Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/163B25DA268C11F09947F2D9DAE4EC9C.roa
File: 163B25DA268C11F09947F2D9DAE4EC9C.roa (raw, json)
Hash identifier: 0H44o1wKYfC5+lqgG+Zlt6x/UFw04aXuuchjz/zWCcU=
Subject key identifier: 86:BC:82:58:21:FA:6F:77:F2:06:C3:0B:B3:DD:D2:45:D6:BB:E0:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E02
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/163B25DA268C11F09947F2D9DAE4EC9C.roa
Signing time: Thu 01 May 2025 12:59:16 +0000
ROA not before: Thu 01 May 2025 12:59:11 +0000
ROA not after: Fri 28 Apr 2028 12:59:11 +0000
asID: 17561
IP address blocks: 154.81.110.0/24 maxlen: 24
154.81.111.0/24 maxlen: 24
154.81.112.0/24 maxlen: 24
154.81.113.0/24 maxlen: 24
154.81.114.0/24 maxlen: 24
154.81.115.0/24 maxlen: 24
154.81.116.0/24 maxlen: 24
154.81.117.0/24 maxlen: 24
154.81.118.0/24 maxlen: 24
154.81.119.0/24 maxlen: 24
154.81.120.0/24 maxlen: 24
154.81.121.0/24 maxlen: 24
154.81.122.0/24 maxlen: 24
154.81.123.0/24 maxlen: 24
154.81.124.0/24 maxlen: 24
154.81.125.0/24 maxlen: 24
154.81.126.0/24 maxlen: 24
154.81.127.0/24 maxlen: 24
154.84.64.0/24 maxlen: 24
154.84.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 11 May 2025 11:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97794 (0x17e02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:59:11 2025 GMT
Not After : Apr 28 12:59:11 2028 GMT
Subject: CN=68137024-f5b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:cc:75:e8:de:03:d2:47:70:ac:8c:76:b5:d5:
55:85:7e:b9:06:a9:72:68:50:f1:22:4b:1c:5a:92:
c9:e6:13:8b:b5:39:17:82:5d:ed:ee:7e:dd:b5:8f:
d5:53:21:09:a7:cb:32:12:06:b8:aa:e5:43:f0:ba:
25:7d:e0:a7:3a:c8:19:fd:ea:1f:d3:0a:8d:27:ba:
f7:d5:1e:b2:0d:1a:82:7a:30:1d:89:88:74:60:a8:
b6:10:c7:4c:69:65:fb:d4:47:9b:a5:6d:21:99:a4:
fc:40:04:36:56:f4:77:ee:ae:38:ec:90:79:ef:37:
4e:25:d0:1e:c5:ba:e1:fb:be:d5:e1:10:1b:e3:5c:
e7:e3:88:70:c0:0c:70:4b:ba:bf:c4:d1:45:a1:75:
2a:b5:d8:f6:ef:25:22:a9:51:31:eb:e9:5f:d7:5f:
d0:0d:40:9f:60:3e:58:10:b6:ce:28:79:e4:f8:82:
6c:a0:a1:34:fb:d3:a1:f3:b8:e0:da:ae:63:75:71:
88:2a:82:ae:c9:69:fd:55:a0:90:8b:57:b7:44:9d:
76:db:7c:83:e0:b7:b9:31:eb:6a:6c:f0:df:90:49:
c1:f1:49:4d:af:68:e0:68:a7:3c:e1:ae:ee:d1:6d:
5d:4c:33:9e:e8:fd:c1:70:3f:33:30:74:49:b1:37:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BC:82:58:21:FA:6F:77:F2:06:C3:0B:B3:DD:D2:45:D6:BB:E0:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/163B25DA268C11F09947F2D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.110.0-154.81.127.255
154.84.64.0/23
Signature Algorithm: sha256WithRSAEncryption
00:7f:5b:77:97:ef:0d:42:ae:40:f6:fe:2c:b3:e0:4a:d9:66:
d4:44:3f:80:6c:44:5a:09:81:65:14:f4:66:c8:3c:5c:77:9b:
3f:a3:43:83:4d:58:33:d7:22:f4:8d:fc:9b:48:b0:3b:68:47:
ed:55:b7:2a:e5:eb:e1:01:13:a1:e6:cf:3f:68:2e:12:a9:cd:
db:f5:c4:34:6a:37:ac:8a:94:25:08:60:bd:45:11:02:9f:25:
2a:5b:4f:d8:b4:e8:52:86:d2:3d:2a:0a:54:c7:d6:d4:e1:37:
e1:d2:1f:0c:16:8b:bc:8c:be:71:d9:9c:bb:51:ef:c0:c9:69:
af:48:8c:90:a7:a6:3c:40:fc:df:f8:ea:f1:5c:55:e5:04:23:
e6:06:50:12:40:6f:51:f7:77:f6:22:46:49:da:f0:28:b5:e3:
ed:dc:97:e6:53:a6:2a:82:f8:80:05:bd:e8:3c:93:28:d9:81:
8e:b9:86:d8:41:0d:a9:f2:bc:d3:88:53:34:ce:cf:9f:3d:c0:
62:40:8d:da:43:b5:f1:87:d2:00:53:28:05:28:f5:97:cd:e4:
15:ee:ff:1e:c5:40:01:49:15:7f:55:01:d3:8b:65:d9:31:38:
86:03:51:f2:e9:f3:11:59:ff:74:13:48:78:5c:ab:e5:c7:09:
ae:8c:00:0f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAX4CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTI1OTExWhcNMjgwNDI4MTI1OTExWjAYMRYw
FAYDVQQDEw02ODEzNzAyNC1mNWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Mx16N4D0kdwrIx2tdVVhX65BqlyaFDxIkscWpLJ5hOLtTkXgl3t7n7d
tY/VUyEJp8syEga4quVD8LolfeCnOsgZ/eof0wqNJ7r31R6yDRqCejAdiYh0YKi2
EMdMaWX71EebpW0hmaT8QAQ2VvR37q447JB57zdOJdAexbrh+77V4RAb41zn44hw
wAxwS7q/xNFFoXUqtdj27yUiqVEx6+lf11/QDUCfYD5YELbOKHnk+IJsoKE0+9Oh
87jg2q5jdXGIKoKuyWn9VaCQi1e3RJ1223yD4Le5MetqbPDfkEnB8UlNr2jgaKc8
4a7u0W1dTDOe6P3BcD8zMHRJsTeMVwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFIa8
glgh+m938gbDC7Pd0kXWu+C/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNjNCMjVEQTI2OEMxMUYwOTk0N0YyRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGaUW4DBAeaUQADBAGa
VEAwDQYJKoZIhvcNAQELBQADggEBAAB/W3eX7w1CrkD2/iyz4ErZZtREP4BsRFoJ
gWUU9GbIPFx3mz+jQ4NNWDPXIvSN/JtIsDtoR+1Vtyrl6+EBE6Hmzz9oLhKpzdv1
xDRqN6yKlCUIYL1FEQKfJSpbT9i06FKG0j0qClTH1tThN+HSHwwWi7yMvnHZnLtR
78DJaa9IjJCnpjxA/N/46vFcVeUEI+YGUBJAb1H3d/YiRkna8Ci14+3cl+ZTpiqC
+IAFveg8kyjZgY65hthBDanyvNOIUzTOz589wGJAjdpDtfGH0gBTKAUo9ZfN5BXu
/x7FQAFJFX9VAdOLZdkxOIYDUfLp8xFZ/3QTSHhcq+XHCa6MAA8=
-----END CERTIFICATE-----
Generated at Fri May 9 20:47:34 2025 by rpki-client