Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34ADFC32241511F0A90A36DADAE4EC9C.roa
File: 34ADFC32241511F0A90A36DADAE4EC9C.roa (raw, json)
Hash identifier: gax0AwzNZPItr3kdvlzHynHjmnFT9DzCeUP32wvWlY0=
Subject key identifier: 25:9D:E5:7A:BE:C5:C0:B2:0A:DD:8C:24:F8:25:47:A1:35:B6:A3:55
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B5A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34ADFC32241511F0A90A36DADAE4EC9C.roa
Signing time: Mon 28 Apr 2025 09:43:15 +0000
ROA not before: Mon 28 Apr 2025 09:43:10 +0000
ROA not after: Fri 30 May 2025 09:43:10 +0000
asID: 395886
IP address blocks: 154.201.72.0/21 maxlen: 24
154.201.88.0/22 maxlen: 24
154.201.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97114 (0x17b5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 09:43:10 2025 GMT
Not After : May 30 09:43:10 2025 GMT
Subject: CN=680f4db3-564c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e2:b6:ab:4c:69:f8:e9:f8:5a:4b:7b:02:9b:
76:d2:36:4e:b3:bc:39:91:13:dd:c4:63:93:13:a8:
0f:4d:d2:d4:9c:ed:72:5a:ab:03:d1:bf:5e:4a:b9:
7a:5c:73:96:f3:e6:cb:65:94:34:83:40:04:f2:78:
4f:7e:ad:26:42:78:76:bb:c1:6e:ab:bf:6d:98:c1:
01:d1:73:de:1f:8e:c0:ad:cd:fd:62:d5:23:f9:1e:
c5:65:46:41:ef:8b:e5:0a:8c:40:27:75:57:a2:f8:
43:ec:ff:32:a3:81:9b:a4:dc:a5:7f:0e:30:4b:03:
0e:67:84:45:9f:ac:50:15:89:c4:d7:f8:b2:74:c0:
4b:d5:0b:0c:51:ad:b5:a5:35:fe:a8:ba:dd:46:c2:
8e:b9:43:a8:f1:50:f0:cb:40:d6:4b:61:e7:f8:56:
59:96:af:c8:e6:5b:7e:ef:f0:07:8b:fb:a7:e2:6f:
7d:bb:7d:1e:e0:42:eb:fc:66:73:36:5e:c2:24:7d:
23:17:16:2a:ef:37:f4:00:d8:62:d5:bf:93:7d:a4:
e0:f2:4f:c4:e8:fb:a2:94:72:e3:dc:23:f7:f4:c0:
95:30:17:8a:eb:ad:18:28:22:bb:8e:30:4a:84:bc:
a0:41:0f:fc:f4:a5:4a:aa:e0:17:68:d5:a6:71:80:
fd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9D:E5:7A:BE:C5:C0:B2:0A:DD:8C:24:F8:25:47:A1:35:B6:A3:55
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34ADFC32241511F0A90A36DADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
154.201.88.0-154.201.93.255
Signature Algorithm: sha256WithRSAEncryption
8a:25:37:5e:6d:f5:ef:76:af:13:4f:a8:43:65:d3:8b:b3:45:
ed:96:5e:b6:a3:2d:ae:72:07:e2:71:6f:16:da:ad:7b:81:c5:
37:1c:ef:9e:24:6c:95:4a:74:66:1b:cd:ca:2f:a9:2c:05:8e:
bb:bf:ad:cd:91:a5:aa:7b:0d:20:06:c3:e4:95:f6:81:ab:2f:
01:6e:29:7d:fa:f0:71:ca:51:7b:5d:a1:4b:5b:b4:65:75:48:
3a:7d:5a:53:23:65:fc:b4:fc:2c:69:40:96:d6:bf:8d:11:7a:
d4:ca:22:d2:5b:8e:51:52:41:aa:a4:50:cc:a7:8d:7c:88:ad:
65:63:34:6f:60:59:74:78:e0:fe:33:53:ae:bb:72:b9:57:99:
25:bc:41:e4:c9:7a:6d:11:e2:15:2b:25:c6:6d:99:7a:a4:7e:
df:e6:22:37:d2:10:13:f7:3c:70:ed:76:96:5e:0f:a2:d0:ba:
17:3c:4a:98:45:10:c2:6c:76:e7:2b:2d:0f:11:b3:da:43:df:
14:35:c4:a3:1e:8e:bd:da:56:49:43:ab:ca:69:08:7f:4e:b4:
5c:b1:19:23:dc:15:43:3d:61:52:c6:9e:da:87:15:70:00:03:
f2:df:d8:0e:63:a3:d6:52:ba:6d:e7:72:33:8d:74:ca:cf:4d:
e7:7b:0b:5b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXtaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MDk0MzEwWhcNMjUwNTMwMDk0MzEwWjAYMRYw
FAYDVQQDEw02ODBmNGRiMy01NjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm+K2q0xp+On4Wkt7Apt20jZOs7w5kRPdxGOTE6gPTdLUnO1yWqsD0b9e
Srl6XHOW8+bLZZQ0g0AE8nhPfq0mQnh2u8Fuq79tmMEB0XPeH47Arc39YtUj+R7F
ZUZB74vlCoxAJ3VXovhD7P8yo4GbpNylfw4wSwMOZ4RFn6xQFYnE1/iydMBL1QsM
Ua21pTX+qLrdRsKOuUOo8VDwy0DWS2Hn+FZZlq/I5lt+7/AHi/un4m99u30e4ELr
/GZzNl7CJH0jFxYq7zf0ANhi1b+TfaTg8k/E6PuilHLj3CP39MCVMBeK660YKCK7
jjBKhLygQQ/89KVKquAXaNWmcYD9swIDAQABo4ICszCCAq8wHQYDVR0OBBYEFCWd
5Xq+xcCyCt2MJPglR6E1tqNVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNEFERkMzMjI0MTUxMUYwQTkwQTM2REFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmslIMAwDBAOayVgDBAGa
yVwwDQYJKoZIhvcNAQELBQADggEBAIolN15t9e92rxNPqENl04uzRe2WXrajLa5y
B+JxbxbarXuBxTcc754kbJVKdGYbzcovqSwFjru/rc2Rpap7DSAGw+SV9oGrLwFu
KX368HHKUXtdoUtbtGV1SDp9WlMjZfy0/CxpQJbWv40RetTKItJbjlFSQaqkUMyn
jXyIrWVjNG9gWXR44P4zU667crlXmSW8QeTJem0R4hUrJcZtmXqkft/mIjfSEBP3
PHDtdpZeD6LQuhc8SphFEMJsducrLQ8Rs9pD3xQ1xKMejr3aVklDq8ppCH9OtFyx
GSPcFUM9YVLGntqHFXAAA/Lf2A5jo9ZSum3ncjONdMrPTed7C1s=
-----END CERTIFICATE-----
Generated at Sat May 10 07:23:54 2025 by rpki-client