Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/379C3496268511F096A05EAEDAE4EC9C.roa
File: 379C3496268511F096A05EAEDAE4EC9C.roa (raw, json)
Hash identifier: GQGTELcmljKZIMpf9EMR3qK7PRvsyvyWf6yUEMTneZ8=
Subject key identifier: F9:2A:96:BC:CD:6B:10:E4:27:0E:3D:CF:D9:58:BD:67:F6:AA:C2:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DF6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/379C3496268511F096A05EAEDAE4EC9C.roa
Signing time: Thu 01 May 2025 12:10:06 +0000
ROA not before: Thu 01 May 2025 12:10:00 +0000
ROA not after: Wed 26 Apr 2028 12:10:00 +0000
asID: 17561
IP address blocks: 154.85.118.0/24 maxlen: 24
154.85.119.0/24 maxlen: 24
154.85.121.0/24 maxlen: 24
154.85.122.0/24 maxlen: 24
154.86.8.0/24 maxlen: 24
154.86.9.0/24 maxlen: 24
154.86.10.0/24 maxlen: 24
154.86.11.0/24 maxlen: 24
154.86.96.0/24 maxlen: 24
154.86.97.0/24 maxlen: 24
154.86.98.0/24 maxlen: 24
154.86.99.0/24 maxlen: 24
154.86.100.0/24 maxlen: 24
154.86.101.0/24 maxlen: 24
154.86.102.0/24 maxlen: 24
154.86.103.0/24 maxlen: 24
154.86.104.0/24 maxlen: 24
154.86.105.0/24 maxlen: 24
154.86.106.0/24 maxlen: 24
154.86.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97782 (0x17df6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:10:00 2025 GMT
Not After : Apr 26 12:10:00 2028 GMT
Subject: CN=6813649e-7374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:bd:39:95:8a:04:07:10:ae:0c:22:39:67:
8f:40:2b:3a:8e:db:7c:a6:08:2c:ac:e1:58:87:bd:
ce:63:ef:52:a4:0d:23:e1:34:6f:0f:92:96:94:48:
58:27:7e:12:28:de:9e:c6:3f:80:66:08:88:28:f8:
7a:a9:b2:63:e2:18:55:e4:74:8b:a6:a4:69:97:b0:
05:19:81:c1:cc:58:0b:93:64:26:18:33:f0:0e:9c:
28:42:4c:ba:9d:de:a7:96:5b:ba:fe:b4:ef:93:07:
db:45:ef:0e:9f:39:26:e5:32:d6:21:d4:cb:61:21:
65:6c:9b:28:66:cb:5e:3c:6b:87:9b:e1:ed:57:25:
f4:1a:6c:0b:a9:db:11:7a:b1:b4:3e:cf:fe:45:b7:
7c:17:d8:b1:06:51:db:4f:e0:96:36:08:ef:b8:c3:
63:27:4b:c3:4c:7b:d3:fc:83:26:c6:86:95:6e:9f:
3a:44:2d:69:03:78:af:4f:53:d4:2e:b7:29:e9:22:
16:6e:0e:43:5f:a6:33:c6:8d:04:37:96:58:6b:d8:
7e:8f:27:59:6a:f9:0d:66:29:eb:00:f5:36:64:8a:
1a:84:d4:9c:33:33:b5:95:c3:7f:a2:98:d8:a1:3a:
d5:80:df:26:3b:8b:b6:a1:d0:c1:ad:2a:69:0a:a2:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2A:96:BC:CD:6B:10:E4:27:0E:3D:CF:D9:58:BD:67:F6:AA:C2:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/379C3496268511F096A05EAEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.118.0/23
