Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D571D624F80111EFB478B980762E951A.roa
File: D571D624F80111EFB478B980762E951A.roa (raw, json)
Hash identifier: TApWabfcQfmJp/Z89hUxzZb8qGxnMfpoErROy7+rd0o=
Subject key identifier: DC:FD:B7:EB:B0:2F:A6:47:11:BA:16:E9:73:6A:8C:01:BA:3A:6A:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016F70
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D571D624F80111EFB478B980762E951A.roa
Signing time: Mon 03 Mar 2025 07:33:43 +0000
ROA not before: Mon 03 Mar 2025 07:33:39 +0000
ROA not after: Sat 31 May 2025 07:33:39 +0000
asID: 984
IP address blocks: 154.82.128.0/17 maxlen: 24
154.83.64.0/18 maxlen: 24
154.89.128.0/17 maxlen: 24
154.90.64.0/18 maxlen: 24
154.90.128.0/17 maxlen: 24
154.92.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94064 (0x16f70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 3 07:33:39 2025 GMT
Not After : May 31 07:33:39 2025 GMT
Subject: CN=67c55b57-b5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:35:f2:0d:92:d7:4b:a5:d5:66:2e:af:78:
40:6a:a8:66:c2:85:d9:90:9b:c6:c9:91:dc:ca:fa:
c7:4b:5f:66:70:f9:9d:87:24:10:05:3c:4d:2d:ac:
67:65:a4:b3:8f:85:62:75:37:22:f1:cc:f3:7f:06:
46:23:db:fa:96:65:d6:58:e0:3d:99:b6:3d:ce:d9:
4e:1e:c0:3f:57:5d:af:67:0d:59:8e:98:0d:94:f4:
4d:45:69:bd:8c:dc:d4:c6:85:1a:60:5c:70:b9:a7:
80:2f:6a:87:ee:d6:b3:49:b4:20:c7:20:9b:2b:a9:
6a:27:55:65:be:0c:29:2a:3f:e0:96:62:6d:11:ad:
4b:3f:f1:3a:db:c7:8e:89:48:5a:18:8d:f8:94:3e:
89:4a:31:bb:53:8d:87:5f:9d:b6:40:55:12:e1:89:
9f:cd:c7:90:82:ba:9b:bb:f4:45:38:ac:e6:69:93:
f9:f0:c3:e4:c4:af:8b:97:20:9c:74:a0:68:81:28:
d7:05:63:47:74:01:81:06:b8:03:9c:46:f7:dd:01:
cb:c5:1a:52:14:89:f5:3a:eb:97:6a:6a:1a:7c:53:
4b:09:2c:0d:00:96:81:26:ec:f3:65:49:61:95:7c:
96:65:d6:58:00:fe:eb:20:ae:27:a1:3b:e5:79:fd:
81:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FD:B7:EB:B0:2F:A6:47:11:BA:16:E9:73:6A:8C:01:BA:3A:6A:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D571D624F80111EFB478B980762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.128.0/17
154.83.64.0/18
154.89.128.0/17
154.90.64.0-154.90.255.255
154.92.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a8:ad:76:5e:a9:4a:5e:a3:68:1d:c2:bc:ce:12:58:44:b6:3d:
be:ad:a2:23:c4:aa:ee:41:1d:06:83:fd:d1:6c:16:87:c5:3a:
0d:39:a2:de:26:ae:1f:0f:7c:03:9c:97:02:62:11:eb:09:b7:
74:9d:15:f7:32:9c:3e:5d:e2:51:3f:94:72:b0:22:c9:90:cc:
69:43:18:0c:1b:09:98:ab:d9:2e:ba:7e:e1:d4:1b:c0:0d:d2:
e8:fc:b9:8b:d5:e5:14:78:72:06:bc:0e:a8:4c:42:fc:c0:fd:
46:ab:63:1a:28:9a:00:e1:df:b0:01:6d:c6:b1:e7:87:5d:f7:
49:e8:2f:ce:ee:7b:90:12:b0:4b:bf:7a:fe:e8:d0:a4:df:11:
35:6c:44:72:4c:fb:a1:ab:e0:f5:7f:55:71:0f:32:1b:58:77:
51:d6:9b:a8:11:db:fe:00:c6:fb:16:dd:62:2c:5f:da:2c:5a:
31:b4:dc:d3:7f:99:75:22:ae:82:82:1d:8d:e2:26:f5:79:3b:
1e:0a:03:70:a0:61:e2:fd:f3:75:ad:3a:47:a4:ef:19:af:1c:
29:db:8d:4e:5e:ca:87:28:26:96:ed:71:5d:04:3e:49:b4:d3:
d4:95:2c:2d:33:dd:d6:75:db:a1:ba:c1:9e:ff:d2:8f:96:3d:
a1:ca:2a:74
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIDAW9wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMDczMzM5WhcNMjUwNTMxMDczMzM5WjAYMRYw
FAYDVQQDEw02N2M1NWI1Ny1iNWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwHw18g2S10ul1WYur3hAaqhmwoXZkJvGyZHcyvrHS19mcPmdhyQQBTxN
LaxnZaSzj4VidTci8czzfwZGI9v6lmXWWOA9mbY9ztlOHsA/V12vZw1ZjpgNlPRN
RWm9jNzUxoUaYFxwuaeAL2qH7tazSbQgxyCbK6lqJ1VlvgwpKj/glmJtEa1LP/E6
28eOiUhaGI34lD6JSjG7U42HX522QFUS4YmfzceQgrqbu/RFOKzmaZP58MPkxK+L
lyCcdKBogSjXBWNHdAGBBrgDnEb33QHLxRpSFIn1OuuXamoafFNLCSwNAJaBJuzz
ZUlhlXyWZdZYAP7rIK4noTvlef2BjwIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFNz9
t+uwL6ZHEboW6XNqjAG6OmrdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENTcxRDYyNEY4MDExMUVGQjQ3OEI5ODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQHmlKAAwQGmlNAAwQHmlmA
MAsDBAaaWkADAwCaWgMEB5pcgDANBgkqhkiG9w0BAQsFAAOCAQEAqK12XqlKXqNo
HcK8zhJYRLY9vq2iI8Sq7kEdBoP90WwWh8U6DTmi3iauHw98A5yXAmIR6wm3dJ0V
9zKcPl3iUT+UcrAiyZDMaUMYDBsJmKvZLrp+4dQbwA3S6Py5i9XlFHhyBrwOqExC
/MD9RqtjGiiaAOHfsAFtxrHnh133Segvzu57kBKwS796/ujQpN8RNWxEckz7oavg
9X9VcQ8yG1h3UdabqBHb/gDG+xbdYixf2ixaMbTc03+ZdSKugoIdjeIm9Xk7HgoD
cKBh4v3zda06R6TvGa8cKduNTl7Khygmlu1xXQQ+SbTT1JUsLTPd1nXbobrBnv/S
j5Y9ocoqdA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:47 2025 by rpki-client