Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13E3CADC299111F0A4B89A94DAE4EC9C.roa
File: 13E3CADC299111F0A4B89A94DAE4EC9C.roa (raw, json)
Hash identifier: eVXBK8Atqw1165jlQGrviqhnbd9Iy2Dx6Sw749AK2u4=
Subject key identifier: C8:DD:52:9B:40:25:2D:69:2F:28:D8:D2:EC:D1:D2:F9:56:AE:28:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EF7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13E3CADC299111F0A4B89A94DAE4EC9C.roa
Signing time: Mon 05 May 2025 09:12:33 +0000
ROA not before: Mon 05 May 2025 09:12:29 +0000
ROA not after: Thu 10 Jul 2025 09:12:29 +0000
asID: 203020
IP address blocks: 154.217.30.0/24 maxlen: 24
154.217.31.0/24 maxlen: 24
154.217.64.0/24 maxlen: 24
154.217.65.0/24 maxlen: 24
154.217.84.0/24 maxlen: 24
154.217.86.0/24 maxlen: 24
154.217.88.0/24 maxlen: 24
154.217.89.0/24 maxlen: 24
154.217.90.0/24 maxlen: 24
154.217.92.0/24 maxlen: 24
154.217.93.0/24 maxlen: 24
154.217.94.0/24 maxlen: 24
154.217.134.0/23 maxlen: 24
154.217.136.0/22 maxlen: 24
154.217.140.0/22 maxlen: 24
154.217.144.0/22 maxlen: 24
154.217.148.0/22 maxlen: 24
154.217.152.0/22 maxlen: 24
154.217.156.0/23 maxlen: 24
154.217.158.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98039 (0x17ef7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 5 09:12:29 2025 GMT
Not After : Jul 10 09:12:29 2025 GMT
Subject: CN=68188101-e828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:79:ba:4b:2c:46:e5:64:a0:14:1f:4e:0f:3b:
60:4d:b0:09:e6:0e:1c:db:4d:b2:2e:06:ce:06:13:
e6:bb:21:02:d3:f5:5b:61:ce:ec:53:01:6a:3c:66:
f8:ab:c0:80:7a:25:b2:c6:d5:78:2e:ee:ff:52:12:
87:22:08:67:fc:d2:89:76:4d:10:47:24:6e:9c:b4:
3d:b3:9f:e0:e4:77:b8:6f:96:e2:5e:94:9d:4f:ad:
89:29:ba:68:db:90:43:d7:33:9c:d8:9d:f5:2f:a2:
b4:da:d7:bc:b0:80:37:f0:19:b8:34:ed:6d:c7:00:
34:2f:a9:21:aa:d8:4d:7c:8e:0c:85:36:44:65:c4:
05:bd:68:91:27:da:ee:32:dc:df:a5:d8:ab:95:e2:
f5:61:27:2c:c5:9e:f8:b5:af:b1:6c:13:3d:e0:f8:
8b:84:f9:11:1b:6b:b0:47:74:d6:7c:39:34:e0:13:
33:f3:42:fe:2e:bd:2c:43:ec:5b:ef:65:bf:57:3d:
df:b5:0d:9f:37:f1:1e:7b:7a:84:3d:3b:d6:dc:db:
9d:aa:1a:96:be:15:b2:0e:32:ee:f2:9e:5c:da:ad:
be:c0:cb:7d:6d:23:49:55:9a:d4:24:db:82:04:69:
63:76:83:88:13:33:42:78:e3:63:5a:00:1f:6b:91:
ca:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DD:52:9B:40:25:2D:69:2F:28:D8:D2:EC:D1:D2:F9:56:AE:28:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13E3CADC299111F0A4B89A94DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.30.0/23
