Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B66C54DE0CBA11F08074348C762E951A.roa
File: B66C54DE0CBA11F08074348C762E951A.roa (raw, json)
Hash identifier: 575Xoz6jLn5BlxzXBL0ssaFNsNU+5tUe3pa9/m81zyk=
Subject key identifier: 6F:B0:F9:70:6F:A3:38:1C:F6:31:FC:B7:78:DF:B3:91:FC:62:7A:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B66C54DE0CBA11F08074348C762E951A.roa
Signing time: Sat 29 Mar 2025 16:27:31 +0000
ROA not before: Sat 29 Mar 2025 16:27:27 +0000
ROA not after: Sat 04 Apr 2026 16:27:27 +0000
asID: 132839
IP address blocks: 154.203.80.0/21 maxlen: 24
154.203.88.0/23 maxlen: 24
154.203.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95938 (0x176c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 16:27:27 2025 GMT
Not After : Apr 4 16:27:27 2026 GMT
Subject: CN=67e81f73-3bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2e:c1:cc:d3:fc:d2:a9:16:30:b0:1e:97:2a:
00:fd:2f:44:5c:c3:0e:be:21:93:2c:97:77:7e:ce:
40:d8:30:be:ad:50:77:d7:d4:19:dd:58:ca:90:c3:
95:93:02:21:1b:00:aa:38:25:8f:9c:01:22:d2:b3:
22:9a:7e:93:4b:c4:90:c5:2d:de:62:71:68:fc:32:
64:97:a6:42:87:74:a5:4e:78:fd:49:a9:de:10:97:
a0:68:b6:b2:18:0d:45:4e:91:aa:82:1d:1c:12:eb:
7a:a8:f8:a6:de:6f:df:ae:dc:e7:75:18:a2:57:1b:
74:f9:d0:4f:c3:5f:d8:a5:fc:e8:7b:4d:c1:f2:27:
74:66:9b:bc:da:8c:0b:5e:42:23:51:f5:90:07:c5:
2f:61:2d:6c:de:7d:e6:6c:7d:9b:87:f5:ee:62:e3:
02:eb:4c:ac:da:bb:0b:a4:7a:df:42:7d:70:82:d4:
a6:fc:c1:3c:5b:c0:a8:67:72:e3:cb:ba:1d:ca:75:
e3:63:c7:af:c6:06:10:dc:39:5c:5a:6f:e0:c6:4e:
91:53:49:d5:f4:35:cd:04:07:e5:70:73:6e:1d:e6:
4c:53:4c:1c:1a:54:53:6d:bb:52:98:a3:26:64:3a:
0a:b9:93:37:da:1f:9e:66:a3:57:98:5f:9a:9b:af:
ba:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B0:F9:70:6F:A3:38:1C:F6:31:FC:B7:78:DF:B3:91:FC:62:7A:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B66C54DE0CBA11F08074348C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.80.0-154.203.90.255
Signature Algorithm: sha256WithRSAEncryption
54:67:f5:6d:2c:b5:12:85:c5:22:50:d0:95:94:c2:4c:74:18:
98:56:31:32:c2:2b:c7:5d:6b:e4:a5:53:6b:42:88:4d:38:4b:
a9:4f:41:41:aa:70:d3:25:c7:2d:73:d4:32:32:2a:26:0c:c3:
f1:5e:1a:67:b5:ff:39:8d:b9:3c:62:22:79:3b:ec:4d:6a:75:
9e:34:00:00:d4:7c:7f:cd:23:26:62:8b:b4:7f:01:4b:7f:a2:
aa:ed:4e:73:f6:f6:28:01:79:d4:06:34:c7:7d:e9:42:b4:8f:
48:4b:0b:71:88:e4:ec:df:c8:ff:84:7f:50:88:60:81:34:e8:
b8:b5:fd:ba:2c:06:fc:86:76:83:36:6c:39:37:07:51:30:23:
13:fb:8d:0b:c1:0a:ad:fd:d8:00:3b:88:71:05:d6:78:a7:cf:
1e:52:be:b0:c9:5f:8f:84:5d:c1:2e:f1:cd:fe:ad:cb:17:d8:
83:20:11:dd:9f:32:41:33:6e:3e:3d:44:a5:a0:4c:b3:09:4d:
f3:6f:78:21:cb:8f:72:f8:f9:98:7e:c2:5b:c9:3a:3f:39:12:
b0:92:2a:4d:e6:b4:9f:d9:6c:75:31:a4:3f:bc:f5:c3:57:51:
e0:ce:87:4f:44:64:9b:95:79:b3:e6:b3:30:0d:c8:16:b4:30:
ea:fc:1c:5b
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXbCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTYyNzI3WhcNMjYwNDA0MTYyNzI3WjAYMRYw
FAYDVQQDEw02N2U4MWY3My0zYmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsS7BzNP80qkWMLAelyoA/S9EXMMOviGTLJd3fs5A2DC+rVB319QZ3VjK
kMOVkwIhGwCqOCWPnAEi0rMimn6TS8SQxS3eYnFo/DJkl6ZCh3SlTnj9SaneEJeg
aLayGA1FTpGqgh0cEut6qPim3m/frtzndRiiVxt0+dBPw1/Ypfzoe03B8id0Zpu8
2owLXkIjUfWQB8UvYS1s3n3mbH2bh/XuYuMC60ys2rsLpHrfQn1wgtSm/ME8W8Co
Z3Ljy7odynXjY8evxgYQ3DlcWm/gxk6RU0nV9DXNBAflcHNuHeZMU0wcGlRTbbtS
mKMmZDoKuZM32h+eZqNXmF+am6+6CQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFG+w
+XBvozgc9jH8t3jfs5H8YnqBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNjZDNTRERTBDQkExMUYwODA3NDM0OEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASay1ADBACay1owDQYJ
KoZIhvcNAQELBQADggEBAFRn9W0stRKFxSJQ0JWUwkx0GJhWMTLCK8dda+SlU2tC
iE04S6lPQUGqcNMlxy1z1DIyKiYMw/FeGme1/zmNuTxiInk77E1qdZ40AADUfH/N
IyZii7R/AUt/oqrtTnP29igBedQGNMd96UK0j0hLC3GI5OzfyP+Ef1CIYIE06Li1
/bosBvyGdoM2bDk3B1EwIxP7jQvBCq392AA7iHEF1ninzx5SvrDJX4+EXcEu8c3+
rcsX2IMgEd2fMkEzbj49RKWgTLMJTfNveCHLj3L4+Zh+wlvJOj85ErCSKk3mtJ/Z
bHUxpD+89cNXUeDOh09EZJuVebPmszANyBa0MOr8HFs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:26:44 2025 by rpki-client