Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35C7AC0E24F011F09B6D7898DAE4EC9C.roa
File: 35C7AC0E24F011F09B6D7898DAE4EC9C.roa (raw, json)
Hash identifier: 8Dwd4MJfqvTjELzpeK+GEDRk2S/qf7ksAh7FSzMLIAA=
Subject key identifier: 80:27:DB:64:6C:E7:B3:90:20:06:3C:A9:31:A0:EE:D7:0D:E6:75:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017CE9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35C7AC0E24F011F09B6D7898DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 11:50:57 +0000
ROA not before: Tue 29 Apr 2025 11:50:51 +0000
ROA not after: Fri 04 Jul 2025 11:50:51 +0000
asID: 63139
IP address blocks: 154.94.64.0/24 maxlen: 24
154.94.65.0/24 maxlen: 24
154.94.66.0/23 maxlen: 24
154.94.75.0/24 maxlen: 24
154.94.76.0/24 maxlen: 24
154.94.77.0/24 maxlen: 24
154.94.78.0/24 maxlen: 24
154.94.79.0/24 maxlen: 24
154.94.80.0/24 maxlen: 24
154.94.81.0/24 maxlen: 24
154.94.82.0/24 maxlen: 24
154.94.83.0/24 maxlen: 24
154.94.84.0/24 maxlen: 24
154.94.85.0/24 maxlen: 24
154.94.121.0/24 maxlen: 24
154.94.122.0/24 maxlen: 24
154.94.123.0/24 maxlen: 24
154.94.124.0/24 maxlen: 24
154.94.126.0/24 maxlen: 24
154.94.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97513 (0x17ce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 11:50:51 2025 GMT
Not After : Jul 4 11:50:51 2025 GMT
Subject: CN=6810bd20-c7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b0:85:a5:1d:66:66:e4:8d:b8:fd:38:4e:4f:
40:1a:9e:1d:3a:f8:59:c4:24:3d:42:a1:eb:b8:c9:
97:32:3d:df:a6:a5:6b:a0:b9:db:5e:01:69:01:fb:
21:eb:86:de:b9:cb:89:9b:52:44:d5:c8:33:cb:83:
eb:bb:f0:b9:ad:10:a9:ee:a4:b6:22:10:8f:9e:79:
c7:25:ed:ce:d4:40:90:44:fc:24:9e:04:84:a4:c6:
45:76:42:d9:78:fe:be:a4:f3:3b:9b:43:5d:28:44:
db:c4:c9:66:97:53:1e:71:3a:97:a4:21:f2:9d:b0:
4f:cf:3d:37:f1:38:d5:81:4b:48:b0:d5:a7:5d:ee:
4f:3c:e3:89:cc:2e:59:25:1c:b7:17:3c:32:a6:4f:
e4:e4:24:d8:5c:64:b8:64:e3:94:5d:7a:25:ae:9b:
d0:a4:b4:d4:60:f3:66:8b:32:e5:cc:13:a4:9e:f4:
35:aa:a4:73:8f:89:66:7a:cf:dc:fa:3c:21:14:95:
77:68:01:be:78:de:b6:92:60:62:2a:5e:19:13:79:
a4:b8:d1:40:71:d5:c3:1f:13:c6:c6:86:4a:93:29:
e8:4a:6c:1b:b2:21:b2:47:8f:90:72:7f:c1:39:23:
8d:70:12:d4:a0:85:25:f9:be:65:44:74:03:60:54:
c3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:27:DB:64:6C:E7:B3:90:20:06:3C:A9:31:A0:EE:D7:0D:E6:75:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35C7AC0E24F011F09B6D7898DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.64.0/22
