Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF917E84265311F0976AD2EBDAE4EC9C.roa
File: FF917E84265311F0976AD2EBDAE4EC9C.roa (raw, json)
Hash identifier: U2txjpwwYtvduYFtkDP/blK06nol45c/Qa1VeZAH30s=
Subject key identifier: 96:31:F1:62:BE:89:AE:FC:73:8A:FC:6F:B5:9D:7C:1A:F5:C1:37:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DB8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF917E84265311F0976AD2EBDAE4EC9C.roa
Signing time: Thu 01 May 2025 06:17:46 +0000
ROA not before: Thu 01 May 2025 06:17:42 +0000
ROA not after: Fri 01 May 2026 06:17:42 +0000
asID: 984
IP address blocks: 154.218.64.0/24 maxlen: 24
154.218.65.0/24 maxlen: 24
154.218.66.0/24 maxlen: 24
154.218.67.0/24 maxlen: 24
154.218.68.0/24 maxlen: 24
154.218.69.0/24 maxlen: 24
154.218.70.0/24 maxlen: 24
154.218.71.0/24 maxlen: 24
154.218.72.0/24 maxlen: 24
154.218.73.0/24 maxlen: 24
154.221.182.0/24 maxlen: 24
154.221.183.0/24 maxlen: 24
154.221.184.0/24 maxlen: 24
154.221.185.0/24 maxlen: 24
154.221.186.0/24 maxlen: 24
154.221.187.0/24 maxlen: 24
154.221.188.0/24 maxlen: 24
154.221.189.0/24 maxlen: 24
154.221.190.0/24 maxlen: 24
154.221.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97720 (0x17db8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 06:17:42 2025 GMT
Not After : May 1 06:17:42 2026 GMT
Subject: CN=6813120a-90c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:93:27:13:f6:fb:e8:20:be:49:80:8c:b5:6a:
e2:74:50:f8:16:3d:36:ca:27:22:c2:21:eb:94:fe:
fe:2d:60:3d:b5:74:ae:dc:e8:cf:e3:18:8b:45:d2:
f9:47:3d:55:3c:3f:fe:72:58:63:d1:c4:ec:31:08:
6d:76:02:f5:ee:38:2f:be:c7:88:5f:c0:65:af:47:
57:0c:ca:66:c7:aa:ac:d2:03:47:8d:1f:16:5c:d4:
dd:74:c4:bf:4a:81:f1:08:30:a2:81:42:c4:24:88:
9e:36:74:24:28:ea:f4:a7:ad:64:3e:03:42:a0:06:
ad:64:02:56:1d:77:e0:e6:e0:5c:58:8c:88:ff:7d:
9d:3c:49:29:e2:0d:58:be:8c:d8:a4:2b:bf:1b:3a:
5a:ba:11:46:d9:a6:f7:8b:5a:b4:33:e2:03:71:ea:
f9:1a:ae:f7:f6:37:a7:f9:87:11:fc:e3:63:4d:2d:
12:55:a0:e5:e2:bf:ab:e3:37:d4:23:f5:25:87:4e:
09:91:fa:4d:4f:55:bd:05:ed:01:d7:a7:ec:a4:65:
79:40:fd:0e:7a:df:d5:88:be:c8:6b:64:35:b3:5d:
6e:de:53:27:3b:bd:7d:17:80:7a:f9:e7:f1:59:51:
1f:b0:0b:e9:27:f4:71:60:b3:d6:94:9f:7b:9d:07:
1f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:31:F1:62:BE:89:AE:FC:73:8A:FC:6F:B5:9D:7C:1A:F5:C1:37:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF917E84265311F0976AD2EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.64.0-154.218.73.255
154.221.182.0-154.221.191.255
Signature Algorithm: sha256WithRSAEncryption
d6:4f:63:e9:88:44:e7:04:12:db:da:1b:2b:e7:2e:68:b5:06:
95:10:d3:4e:74:89:1d:8c:18:a7:05:b1:8f:a0:db:27:86:86:
97:9b:b6:d1:db:a3:d0:1f:82:0d:da:e1:89:da:48:76:ec:94:
d7:66:11:4e:96:b2:db:32:24:be:57:7a:36:d3:b7:37:a0:b8:
1c:c6:70:3d:8c:f2:5b:c8:64:f0:8d:e0:b9:ac:bb:1f:c5:5e:
6a:18:7d:83:20:d0:5e:8a:ee:e8:73:a6:72:2c:3d:79:7e:6f:
dc:a3:fd:49:58:27:41:1d:69:4b:2e:2f:4d:a9:0f:e8:08:36:
3c:d6:6a:5b:00:7d:09:f7:69:f5:23:2f:a2:7f:9b:ac:7e:23:
9e:60:81:d2:c3:de:5b:c7:83:05:43:f8:fe:fd:6a:cb:59:ae:
18:98:e4:3f:c9:d9:4f:ca:68:e0:ea:ab:94:f1:bf:38:3a:04:
fc:e8:e7:e7:19:fe:92:08:b2:c1:78:8d:c3:01:7a:fe:45:80:
21:0e:6c:95:ae:7d:9e:49:35:00:44:e0:42:89:e7:41:35:7d:
fe:bd:df:87:3a:4d:be:03:47:b8:85:65:b4:88:c2:df:21:61:
48:83:55:84:fa:d3:3b:42:5a:b6:73:bc:94:45:a7:d9:fb:8c:
65:9d:c3:12
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAX24MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMDYxNzQyWhcNMjYwNTAxMDYxNzQyWjAYMRYw
FAYDVQQDEw02ODEzMTIwYS05MGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq5MnE/b76CC+SYCMtWridFD4Fj02yiciwiHrlP7+LWA9tXSu3OjP4xiL
RdL5Rz1VPD/+clhj0cTsMQhtdgL17jgvvseIX8Blr0dXDMpmx6qs0gNHjR8WXNTd
dMS/SoHxCDCigULEJIieNnQkKOr0p61kPgNCoAatZAJWHXfg5uBcWIyI/32dPEkp
4g1YvozYpCu/GzpauhFG2ab3i1q0M+IDcer5Gq739jen+YcR/ONjTS0SVaDl4r+r
4zfUI/Ulh04JkfpNT1W9Be0B16fspGV5QP0Oet/ViL7Ia2Q1s11u3lMnO719F4B6
+efxWVEfsAvpJ/RxYLPWlJ97nQcfDQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFJYx
8WK+ia78c4r8b7WdfBr1wTelMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRjkxN0U4NDI2NTMxMUYwOTc2QUQyRUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAaa2kADBAGa2kgwDAME
AZrdtgMEBprdgDANBgkqhkiG9w0BAQsFAAOCAQEA1k9j6YhE5wQS29obK+cuaLUG
lRDTTnSJHYwYpwWxj6DbJ4aGl5u20duj0B+CDdrhidpIduyU12YRTpay2zIkvld6
NtO3N6C4HMZwPYzyW8hk8I3guay7H8Veahh9gyDQXoru6HOmciw9eX5v3KP9SVgn
QR1pSy4vTakP6Ag2PNZqWwB9Cfdp9SMvon+brH4jnmCB0sPeW8eDBUP4/v1qy1mu
GJjkP8nZT8po4OqrlPG/ODoE/Ojn5xn+kgiywXiNwwF6/kWAIQ5sla59nkk1AETg
QonnQTV9/r3fhzpNvgNHuIVltIjC3yFhSINVhPrTO0JatnO8lEWn2fuMZZ3DEg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:34:40 2025 by rpki-client