Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18B8A2C6316B11F09CC32F9CDAE4EC9C.roa
File: 18B8A2C6316B11F09CC32F9CDAE4EC9C.roa (raw, json)
Hash identifier: 3TiFAquDH+DPpR524qZMGbD4+NR5919MKbHjLZtL38A=
Subject key identifier: 33:E5:37:1A:87:35:F8:3F:4D:9B:CE:81:83:D5:40:30:FA:46:F3:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0180BC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18B8A2C6316B11F09CC32F9CDAE4EC9C.roa
Signing time: Thu 15 May 2025 09:00:50 +0000
ROA not before: Thu 15 May 2025 09:00:45 +0000
ROA not after: Tue 24 Jun 2025 09:00:45 +0000
asID: 54600
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98492 (0x180bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 15 09:00:45 2025 GMT
Not After : Jun 24 09:00:45 2025 GMT
Subject: CN=6825ad42-b345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:18:32:3a:4d:1e:5f:b5:db:ce:c3:9e:dd:b5:
6b:b4:5a:2b:f4:15:d4:39:73:18:bc:34:51:f4:5c:
3e:15:49:ba:8a:3f:ed:c3:06:22:4d:f0:f4:7e:46:
5c:a5:9a:02:e2:e7:dd:6c:a1:a5:d1:86:3a:2b:96:
25:fd:af:ef:91:84:27:c1:38:1a:b8:ed:49:3f:a7:
c9:1e:82:49:cc:8f:ce:3a:f5:eb:ad:86:47:5b:88:
6d:36:75:2a:9a:1e:be:bc:cb:6e:71:fe:37:5c:90:
0e:73:73:15:58:1c:b3:1f:ea:7b:3f:29:cc:56:9e:
05:fe:d1:f8:d1:42:27:c4:6c:ea:1d:a1:4c:93:05:
d8:c1:49:cc:ac:98:29:3b:a0:07:73:f4:3b:dd:d7:
76:d6:d4:1a:1d:25:3a:f9:27:fb:27:b7:87:93:55:
a4:6b:63:31:27:65:50:d6:1b:df:b7:1f:9d:8b:12:
bd:16:fe:cf:4f:d7:63:0b:96:06:d7:c7:ed:18:81:
c8:52:92:5c:d9:fa:f7:ce:ce:3f:0f:bf:5a:4d:90:
d2:79:5b:fb:ac:76:0d:a6:21:42:d0:54:fb:a1:ed:
ea:11:36:46:28:63:a4:a2:11:fb:84:dc:54:6a:24:
4c:54:71:5c:f6:02:82:f0:6e:ac:a0:25:67:0c:74:
4f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E5:37:1A:87:35:F8:3F:4D:9B:CE:81:83:D5:40:30:FA:46:F3:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18B8A2C6316B11F09CC32F9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
4c:dc:1b:5e:02:ff:bb:b3:4d:59:26:ab:5a:03:7e:0f:44:43:
c6:31:b0:f3:0e:17:45:b0:d5:8b:d0:c4:35:6f:ba:83:42:c3:
c8:0e:1d:33:17:ae:b7:da:ae:a6:25:81:06:5c:77:0f:af:89:
96:62:de:f5:74:4b:07:fb:3a:8e:a5:b9:6f:9a:1b:67:23:8c:
29:2e:1d:48:0f:59:c8:71:b1:e7:95:96:66:1b:38:2e:6c:4f:
e2:e4:1a:72:72:0b:35:dd:49:2b:ae:83:6b:30:ab:16:ff:60:
9e:fa:7c:c8:06:ab:0b:c9:fd:e8:6b:a2:92:5b:4a:a4:9c:b0:
f1:a0:b3:27:01:22:f5:34:44:8b:5f:5e:3d:89:40:b6:db:5b:
2f:94:e7:3f:a3:86:48:f9:70:e8:c7:d7:05:e8:51:4f:1b:42:
b1:78:01:9a:d3:44:2b:11:f7:3f:d3:13:43:32:28:40:4c:1b:
00:63:63:a6:51:c1:79:d6:1f:19:4d:88:b1:ac:d2:04:a1:dd:
ea:94:a4:16:c9:9e:b8:2b:51:83:3b:34:b4:c3:98:96:ce:9f:
3a:11:c3:ed:af:a4:c0:37:d0:b5:03:9e:d6:c6:ae:19:65:64:
89:e5:76:2d:59:7b:ca:15:87:b1:7a:2a:0b:10:bb:57:48:80:
ad:f0:c2:90
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAYC8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE1MDkwMDQ1WhcNMjUwNjI0MDkwMDQ1WjAYMRYw
FAYDVQQDEw02ODI1YWQ0Mi1iMzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1hgyOk0eX7XbzsOe3bVrtFor9BXUOXMYvDRR9Fw+FUm6ij/twwYiTfD0
fkZcpZoC4ufdbKGl0YY6K5Yl/a/vkYQnwTgauO1JP6fJHoJJzI/OOvXrrYZHW4ht
NnUqmh6+vMtucf43XJAOc3MVWByzH+p7PynMVp4F/tH40UInxGzqHaFMkwXYwUnM
rJgpO6AHc/Q73dd21tQaHSU6+Sf7J7eHk1Wka2MxJ2VQ1hvftx+dixK9Fv7PT9dj
C5YG18ftGIHIUpJc2fr3zs4/D79aTZDSeVv7rHYNpiFC0FT7oe3qETZGKGOkohH7
hNxUaiRMVHFc9gKC8G6soCVnDHRPHwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFDPl
NxqHNfg/TZvOgYPVQDD6RvM7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOEI4QTJDNjMxNkIxMUYwOUNDMzJGOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEATNwbXgL/u7NNWSarWgN+D0RDxjGw
8w4XRbDVi9DENW+6g0LDyA4dMxeut9qupiWBBlx3D6+JlmLe9XRLB/s6jqW5b5ob
ZyOMKS4dSA9ZyHGx55WWZhs4LmxP4uQacnILNd1JK66DazCrFv9gnvp8yAarC8n9
6GuikltKpJyw8aCzJwEi9TREi19ePYlAtttbL5TnP6OGSPlw6MfXBehRTxtCsXgB
mtNEKxH3P9MTQzIoQEwbAGNjplHBedYfGU2IsazSBKHd6pSkFsmeuCtRgzs0tMOY
ls6fOhHD7a+kwDfQtQOe1sauGWVkieV2LVl7yhWHsXoqCxC7V0iArfDCkA==
-----END CERTIFICATE-----
Generated at Thu May 15 23:45:49 2025 by rpki-client