Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A257D80245111F0882526E8DAE4EC9C.roa
File: 2A257D80245111F0882526E8DAE4EC9C.roa (raw, json)
Hash identifier: ybH5vUWaEjlTReJtJf18ayCuAxu/hLOCkVnUKFD3VWU=
Subject key identifier: 1B:F1:A8:F2:1F:B7:A3:7B:6E:FF:EB:AA:0F:AB:BA:FA:31:60:94:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C2F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A257D80245111F0882526E8DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 16:52:27 +0000
ROA not before: Mon 28 Apr 2025 16:52:22 +0000
ROA not after: Wed 04 Jun 2025 16:52:22 +0000
asID: 49505
IP address blocks: 154.209.215.0/24 maxlen: 24
154.209.216.0/24 maxlen: 24
154.209.217.0/24 maxlen: 24
154.209.218.0/24 maxlen: 24
154.209.219.0/24 maxlen: 24
154.209.220.0/24 maxlen: 24
154.212.30.0/24 maxlen: 24
154.213.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97327 (0x17c2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 16:52:22 2025 GMT
Not After : Jun 4 16:52:22 2025 GMT
Subject: CN=680fb24b-fd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:72:ac:0d:fe:f9:58:0f:2d:e9:d4:fa:a3:07:
f2:04:eb:3a:25:06:9b:9d:95:c4:45:bb:a2:4a:7e:
35:e2:67:d8:94:dc:b2:4e:02:c7:1c:40:b0:38:8d:
a2:ce:57:75:08:96:ef:41:74:61:a4:bf:f5:cb:69:
64:7e:e8:a9:b7:6f:30:01:59:9e:60:9e:e0:d8:05:
c3:f2:77:d7:a1:1c:f2:a2:18:fe:af:23:af:98:dd:
42:6e:42:e4:d3:4c:13:12:35:1f:cc:be:80:85:68:
f9:8e:93:c6:db:d6:c7:9f:1b:a4:45:d3:1e:6e:88:
cf:53:d1:28:c4:d4:9c:0e:aa:c0:48:44:b4:be:b4:
c3:39:c6:0e:29:79:d4:a0:37:cd:5c:db:3a:79:1f:
15:cb:6b:63:92:49:44:60:45:bd:17:a9:22:3b:c9:
9d:dd:c2:e2:64:78:e6:f1:fc:8d:4b:95:19:0f:cc:
c0:a3:2f:99:14:0b:43:76:26:dd:97:86:2b:1f:93:
f9:36:df:6a:ec:e9:33:7b:fe:9c:af:6d:dd:13:2d:
5a:e8:07:7a:a9:ec:aa:3b:00:2e:bf:d0:af:99:7e:
a4:43:ea:f2:7d:93:89:78:cb:51:2e:05:b1:45:19:
bc:83:99:eb:51:49:a5:68:91:3b:80:d0:11:cb:b9:
0d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F1:A8:F2:1F:B7:A3:7B:6E:FF:EB:AA:0F:AB:BA:FA:31:60:94:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A257D80245111F0882526E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.215.0-154.209.220.255
154.212.30.0/24
154.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
62:e2:a0:48:dd:48:13:5e:7f:b3:13:62:55:1c:fe:bd:27:a2:
6f:d1:76:de:4a:53:83:aa:9b:2f:62:ac:cc:0a:d6:3b:be:b6:
59:98:22:26:d7:b3:bc:8b:54:87:60:70:69:8d:81:d0:db:4b:
35:1f:32:99:4a:dc:6d:aa:5c:f8:5f:39:b4:a8:07:42:85:31:
5f:63:12:5b:0e:0a:8c:27:e8:bb:bf:e5:08:a7:22:f0:d4:fa:
e8:55:d3:71:2d:93:d5:54:fd:06:ed:fb:22:c2:2b:dc:27:b5:
00:a8:d1:47:45:87:d4:cc:8a:ef:be:a6:56:85:00:d1:c7:bc:
aa:c9:51:11:0f:fb:88:25:42:80:3e:8b:2c:f9:85:81:86:4d:
22:9d:db:3c:6f:0b:b3:81:14:06:c5:d0:ce:37:30:b1:52:72:
ba:c8:2b:4a:d5:a7:87:95:8e:33:39:d4:d2:9d:31:66:17:52:
6f:87:12:e1:1a:73:b5:28:ff:29:79:56:4d:b8:b1:7c:5f:61:
b2:11:80:fb:87:a0:98:02:f7:e2:73:dc:f2:ec:73:cc:57:f2:
c9:30:8d:18:42:ed:76:7f:7c:80:25:c9:5f:0e:8a:6d:93:02:
72:56:78:3c:d6:3a:71:d3:7b:4c:89:8b:a4:28:fe:6d:c3:9f:
43:0b:e1:44
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAXwvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTY1MjIyWhcNMjUwNjA0MTY1MjIyWjAYMRYw
FAYDVQQDEw02ODBmYjI0Yi1mZDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3HKsDf75WA8t6dT6owfyBOs6JQabnZXERbuiSn414mfYlNyyTgLHHECw
OI2izld1CJbvQXRhpL/1y2lkfuipt28wAVmeYJ7g2AXD8nfXoRzyohj+ryOvmN1C
bkLk00wTEjUfzL6AhWj5jpPG29bHnxukRdMebojPU9EoxNScDqrASES0vrTDOcYO
KXnUoDfNXNs6eR8Vy2tjkklEYEW9F6kiO8md3cLiZHjm8fyNS5UZD8zAoy+ZFAtD
dibdl4YrH5P5Nt9q7Okze/6cr23dEy1a6Ad6qeyqOwAuv9CvmX6kQ+ryfZOJeMtR
LgWxRRm8g5nrUUmlaJE7gNARy7kNVwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFBvx
qPIft6N7bv/rqg+ruvoxYJQhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTI1N0Q4MDI0NTExMUYwODgyNTI2RThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACa0dcDBACa0dwDBACa
1B4DBACa1QAwDQYJKoZIhvcNAQELBQADggEBAGLioEjdSBNef7MTYlUc/r0nom/R
dt5KU4Oqmy9irMwK1ju+tlmYIibXs7yLVIdgcGmNgdDbSzUfMplK3G2qXPhfObSo
B0KFMV9jElsOCown6Lu/5QinIvDU+uhV03Etk9VU/Qbt+yLCK9wntQCo0UdFh9TM
iu++plaFANHHvKrJUREP+4glQoA+iyz5hYGGTSKd2zxvC7OBFAbF0M43MLFScrrI
K0rVp4eVjjM51NKdMWYXUm+HEuEac7Uo/yl5Vk24sXxfYbIRgPuHoJgC9+Jz3PLs
c8xX8skwjRhC7XZ/fIAlyV8Oim2TAnJWeDzWOnHTe0yJi6Qo/m3Dn0ML4UQ=
-----END CERTIFICATE-----
Generated at Sun May 11 13:49:53 2025 by rpki-client