154.217.64.0/23
154.217.84.0/24
154.217.86.0/24
154.217.88.0-154.217.90.255
154.217.92.0-154.217.94.255
154.217.134.0-154.217.159.255
Signature Algorithm: sha256WithRSAEncryption
2a:a8:bf:02:8e:7d:fc:0c:9f:34:75:7f:84:06:79:02:2c:e9:
c6:7a:1e:ed:d9:37:10:bc:f4:94:fc:43:c5:68:76:d4:58:62:
0c:3d:a0:3d:10:35:85:6b:2d:48:3b:f5:10:48:61:90:e2:14:
01:ab:54:53:dd:75:9e:4b:2b:8a:52:24:cc:b3:ef:0c:11:c0:
bc:1c:44:a2:ec:21:d9:82:33:a2:1d:b5:46:23:2c:71:5d:cb:
a6:ab:54:b1:cd:05:c2:06:0c:43:df:1a:d2:de:0d:a6:ec:24:
49:57:38:21:fb:3a:81:6b:a1:04:e4:b0:23:29:a3:b9:e3:fd:
d2:c3:0d:1d:2c:27:c9:0a:74:32:4a:cb:34:72:42:3d:a1:a8:
c6:17:1d:98:3d:a4:72:36:a4:68:33:53:7d:be:68:7c:9c:af:
85:b5:3a:c1:93:c8:4d:12:01:0b:e7:64:0a:6e:7e:42:eb:cb:
36:c5:de:e1:82:61:3e:2f:f2:d7:f4:c1:56:35:bd:3e:c5:00:
05:ce:c7:aa:74:7a:95:2b:a4:d2:0b:52:29:0d:0f:7e:8d:d9:
51:4d:0f:80:8b:ed:f2:57:2c:cf:df:e6:a2:b8:ff:57:3c:81:
1e:78:c1:a6:bc:6b:a1:79:0e:a0:3b:40:9c:4b:59:5a:b8:be:
0e:d7:16:05
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAX73MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA1MDkxMjI5WhcNMjUwNzEwMDkxMjI5WjAYMRYw
FAYDVQQDEw02ODE4ODEwMS1lODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA33m6SyxG5WSgFB9ODztgTbAJ5g4c202yLgbOBhPmuyEC0/VbYc7sUwFq
PGb4q8CAeiWyxtV4Lu7/UhKHIghn/NKJdk0QRyRunLQ9s5/g5He4b5biXpSdT62J
Kbpo25BD1zOc2J31L6K02te8sIA38Bm4NO1txwA0L6khqthNfI4MhTZEZcQFvWiR
J9ruMtzfpdirleL1YScsxZ74ta+xbBM94PiLhPkRG2uwR3TWfDk04BMz80L+Lr0s
Q+xb72W/Vz3ftQ2fN/Eee3qEPTvW3NudqhqWvhWyDjLu8p5c2q2+wMt9bSNJVZrU
JNuCBGljdoOIEzNCeONjWgAfa5HK5QIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFMjd
UptAJS1pLyjY0uzR0vlWriidMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xM0UzQ0FEQzI5OTExMUYwQTRCODlBOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBmtkeAwQBmtlAAwQAmtlU
AwQAmtlWMAwDBAOa2VgDBACa2VowDAMEAprZXAMEAJrZXjAMAwQBmtmGAwQFmtmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAqqL8Cjn38DJ80dX+EBnkCLOnGeh7t2TcQvPSU
/EPFaHbUWGIMPaA9EDWFay1IO/UQSGGQ4hQBq1RT3XWeSyuKUiTMs+8MEcC8HESi
7CHZgjOiHbVGIyxxXcumq1SxzQXCBgxD3xrS3g2m7CRJVzgh+zqBa6EE5LAjKaO5
4/3Sww0dLCfJCnQySss0ckI9oajGFx2YPaRyNqRoM1N9vmh8nK+FtTrBk8hNEgEL
52QKbn5C68s2xd7hgmE+L/LX9MFWNb0+xQAFzseqdHqVK6TSC1IpDQ9+jdlRTQ+A
i+3yVyzP3+aiuP9XPIEeeMGmvGuheQ6gO0CcS1lauL4O1xYF
-----END CERTIFICATE-----
Generated at Sat May 10 13:54:52 2025 by rpki-client