Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C6DB8182F2011F0B5821BBEDAE4EC9C.roa
File: 1C6DB8182F2011F0B5821BBEDAE4EC9C.roa (raw, json)
Hash identifier: 5I4ho6Ifnyas624HQ07VLyAz8bhy06sylsQd7KhPKes=
Subject key identifier: 1A:3D:21:12:7C:35:1B:AC:A2:71:57:DC:52:CB:70:61:23:60:E2:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FDF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C6DB8182F2011F0B5821BBEDAE4EC9C.roa
Signing time: Mon 12 May 2025 10:59:01 +0000
ROA not before: Mon 12 May 2025 10:58:57 +0000
ROA not after: Tue 20 May 2025 10:58:57 +0000
asID: 9009
IP address blocks: 154.216.192.0/24 maxlen: 24
154.216.200.0/24 maxlen: 24
154.216.216.0/24 maxlen: 24
154.216.221.0/24 maxlen: 24
154.216.225.0/24 maxlen: 24
154.216.226.0/24 maxlen: 24
154.216.230.0/24 maxlen: 24
154.216.235.0/24 maxlen: 24
154.216.251.0/24 maxlen: 24
154.216.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98271 (0x17fdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 10:58:57 2025 GMT
Not After : May 20 10:58:57 2025 GMT
Subject: CN=6821d475-2ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c0:5e:cb:67:d6:09:7b:c2:22:4c:e4:08:af:
a3:11:0c:6d:35:26:7c:fb:5d:7a:37:d4:47:6b:a8:
e7:41:5e:68:c0:24:52:ed:08:85:06:5d:59:3a:a0:
84:18:4a:48:89:f6:98:e5:29:fd:a3:05:a0:55:70:
d5:e9:bf:11:1d:77:e0:e5:3c:25:f8:2b:73:f1:9f:
57:cf:2b:b5:85:3e:b9:19:00:5d:74:19:e0:f2:8d:
ad:10:5a:ec:96:57:4c:b0:c0:68:1d:fc:8b:36:68:
be:45:5d:6b:37:f7:9d:67:ad:c3:eb:69:77:be:c5:
5f:bc:73:65:2e:86:64:04:df:10:73:ec:1c:55:ab:
aa:15:a7:c8:f5:3d:e8:ed:f2:3a:d5:af:26:e2:ac:
8d:d3:8d:ac:e0:9b:ef:a1:e8:00:b0:9e:bc:aa:a5:
68:f8:74:2b:06:af:52:1c:7a:6d:7f:84:a2:87:c7:
0a:74:cf:a4:8e:47:10:78:55:ae:f6:98:16:ca:5c:
4b:3e:2f:07:63:c3:07:c3:d5:d6:40:a2:cf:01:6a:
fc:48:6d:d0:3b:1e:d6:b0:8c:9c:9c:38:26:41:44:
6e:46:1a:94:fc:fc:4a:e5:3a:8b:d3:ff:50:4c:72:
82:bc:de:18:a5:0d:cc:9c:7e:78:ad:c2:a8:85:1b:
d0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3D:21:12:7C:35:1B:AC:A2:71:57:DC:52:CB:70:61:23:60:E2:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C6DB8182F2011F0B5821BBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.192.0/24
154.216.200.0/24
154.216.216.0/24
154.216.221.0/24
154.216.225.0-154.216.226.255
154.216.230.0/24
154.216.235.0/24
154.216.251.0/24
154.216.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:59:5e:2f:7e:03:e2:4b:8d:a0:d6:00:3b:75:d8:a6:c8:d4:
33:ff:ce:52:d1:4a:92:e3:10:6d:f2:f6:ee:48:44:98:10:c4:
05:e6:9a:8a:06:31:02:87:98:fe:40:85:59:ac:97:64:73:ca:
69:e5:31:7f:8c:72:d1:c5:bb:ff:d6:59:4f:ec:5b:d3:e7:f0:
75:f4:40:6a:6d:20:12:b6:d2:11:1f:af:5a:7f:b0:57:cf:88:
5b:bd:14:c3:b7:7d:c0:e1:f9:0d:9a:6e:8c:65:da:51:37:49:
64:87:c8:16:a9:53:3e:a9:af:7d:fa:4b:9d:4e:39:12:db:18:
ab:23:7a:e1:90:d1:f2:a9:9e:5d:55:d2:7c:36:09:bf:bd:75:
89:a5:ae:4c:10:40:d1:c7:7a:6c:47:af:b5:d9:40:50:b2:34:
b3:a9:a4:e3:c3:3c:77:c0:19:d7:48:82:28:d7:b6:82:23:13:
1e:63:34:ad:38:d2:19:bb:3d:57:d0:cb:a9:68:39:06:ae:68:
97:5d:92:1f:5b:4e:99:eb:a5:17:d5:8b:fe:12:a6:26:77:61:
ca:06:a5:60:05:8a:81:f4:95:1d:e4:9a:6a:27:f5:57:fb:1e:
b6:5d:c0:bc:ac:1f:9d:d7:b6:29:c1:fb:0f:2c:52:89:39:c8:
40:4a:86:46
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAX/fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTA1ODU3WhcNMjUwNTIwMTA1ODU3WjAYMRYw
FAYDVQQDEw02ODIxZDQ3NS0yZmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8Bey2fWCXvCIkzkCK+jEQxtNSZ8+116N9RHa6jnQV5owCRS7QiFBl1Z
OqCEGEpIifaY5Sn9owWgVXDV6b8RHXfg5Twl+Ctz8Z9Xzyu1hT65GQBddBng8o2t
EFrslldMsMBoHfyLNmi+RV1rN/edZ63D62l3vsVfvHNlLoZkBN8Qc+wcVauqFafI
9T3o7fI61a8m4qyN042s4JvvoegAsJ68qqVo+HQrBq9SHHptf4Sih8cKdM+kjkcQ
eFWu9pgWylxLPi8HY8MHw9XWQKLPAWr8SG3QOx7WsIycnDgmQURuRhqU/PxK5TqL
0/9QTHKCvN4YpQ3MnH54rcKohRvQkQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFBo9
IRJ8NRusonFX3FLLcGEjYOKIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQzZEQjgxODJGMjAxMUYwQjU4MjFCQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmtjAAwQAmtjIAwQAmtjY
AwQAmtjdMAwDBACa2OEDBACa2OIDBACa2OYDBACa2OsDBACa2PsDBACa2P8wDQYJ
KoZIhvcNAQELBQADggEBAJ5ZXi9+A+JLjaDWADt12KbI1DP/zlLRSpLjEG3y9u5I
RJgQxAXmmooGMQKHmP5AhVmsl2RzymnlMX+MctHFu//WWU/sW9Pn8HX0QGptIBK2
0hEfr1p/sFfPiFu9FMO3fcDh+Q2aboxl2lE3SWSHyBapUz6pr336S51OORLbGKsj
euGQ0fKpnl1V0nw2Cb+9dYmlrkwQQNHHemxHr7XZQFCyNLOppOPDPHfAGddIgijX
toIjEx5jNK040hm7PVfQy6loOQauaJddkh9bTpnrpRfVi/4SpiZ3YcoGpWAFioH0
lR3kmmon9Vf7HrZdwLysH53XtinB+w8sUok5yEBKhkY=
-----END CERTIFICATE-----
Generated at Thu May 15 23:49:08 2025 by rpki-client