0/24 maxlen: 24
154.195.181.0/24 maxlen: 24
154.195.182.0/24 maxlen: 24
154.195.183.0/24 maxlen: 24
154.195.184.0/24 maxlen: 24
154.195.185.0/24 maxlen: 24
154.195.186.0/24 maxlen: 24
154.195.187.0/24 maxlen: 24
154.195.188.0/24 maxlen: 24
154.195.189.0/24 maxlen: 24
154.195.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 00:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95516 (0x1751c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 19 13:25:41 2025 GMT
Not After : Apr 30 13:25:41 2025 GMT
Subject: CN=67dac5d9-36d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:49:a8:5f:7d:d1:c8:e6:39:06:9b:60:ee:ed:
bc:89:ff:54:ac:a8:d1:b5:30:06:5d:82:ba:4c:e9:
c5:ed:31:89:d1:7f:71:c6:cf:b3:c7:64:0b:1b:51:
0c:68:e4:9a:1f:55:da:f7:91:26:4a:e5:2c:36:01:
4c:12:37:50:26:8a:d2:67:87:d4:07:ba:2e:01:c0:
29:dd:d6:d0:f4:96:4c:b1:9f:62:6a:1f:7d:52:d3:
9b:01:1b:8a:33:8f:21:96:70:b7:b1:d9:ec:6c:7e:
6d:c2:8f:ad:fd:21:5b:99:d3:3d:8f:12:bc:2d:2e:
b2:4e:21:f3:f4:af:b3:a6:85:fe:30:2f:79:aa:3f:
00:79:68:92:70:5e:cf:c6:8e:8a:e1:66:a6:89:ac:
42:20:70:54:75:da:61:21:9b:76:dd:c5:ca:5d:6b:
2c:31:34:69:1f:bb:75:c2:16:6c:10:62:e6:a4:f1:
62:64:09:2d:66:69:1c:a1:30:3c:0b:1a:85:89:96:
e4:05:23:18:fb:cb:8f:1b:30:af:82:8e:49:15:e1:
e5:21:e5:39:cd:05:c4:e9:97:11:33:1e:cc:f3:5f:
1b:76:a4:44:e7:bb:25:77:30:58:ef:a2:a3:23:23:
2a:0e:b4:93:1a:35:4d:43:25:71:5b:11:84:e7:0f:
09:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C5:E1:3B:88:C7:F0:36:C7:A0:46:B8:CD:17:FF:4D:21:76:7A:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9F6806E04C511F0B876326B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.171.0-154.195.190.255
Signature Algorithm: sha256WithRSAEncryption
2e:53:fa:e8:b7:02:56:62:d9:13:a0:ee:29:22:3d:46:a9:e7:
5c:d0:be:4f:26:cf:e6:a4:48:2c:a5:9a:9c:98:36:58:7a:01:
33:7d:ed:c2:26:d9:db:df:c5:88:41:ee:7c:d9:88:03:8b:b2:
99:68:47:da:28:2a:ed:1e:80:7f:22:0b:8a:db:0b:2f:a4:1d:
ea:dc:12:df:82:40:bd:c5:15:1d:bc:f4:cd:f3:0f:bb:e2:3b:
42:bd:2b:9a:ed:ad:54:d1:28:a9:a9:84:7a:09:72:ca:60:d2:
3f:45:68:c6:d7:97:cd:f1:e9:c5:02:83:b3:e8:a4:dd:9a:33:
a3:e9:9b:87:51:a6:7c:1f:13:70:e1:ec:6d:ce:55:3d:dd:aa:
95:fe:88:66:3b:0e:01:93:3e:09:c0:98:4e:67:fa:78:5b:56:
99:9b:7a:d2:23:d6:a0:68:7d:a1:4a:9e:da:6f:f0:ad:c3:02:
0e:df:85:3c:e4:76:4c:84:5f:86:55:eb:80:83:70:b7:2c:bb:
bb:33:2b:1f:8d:bf:9e:8b:93:de:0c:8f:cc:a3:8d:ef:77:f4:
01:15:e9:63:37:70:9f:12:64:4d:6a:24:78:95:9b:37:5b:f8:
e3:d6:52:35:f9:72:5e:3f:c2:f1:f2:90:bb:f2:21:0b:c8:4d:
9d:05:dc:97
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXUcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTMyNTQxWhcNMjUwNDMwMTMyNTQxWjAYMRYw
FAYDVQQDEw02N2RhYzVkOS0zNmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqEmoX33RyOY5Bptg7u28if9UrKjRtTAGXYK6TOnF7TGJ0X9xxs+zx2QL
G1EMaOSaH1Xa95EmSuUsNgFMEjdQJorSZ4fUB7ouAcAp3dbQ9JZMsZ9iah99UtOb
ARuKM48hlnC3sdnsbH5two+t/SFbmdM9jxK8LS6yTiHz9K+zpoX+MC95qj8AeWiS
cF7Pxo6K4WamiaxCIHBUddphIZt23cXKXWssMTRpH7t1whZsEGLmpPFiZAktZmkc
oTA8CxqFiZbkBSMY+8uPGzCvgo5JFeHlIeU5zQXE6ZcRMx7M818bdqRE57sldzBY
76KjIyMqDrSTGjVNQyVxWxGE5w8JYQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFB3F
4TuIx/A2x6BGuM0X/00hdnowMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOUY2ODA2RTA0QzUxMUYwQjg3NjMyNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaw6sDBACaw74wDQYJ
KoZIhvcNAQELBQADggEBAC5T+ui3AlZi2ROg7ikiPUap51zQvk8mz+akSCylmpyY
Nlh6ATN97cIm2dvfxYhB7nzZiAOLsploR9ooKu0egH8iC4rbCy+kHercEt+CQL3F
FR289M3zD7viO0K9K5rtrVTRKKmphHoJcspg0j9FaMbXl83x6cUCg7PopN2aM6Pp
m4dRpnwfE3Dh7G3OVT3dqpX+iGY7DgGTPgnAmE5n+nhbVpmbetIj1qBofaFKntpv
8K3DAg7fhTzkdkyEX4ZV64CDcLcsu7szKx+Nv56Lk94Mj8yjje939AEV6WM3cJ8S
ZE1qJHiVmzdb+OPWUjX5cl4/wvHykLvyIQvITZ0F3Jc=
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:32:28 2025 by rpki-client