Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E442338242D11F09E710978DAE4EC9C.roa
File: 0E442338242D11F09E710978DAE4EC9C.roa (raw, json)
Hash identifier: xcsSbj8T+Q3JmU62heuSO+fF2D9FAGpiehnI86peX/s=
Subject key identifier: B6:27:E1:C4:6B:00:8E:AC:65:9E:8D:91:B7:49:EB:B5:52:22:8E:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BAC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E442338242D11F09E710978DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:33:58 +0000
ROA not before: Mon 28 Apr 2025 12:33:53 +0000
ROA not after: Sun 08 Jun 2025 12:33:53 +0000
asID: 44559
IP address blocks: 154.219.64.0/24 maxlen: 24
154.219.66.0/24 maxlen: 24
154.219.67.0/24 maxlen: 24
154.219.68.0/24 maxlen: 24
154.219.69.0/24 maxlen: 24
154.219.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97196 (0x17bac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:33:53 2025 GMT
Not After : Jun 8 12:33:53 2025 GMT
Subject: CN=680f75b6-afa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ee:8a:e1:ee:a0:e2:75:60:3f:f6:bc:72:50:
99:c4:97:53:b5:ff:e8:c0:cd:0a:3e:f8:a5:c5:70:
95:72:5c:45:46:5d:ee:e8:88:26:09:75:26:f2:23:
b7:53:9f:69:01:a9:16:c0:db:b1:35:16:30:1e:22:
6d:de:43:b1:48:78:6c:eb:74:04:e4:4c:e8:d3:6a:
6c:17:af:12:ae:8a:fd:14:0c:a3:9e:3c:f7:c0:1f:
46:0b:52:07:f8:22:ba:4b:57:b8:5f:51:2f:21:06:
98:8b:30:61:e5:e2:85:91:bd:a6:cb:5a:1e:e1:e7:
ff:78:68:06:e9:93:7c:5a:a6:54:f0:e9:d4:22:3c:
a8:05:b8:96:ff:39:bc:5f:28:04:f7:ca:72:52:df:
16:03:fd:fd:06:92:c9:6f:1f:76:8d:90:b6:58:81:
11:d0:b8:53:0b:ad:48:43:8e:27:ed:40:8f:93:8e:
84:73:ee:19:40:67:81:22:c0:e8:e5:d2:fb:db:e4:
80:3e:05:57:75:2f:5c:7e:46:b4:47:c5:ac:1b:da:
b3:82:ed:85:df:de:d6:39:98:c7:2c:53:ab:1f:a8:
63:37:35:94:e5:fb:fc:36:47:66:52:2c:01:72:44:
e2:76:92:a1:e3:18:93:70:f7:db:d2:be:eb:0e:e9:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:27:E1:C4:6B:00:8E:AC:65:9E:8D:91:B7:49:EB:B5:52:22:8E:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E442338242D11F09E710978DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.64.0/24
154.219.66.0-154.219.70.255
Signature Algorithm: sha256WithRSAEncryption
36:e5:0e:37:e1:f3:a5:c1:fb:92:05:3a:e4:e3:77:4e:5e:b6:
23:7f:15:2c:cc:10:6a:26:fd:41:ac:ed:46:d2:5c:53:60:b0:
36:2e:2e:b4:3f:a0:ff:84:42:6f:ff:16:9a:0b:88:05:04:39:
1b:e2:7c:af:12:8c:a4:b1:4b:36:f4:2e:9a:f5:0e:57:6c:14:
22:c3:45:b0:1f:2e:40:b8:d4:bc:1b:41:df:78:58:ad:4a:fd:
ac:3a:0c:73:ac:71:fd:60:24:89:c2:a4:7f:72:21:f2:6d:70:
0b:72:96:92:3c:f1:50:27:2c:cb:8a:72:93:39:23:8a:b8:9d:
a8:40:d9:99:22:b5:57:45:24:76:82:47:b0:1e:1c:1d:ab:4b:
06:7d:a7:fa:ad:61:20:f7:b3:62:2d:dc:3e:bb:71:2b:96:c5:
37:64:67:be:a6:f6:0f:97:e2:b4:36:ca:1f:0c:84:0e:b9:c2:
c2:3a:ce:7b:3c:5d:c1:50:be:d4:38:80:4a:62:0e:26:bf:2a:
47:38:62:0b:df:90:48:dc:b3:ca:24:c1:4b:62:50:00:bf:8b:
f7:b9:96:c8:3c:28:ad:ec:b4:e3:23:0d:e6:94:b1:a8:b3:7c:
98:2c:c7:ec:1e:c5:5b:fb:0d:3a:9e:12:89:c3:b5:1c:4e:60:
81:d3:3c:ff
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXusMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTIzMzUzWhcNMjUwNjA4MTIzMzUzWjAYMRYw
FAYDVQQDEw02ODBmNzViNi1hZmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwu6K4e6g4nVgP/a8clCZxJdTtf/owM0KPvilxXCVclxFRl3u6IgmCXUm
8iO3U59pAakWwNuxNRYwHiJt3kOxSHhs63QE5Ezo02psF68Sror9FAyjnjz3wB9G
C1IH+CK6S1e4X1EvIQaYizBh5eKFkb2my1oe4ef/eGgG6ZN8WqZU8OnUIjyoBbiW
/zm8XygE98pyUt8WA/39BpLJbx92jZC2WIER0LhTC61IQ44n7UCPk46Ec+4ZQGeB
IsDo5dL72+SAPgVXdS9cfka0R8WsG9qzgu2F397WOZjHLFOrH6hjNzWU5fv8Nkdm
UiwBckTidpKh4xiTcPfb0r7rDul8KwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLYn
4cRrAI6sZZ6NkbdJ67VSIo4PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRTQ0MjMzODI0MkQxMUYwOUU3MTA5NzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAmttAMAwDBAGa20IDBACa
20YwDQYJKoZIhvcNAQELBQADggEBADblDjfh86XB+5IFOuTjd05etiN/FSzMEGom
/UGs7UbSXFNgsDYuLrQ/oP+EQm//FpoLiAUEORvifK8SjKSxSzb0Lpr1DldsFCLD
RbAfLkC41LwbQd94WK1K/aw6DHOscf1gJInCpH9yIfJtcAtylpI88VAnLMuKcpM5
I4q4nahA2ZkitVdFJHaCR7AeHB2rSwZ9p/qtYSD3s2It3D67cSuWxTdkZ76m9g+X
4rQ2yh8MhA65wsI6zns8XcFQvtQ4gEpiDia/Kkc4YgvfkEjcs8okwUtiUAC/i/e5
lsg8KK3stOMjDeaUsaizfJgsx+wexVv7DTqeEonDtRxOYIHTPP8=
-----END CERTIFICATE-----
Generated at Sun May 11 15:06:34 2025 by rpki-client