Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/008A3C90315D11F0A45393BEDAE4EC9C.roa
File: 008A3C90315D11F0A45393BEDAE4EC9C.roa (raw, json)
Hash identifier: XpL17jCdXMq/3ReAPRzaxaMjSps1SU8j9oV7jFiriCk=
Subject key identifier: CE:8C:BB:9E:E7:4B:74:27:58:69:83:E9:5F:13:C4:2E:70:9E:60:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0180AA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/008A3C90315D11F0A45393BEDAE4EC9C.roa
Signing time: Thu 15 May 2025 07:19:56 +0000
ROA not before: Thu 15 May 2025 07:19:51 +0000
ROA not after: Thu 22 May 2025 07:19:51 +0000
asID: 149014
IP address blocks: 154.223.168.0/24 maxlen: 24
154.223.169.0/24 maxlen: 24
154.223.177.0/24 maxlen: 24
154.223.178.0/24 maxlen: 24
154.223.179.0/24 maxlen: 24
154.223.180.0/24 maxlen: 24
154.223.182.0/24 maxlen: 24
154.223.183.0/24 maxlen: 24
154.223.188.0/24 maxlen: 24
154.223.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98474 (0x180aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 15 07:19:51 2025 GMT
Not After : May 22 07:19:51 2025 GMT
Subject: CN=6825959c-0acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a4:c2:ed:71:99:ab:2c:90:a5:aa:47:3c:23:
c9:18:b9:18:98:9e:fe:54:91:04:42:25:84:93:69:
f0:25:d6:5e:d6:a9:f6:be:a7:69:d1:c0:45:45:e8:
9a:0b:0f:d4:2d:50:7c:30:f9:2e:2b:29:1c:c4:f0:
74:ac:f8:2c:a9:17:c1:22:a2:e1:db:0b:c2:fa:25:
76:d2:2c:65:67:fd:5d:0e:c8:29:d8:12:9c:39:05:
06:1e:99:d1:f1:8d:4e:52:d2:13:b7:f7:be:02:c1:
9b:f5:36:64:14:d2:55:14:7a:ba:bc:a2:1c:d9:f6:
2e:42:b2:0c:64:ae:8a:1a:2c:16:e2:1a:38:98:ad:
dd:c4:41:6f:18:b6:c1:d9:c1:4a:87:a6:66:ed:2f:
f6:ad:d4:2b:6d:0c:52:ec:9b:b1:8a:81:ce:2e:30:
05:8e:20:1e:dd:3e:5d:9b:85:ea:80:de:36:1f:46:
3c:00:d6:af:25:59:74:76:ff:31:1c:97:f8:84:d3:
d2:c2:4c:aa:31:61:72:0f:94:ec:f8:ce:63:f8:8c:
8d:6d:8a:28:cc:24:eb:f9:00:08:ea:55:8c:1f:24:
91:f5:74:59:61:ad:26:c2:f2:63:bb:61:28:71:81:
71:ef:a5:93:40:74:2b:e7:c3:03:de:c5:b8:20:e2:
01:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8C:BB:9E:E7:4B:74:27:58:69:83:E9:5F:13:C4:2E:70:9E:60:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/008A3C90315D11F0A45393BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/23
154.223.177.0-154.223.180.255
154.223.182.0/23
154.223.188.0/23
Signature Algorithm: sha256WithRSAEncryption
11:b2:9c:69:5c:a0:a8:64:bf:64:b6:47:bc:5e:91:10:5c:e8:
c9:bf:3f:72:77:25:87:5b:9c:df:cd:45:98:b1:1c:42:51:cf:
f7:5b:30:88:c5:0e:f3:f4:8d:65:cf:75:aa:33:55:44:44:27:
63:b4:c9:98:51:07:7e:86:ba:1e:df:0f:81:a4:91:c8:9a:0c:
23:07:a0:c9:5c:76:c6:47:43:43:75:ee:61:63:82:30:c0:97:
04:d5:f2:c3:08:e6:bf:d4:5e:0e:b4:3c:72:60:80:04:1b:d6:
3c:f6:fa:3a:bf:71:17:98:b9:8f:88:d0:e8:dd:8a:06:9d:e8:
b6:86:78:bc:e5:57:11:ef:bb:17:e6:0a:ff:02:fa:f9:84:b0:
6b:03:e2:ba:d7:c7:1b:56:eb:0d:69:fb:39:e1:2a:7a:1c:79:
35:a8:40:8c:77:68:d8:b2:34:33:69:1c:a3:61:c6:3d:67:40:
ef:1d:eb:70:db:85:2d:0a:91:24:05:3b:ad:aa:29:c1:95:88:
3d:0e:f3:db:54:4e:cd:35:8f:40:e2:07:fa:a3:ee:4a:eb:b7:
64:c7:ae:ff:72:8e:b4:24:c9:8b:60:c5:07:6d:6f:46:79:11:
18:22:ab:31:42:95:ba:11:e7:5b:ea:ed:c6:f4:c2:f0:e7:71:
c3:d5:50:d0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAYCqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE1MDcxOTUxWhcNMjUwNTIyMDcxOTUxWjAYMRYw
FAYDVQQDEw02ODI1OTU5Yy0wYWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3KTC7XGZqyyQpapHPCPJGLkYmJ7+VJEEQiWEk2nwJdZe1qn2vqdp0cBF
ReiaCw/ULVB8MPkuKykcxPB0rPgsqRfBIqLh2wvC+iV20ixlZ/1dDsgp2BKcOQUG
HpnR8Y1OUtITt/e+AsGb9TZkFNJVFHq6vKIc2fYuQrIMZK6KGiwW4ho4mK3dxEFv
GLbB2cFKh6Zm7S/2rdQrbQxS7JuxioHOLjAFjiAe3T5dm4XqgN42H0Y8ANavJVl0
dv8xHJf4hNPSwkyqMWFyD5Ts+M5j+IyNbYoozCTr+QAI6lWMHySR9XRZYa0mwvJj
u2EocYFx76WTQHQr58MD3sW4IOIBwQIDAQABo4ICvzCCArswHQYDVR0OBBYEFM6M
u57nS3QnWGmD6V8TxC5wnmCXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDhBM0M5MDMxNUQxMUYwQTQ1MzkzQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBmt+oMAwDBACa37EDBACa
37QDBAGa37YDBAGa37wwDQYJKoZIhvcNAQELBQADggEBABGynGlcoKhkv2S2R7xe
kRBc6Mm/P3J3JYdbnN/NRZixHEJRz/dbMIjFDvP0jWXPdaozVUREJ2O0yZhRB36G
uh7fD4GkkciaDCMHoMlcdsZHQ0N17mFjgjDAlwTV8sMI5r/UXg60PHJggAQb1jz2
+jq/cReYuY+I0Ojdigad6LaGeLzlVxHvuxfmCv8C+vmEsGsD4rrXxxtW6w1p+znh
KnoceTWoQIx3aNiyNDNpHKNhxj1nQO8d63DbhS0KkSQFO62qKcGViD0O89tUTs01
j0DiB/qj7krrt2THrv9yjrQkyYtgxQdtb0Z5ERgiqzFClboR51vq7cb0wvDnccPV
UNA=
-----END CERTIFICATE-----
Generated at Thu May 15 23:54:38 2025 by rpki-client