Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5AA9EF40FA111F0831FBBB3762E951A.roa
File: B5AA9EF40FA111F0831FBBB3762E951A.roa (raw, json)
Hash identifier: jPuJmaHTZ3x9mx8FowrRwzrKF3WVPXipOrpB6WVW/gY=
Subject key identifier: 8A:E4:0B:D8:62:49:A6:EB:08:37:7D:15:81:B8:77:DE:A9:AA:F2:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017742
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5AA9EF40FA111F0831FBBB3762E951A.roa
Signing time: Wed 02 Apr 2025 09:06:06 +0000
ROA not before: Wed 02 Apr 2025 09:06:02 +0000
ROA not after: Fri 09 May 2025 09:06:02 +0000
asID: 139646
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.214.32.0/19 maxlen: 24
154.215.0.0/24 maxlen: 24
154.216.128.0/18 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96066 (0x17742)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Apr 2 09:06:02 2025 GMT
Not After : May 9 09:06:02 2025 GMT
Subject: CN=67ecfdfe-0273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:35:08:29:3b:81:ef:f8:c6:7a:ce:a7:1f:80:
dc:81:8b:e8:b3:9a:d3:4f:58:8b:7a:b6:06:83:b6:
e3:81:56:85:65:eb:92:f6:e2:3f:8e:f9:06:b6:54:
d6:18:df:4b:01:9d:55:5b:8d:43:7a:fa:2c:a7:a0:
3b:b9:c4:ee:19:fa:da:28:98:a1:0c:80:b5:8c:4a:
e3:bc:ab:88:7f:f3:a8:d2:6b:6a:e5:c8:c4:9b:da:
e8:a1:92:36:8a:77:dc:12:20:a2:93:b9:8c:6c:99:
38:38:54:0b:e2:59:94:ef:06:41:52:9d:54:60:bc:
0e:8a:5e:38:24:c6:f5:ea:31:e0:ff:21:83:11:f4:
f3:fd:fd:69:bc:18:aa:b6:c7:82:ed:f2:37:77:87:
f4:01:a9:ea:87:69:13:7c:d1:0d:45:eb:9c:4b:0f:
19:df:aa:60:1a:74:44:1b:ce:2f:64:97:45:e3:f6:
5e:dc:6e:8d:95:50:90:c5:e7:e8:68:10:17:41:43:
18:51:33:1e:b7:eb:9a:72:a3:de:de:be:95:13:89:
ad:e8:9a:2f:f5:04:1b:01:d8:e6:6b:78:af:d6:9d:
44:5e:ce:54:cd:47:dd:d0:06:35:8e:eb:11:d5:83:
35:35:5b:10:ce:ab:26:c6:53:ec:50:ca:be:be:02:
67:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E4:0B:D8:62:49:A6:EB:08:37:7D:15:81:B8:77:DE:A9:AA:F2:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5AA9EF40FA111F0831FBBB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.214.32.0/19
154.215.0.0/24
154.216.128.0/18
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
05:f0:a7:f8:1d:56:25:ad:a3:4b:b0:ad:e3:cb:26:08:e3:08:
4d:61:d6:c7:0e:c6:90:b0:be:58:f4:1b:c8:5d:12:36:5f:b0:
ba:cf:46:62:2b:0b:ea:4c:ee:e6:fd:3a:b6:fe:fa:85:17:08:
9f:8c:e0:4f:9d:83:5c:21:57:5c:22:97:f2:99:90:c5:6e:06:
4c:79:4c:3d:d1:52:65:59:db:7a:18:48:1d:c2:86:96:d2:0a:
0c:3b:0f:42:03:1c:ed:0b:2d:a9:28:ad:ed:08:13:d8:94:eb:
3f:6d:b1:92:3b:92:81:d6:9a:64:35:0b:08:49:08:71:45:68:
f4:35:4a:a1:58:7e:35:09:27:38:ae:2b:75:63:10:3c:a1:8a:
55:2d:07:1d:27:0a:9f:ba:71:a6:1e:9f:48:2d:9f:27:86:ff:
05:dd:74:38:6e:a9:bf:31:a6:fa:c8:47:f8:15:a4:18:89:52:
c0:14:17:93:fc:cf:ee:b5:bb:2e:4e:b4:fc:0d:03:88:01:b5:
f4:40:d0:1e:29:94:bd:c1:5f:9f:f3:73:1c:c0:98:9f:83:54:
07:77:05:1f:57:ec:c1:35:e3:92:ff:be:0b:50:ba:1c:c9:1f:
11:e1:9e:5d:46:a5:21:29:ad:e0:eb:ce:14:0c:37:f2:dd:8b:
2b:cb:df:17
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAXdCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAyMDkwNjAyWhcNMjUwNTA5MDkwNjAyWjAYMRYw
FAYDVQQDEw02N2VjZmRmZS0wMjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7DUIKTuB7/jGes6nH4DcgYvos5rTT1iLerYGg7bjgVaFZeuS9uI/jvkG
tlTWGN9LAZ1VW41Devosp6A7ucTuGfraKJihDIC1jErjvKuIf/Oo0mtq5cjEm9ro
oZI2infcEiCik7mMbJk4OFQL4lmU7wZBUp1UYLwOil44JMb16jHg/yGDEfTz/f1p
vBiqtseC7fI3d4f0Aanqh2kTfNENReucSw8Z36pgGnREG84vZJdF4/Ze3G6NlVCQ
xefoaBAXQUMYUTMet+uacqPe3r6VE4mt6Jov9QQbAdjma3iv1p1EXs5UzUfd0AY1
jusR1YM1NVsQzqsmxlPsUMq+vgJnEQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFIrk
C9hiSabrCDd9FYG4d96pqvJkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNUFBOUVGNDBGQTExMUYwODMxRkJCQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBAWa1iADBACa1wADBAaa2IADBACa2gADBACa3QAwDQYJKoZIhvcN
AQELBQADggEBAAXwp/gdViWto0uwrePLJgjjCE1h1scOxpCwvlj0G8hdEjZfsLrP
RmIrC+pM7ub9Orb++oUXCJ+M4E+dg1whV1wil/KZkMVuBkx5TD3RUmVZ23oYSB3C
hpbSCgw7D0IDHO0LLakore0IE9iU6z9tsZI7koHWmmQ1CwhJCHFFaPQ1SqFYfjUJ
JziuK3VjEDyhilUtBx0nCp+6caYen0gtnyeG/wXddDhuqb8xpvrIR/gVpBiJUsAU
F5P8z+61uy5OtPwNA4gBtfRA0B4plL3BX5/zcxzAmJ+DVAd3BR9X7ME145L/vgtQ
uhzJHxHhnl1GpSEpreDrzhQMN/LdiyvL3xc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:20:39 2025 by rpki-client