Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFD72CC2F88711EF8C76CE85762E951A.roa
File: EFD72CC2F88711EF8C76CE85762E951A.roa (raw, json)
Hash identifier: na0mnjWjaMnv0q1/jZfg0WvHt7IVmLhabklARiB4Zgg=
Subject key identifier: 7A:E0:1C:D7:AE:0E:D6:36:E2:57:11:4E:08:66:9C:B3:61:00:4B:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017155
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFD72CC2F88711EF8C76CE85762E951A.roa
Signing time: Mon 03 Mar 2025 23:33:40 +0000
ROA not before: Mon 03 Mar 2025 23:33:36 +0000
ROA not after: Sun 13 Apr 2025 23:33:36 +0000
asID: 138915
IP address blocks: 154.203.128.0/23 maxlen: 24
154.203.148.0/24 maxlen: 24
154.203.149.0/24 maxlen: 24
154.203.150.0/24 maxlen: 24
154.203.151.0/24 maxlen: 24
154.206.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94549 (0x17155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 3 23:33:36 2025 GMT
Not After : Apr 13 23:33:36 2025 GMT
Subject: CN=67c63c54-f7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:d2:27:43:c0:bc:74:65:04:de:d9:3d:18:
41:08:85:7f:00:87:1f:4b:b0:f6:f1:b3:d6:5d:d8:
ba:68:54:3e:82:ba:69:8e:22:11:7f:9c:fd:1e:5d:
65:6d:b1:66:9f:dd:c4:70:29:5c:21:35:6e:0d:fe:
a1:6b:70:e8:2c:60:01:2a:79:44:b8:e8:3b:ba:3f:
59:57:09:07:7f:35:b2:5c:33:36:94:6a:79:9f:94:
25:f2:f6:f2:0d:bf:cb:43:23:65:52:60:b5:73:12:
91:03:50:71:24:45:df:28:d0:41:50:4d:73:80:b3:
95:58:b9:d8:ce:d9:ee:e8:bc:d0:9a:77:d4:fa:ed:
47:96:af:41:a0:34:68:e2:f2:fe:46:02:e6:95:91:
6f:b9:fd:b3:8f:df:b0:b1:b2:c4:ac:de:e8:73:9b:
4e:be:a4:bb:14:c6:59:a3:92:eb:ba:1b:ee:85:86:
97:55:c0:37:96:c6:66:5c:18:18:08:62:49:cd:3e:
6a:92:04:d9:ab:b5:9c:7d:d7:dd:e7:88:4f:22:42:
f6:13:53:07:ea:34:8d:0c:bd:4b:c3:27:b4:76:54:
9c:d0:1a:84:be:da:09:b5:47:09:99:93:3b:93:e4:
e5:19:eb:5b:28:ea:ba:81:f9:5e:c7:5b:6b:32:a1:
76:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E0:1C:D7:AE:0E:D6:36:E2:57:11:4E:08:66:9C:B3:61:00:4B:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFD72CC2F88711EF8C76CE85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.128.0/23
154.203.148.0/22
154.206.100.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:b7:6c:36:8b:03:d7:87:bc:eb:91:bb:c6:5b:99:91:e7:be:
dc:73:e3:b9:db:f4:cc:38:2f:2f:bc:1a:6a:11:7b:14:3c:64:
87:d1:ae:14:d9:09:f0:76:30:c5:e2:5c:89:8b:95:b2:5e:6b:
1d:0d:a4:08:7b:3c:6e:f8:84:81:5d:49:17:3b:68:b6:07:26:
34:d0:bc:bf:34:b3:a2:ca:28:82:f4:2c:84:d5:b1:20:4b:4c:
32:de:65:ee:a9:1d:70:c5:e9:20:3d:f2:f3:35:96:c4:ee:8b:
1f:6e:07:23:d4:02:1a:7e:83:56:d1:ac:0e:42:39:42:10:4e:
56:c6:29:1c:8e:c6:76:b1:91:7a:22:02:f5:b9:08:d8:10:48:
84:e0:7a:d1:f9:4e:f1:07:73:5b:bf:34:35:8f:7a:9d:01:88:
2b:89:4c:c4:0d:7e:c9:bb:ed:c7:b9:4c:30:ce:cf:a4:16:27:
73:dd:c2:11:e5:0f:2a:4d:a4:76:f7:d4:a9:52:cc:50:be:f6:
6a:88:ec:3c:0f:e2:95:31:9b:fd:ca:a3:dc:3b:8c:9e:1e:b6:
26:63:3e:66:cf:a4:a6:0f:73:68:f6:2f:e3:58:11:f3:cb:79:
00:e7:8c:da:a8:1b:2f:53:16:41:6e:f1:d9:44:24:cc:f2:ef:
e9:9b:e8:6c
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXFVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMjMzMzM2WhcNMjUwNDEzMjMzMzM2WjAYMRYw
FAYDVQQDEw02N2M2M2M1NC1mN2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvk7SJ0PAvHRlBN7ZPRhBCIV/AIcfS7D28bPWXdi6aFQ+grppjiIRf5z9
Hl1lbbFmn93EcClcITVuDf6ha3DoLGABKnlEuOg7uj9ZVwkHfzWyXDM2lGp5n5Ql
8vbyDb/LQyNlUmC1cxKRA1BxJEXfKNBBUE1zgLOVWLnYztnu6LzQmnfU+u1Hlq9B
oDRo4vL+RgLmlZFvuf2zj9+wsbLErN7oc5tOvqS7FMZZo5LruhvuhYaXVcA3lsZm
XBgYCGJJzT5qkgTZq7Wcfdfd54hPIkL2E1MH6jSNDL1Lwye0dlSc0BqEvtoJtUcJ
mZM7k+TlGetbKOq6gflex1trMqF2ewIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFHrg
HNeuDtY24lcRTghmnLNhAEtpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRkQ3MkNDMkY4ODcxMUVGOEM3NkNFODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmsuAAwQCmsuUAwQBms5k
MA0GCSqGSIb3DQEBCwUAA4IBAQCOt2w2iwPXh7zrkbvGW5mR577cc+O52/TMOC8v
vBpqEXsUPGSH0a4U2QnwdjDF4lyJi5WyXmsdDaQIezxu+ISBXUkXO2i2ByY00Ly/
NLOiyiiC9CyE1bEgS0wy3mXuqR1wxekgPfLzNZbE7osfbgcj1AIafoNW0awOQjlC
EE5WxikcjsZ2sZF6IgL1uQjYEEiE4HrR+U7xB3NbvzQ1j3qdAYgriUzEDX7Ju+3H
uUwwzs+kFidz3cIR5Q8qTaR299SpUsxQvvZqiOw8D+KVMZv9yqPcO4yeHrYmYz5m
z6SmD3No9i/jWBHzy3kA54zaqBsvUxZBbvHZRCTM8u/pm+hs
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:01:58 2025 by rpki-client