154.94.75.0-154.94.85.255
154.94.121.0-154.94.124.255
154.94.126.0/23
Signature Algorithm: sha256WithRSAEncryption
28:dc:a4:14:86:fa:74:ab:e1:7e:17:f2:0a:53:71:aa:46:52:
13:72:35:2f:e6:65:6a:b3:32:a2:f1:f3:7f:3f:64:12:b9:ba:
8d:5a:fa:9c:f4:3c:b5:82:f1:f1:27:58:a1:81:6b:a0:32:06:
40:53:08:74:bd:84:41:77:6b:a1:16:f3:a5:24:0b:f9:64:e5:
61:9c:5e:44:fe:25:6d:09:c3:d6:94:be:c1:01:68:3c:e9:77:
d6:a1:d1:57:51:c3:0b:08:32:86:68:b6:26:97:ce:90:a3:82:
6d:3a:0c:ff:2b:26:a2:39:7f:14:7c:c3:00:3e:f0:ce:48:c1:
aa:5e:ab:79:0a:54:2d:ea:99:55:e3:6b:07:34:01:47:60:46:
dc:d2:ee:fc:4b:86:69:49:cd:df:53:f3:5a:a7:e3:f6:e9:b6:
c3:00:99:88:0b:22:ff:e1:45:3b:5b:ad:35:08:5e:1c:51:98:
1f:30:78:18:a1:78:a5:ca:84:53:16:7f:dd:80:c5:33:6a:8c:
b4:64:93:58:1b:51:03:fa:5b:85:ba:00:b7:80:21:74:c7:2d:
54:ac:89:5f:30:78:27:6e:ec:3f:e3:51:de:16:76:a8:8e:63:
d6:bd:8e:30:52:4a:a3:5e:55:de:cd:a0:f4:42:b0:f8:7b:34:
71:ce:31:e3
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAXzpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI5MTE1MDUxWhcNMjUwNzA0MTE1MDUxWjAYMRYw
FAYDVQQDEw02ODEwYmQyMC1jN2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA77CFpR1mZuSNuP04Tk9AGp4dOvhZxCQ9QqHruMmXMj3fpqVroLnbXgFp
Afsh64beucuJm1JE1cgzy4Pru/C5rRCp7qS2IhCPnnnHJe3O1ECQRPwkngSEpMZF
dkLZeP6+pPM7m0NdKETbxMlml1MecTqXpCHynbBPzz038TjVgUtIsNWnXe5PPOOJ
zC5ZJRy3Fzwypk/k5CTYXGS4ZOOUXXolrpvQpLTUYPNmizLlzBOknvQ1qqRzj4lm
es/c+jwhFJV3aAG+eN62kmBiKl4ZE3mkuNFAcdXDHxPGxoZKkynoSmwbsiGyR4+Q
cn/BOSONcBLUoIUl+b5lRHQDYFTD/wIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFIAn
22Rs57OQIAY8qTGg7tcN5nXGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNUM3QUMwRTI0RjAxMUYwOUI2RDc4OThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCml5AMAwDBACaXksDBAGa
XlQwDAMEAJpeeQMEAJpefAMEAZpefjANBgkqhkiG9w0BAQsFAAOCAQEAKNykFIb6
dKvhfhfyClNxqkZSE3I1L+ZlarMyovHzfz9kErm6jVr6nPQ8tYLx8SdYoYFroDIG
QFMIdL2EQXdroRbzpSQL+WTlYZxeRP4lbQnD1pS+wQFoPOl31qHRV1HDCwgyhmi2
JpfOkKOCbToM/ysmojl/FHzDAD7wzkjBql6reQpULeqZVeNrBzQBR2BG3NLu/EuG
aUnN31PzWqfj9um2wwCZiAsi/+FFO1utNQheHFGYHzB4GKF4pcqEUxZ/3YDFM2qM
tGSTWBtRA/pbhboAt4AhdMctVKyJXzB4J27sP+NR3hZ2qI5j1r2OMFJKo15V3s2g
9EKw+Hs0cc4x4w==
-----END CERTIFICATE-----
Generated at Sat May 10 20:25:41 2025 by rpki-client