154.85.121.0-154.85.122.255
154.86.8.0/22
154.86.96.0-154.86.107.255
Signature Algorithm: sha256WithRSAEncryption
93:8c:9d:49:86:1b:51:58:12:1f:20:08:04:ba:95:f5:6b:55:
57:f3:be:d3:09:4a:5e:d2:b5:b7:a3:42:51:73:27:c8:8a:32:
86:a9:7a:bd:6f:f7:0b:ce:85:e1:01:cf:fe:37:8e:cc:60:37:
d2:f7:26:07:57:97:ce:30:3e:95:7d:2b:84:9f:53:71:a8:cf:
b3:19:f7:e4:8f:e4:09:34:8d:e2:7b:10:58:4a:cd:29:64:ba:
5a:b8:67:69:91:8b:e6:89:1a:12:27:0d:b4:11:a5:8b:e1:f3:
4f:cd:ac:7c:1a:6b:5e:a4:21:39:1e:3e:c4:35:38:9f:f0:3b:
b9:6d:c9:f1:f7:c0:04:3e:df:70:17:1f:45:22:3e:38:7a:49:
65:59:62:0c:35:47:f6:6a:40:6f:63:15:f0:5c:de:60:ae:f8:
28:69:9d:43:91:d9:12:63:e7:c2:81:c6:09:2c:c3:08:a8:50:
55:cb:45:4f:71:2a:64:d4:e4:08:d5:e1:08:e9:e7:a5:50:9c:
7b:b3:1e:f4:31:08:1d:e9:c2:1f:08:76:cf:bd:aa:8a:f9:19:
f2:53:6c:b1:98:19:c8:f2:0c:d1:60:4c:5c:c4:2c:a2:6b:84:
b8:a4:0e:7e:07:d0:5e:5d:38:27:30:8a:aa:7e:63:84:6b:81:
e7:c1:76:88
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAX32MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTIxMDAwWhcNMjgwNDI2MTIxMDAwWjAYMRYw
FAYDVQQDEw02ODEzNjQ5ZS03Mzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwaS9OZWKBAcQrgwiOWePQCs6jtt8pggsrOFYh73OY+9SpA0j4TRvD5KW
lEhYJ34SKN6exj+AZgiIKPh6qbJj4hhV5HSLpqRpl7AFGYHBzFgLk2QmGDPwDpwo
Qky6nd6nllu6/rTvkwfbRe8Onzkm5TLWIdTLYSFlbJsoZstePGuHm+HtVyX0GmwL
qdsRerG0Ps/+Rbd8F9ixBlHbT+CWNgjvuMNjJ0vDTHvT/IMmxoaVbp86RC1pA3iv
T1PULrcp6SIWbg5DX6Yzxo0EN5ZYa9h+jydZavkNZinrAPU2ZIoahNScMzO1lcN/
opjYoTrVgN8mO4u2odDBrSppCqJGJQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFPkq
lrzNaxDkJw49z9lYvWf2qsIgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNzlDMzQ5NjI2ODUxMUYwOTZBMDVFQUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBmlV2MAwDBACaVXkDBACa
VXoDBAKaVggwDAMEBZpWYAMEAppWaDANBgkqhkiG9w0BAQsFAAOCAQEAk4ydSYYb
UVgSHyAIBLqV9WtVV/O+0wlKXtK1t6NCUXMnyIoyhql6vW/3C86F4QHP/jeOzGA3
0vcmB1eXzjA+lX0rhJ9TcajPsxn35I/kCTSN4nsQWErNKWS6WrhnaZGL5okaEicN
tBGli+HzT82sfBprXqQhOR4+xDU4n/A7uW3J8ffABD7fcBcfRSI+OHpJZVliDDVH
9mpAb2MV8FzeYK74KGmdQ5HZEmPnwoHGCSzDCKhQVctFT3EqZNTkCNXhCOnnpVCc
e7Me9DEIHenCHwh2z72qivkZ8lNssZgZyPIM0WBMXMQsomuEuKQOfgfQXl04JzCK
qn5jhGuB58F2iA==
-----END CERTIFICATE-----
Generated at Sun May 11 15:08:39 2025 by rpki-client