Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A86253C248611F0832455C6DAE4EC9C.roa
File: 3A86253C248611F0832455C6DAE4EC9C.roa (raw, json)
Hash identifier: bK0nFlsFKdPLCgrQW4SzQI2Zfcx8ryXW34WI5XtTBeg=
Subject key identifier: B9:AF:F7:1D:42:D0:54:1A:59:F2:DC:6C:17:96:61:10:44:C0:59:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C97
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A86253C248611F0832455C6DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 23:12:18 +0000
ROA not before: Mon 28 Apr 2025 23:12:13 +0000
ROA not after: Sun 15 Jun 2025 23:12:13 +0000
asID: 138915
IP address blocks: 154.203.133.0/24 maxlen: 24
154.203.134.0/24 maxlen: 24
154.203.135.0/24 maxlen: 24
154.203.138.0/24 maxlen: 24
154.203.139.0/24 maxlen: 24
154.203.140.0/24 maxlen: 24
154.203.141.0/24 maxlen: 24
154.203.146.0/24 maxlen: 24
154.203.147.0/24 maxlen: 24
154.203.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97431 (0x17c97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 23:12:13 2025 GMT
Not After : Jun 15 23:12:13 2025 GMT
Subject: CN=68100b52-99b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:51:10:8e:7e:16:27:7f:ea:f9:b5:51:52:a2:
75:9a:e2:be:6d:16:58:7b:e6:5c:8e:1b:60:d5:a5:
b2:35:df:7c:e5:c8:4e:3e:e7:d9:a3:27:e6:39:5d:
f0:a5:4c:c2:3e:b5:89:8a:30:b3:59:46:8f:87:39:
22:90:8c:07:1c:c2:b7:9f:91:55:8b:53:6f:cf:21:
88:8c:ae:eb:d7:15:cf:dc:10:e1:10:a7:de:f6:7e:
f5:cf:6e:73:2f:18:c3:d3:d6:cc:de:39:1d:16:70:
02:76:25:0c:ab:16:ec:2a:35:cd:40:3a:95:51:c8:
36:13:95:b1:3a:7a:06:8b:b4:24:80:9b:fa:74:29:
90:66:d3:e3:ad:9c:fc:3e:61:bc:df:fe:c2:ff:42:
7b:07:cd:c6:e4:0b:3e:0d:c7:54:f5:99:c0:89:e9:
72:ab:e7:f3:0f:08:b5:1c:6f:88:be:6c:35:e3:37:
4f:e2:2d:94:1a:23:9b:89:f8:90:db:e5:59:24:1e:
79:ac:9e:89:70:8c:b3:24:ab:f7:d1:88:ac:63:9a:
b7:05:47:3c:41:ca:91:7a:1e:ea:80:60:b0:17:9f:
11:b5:b8:bc:d9:36:3c:c4:94:5e:3f:8c:7d:ad:14:
95:5e:05:bc:53:09:c1:1f:f1:9b:74:a4:59:1f:90:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AF:F7:1D:42:D0:54:1A:59:F2:DC:6C:17:96:61:10:44:C0:59:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A86253C248611F0832455C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.133.0-154.203.135.255
154.203.138.0-154.203.141.255
154.203.146.0/23
154.203.152.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ec:93:ca:0d:96:f1:ba:ea:ca:58:6f:82:38:8f:cd:98:7c:
32:8e:98:de:94:76:86:63:67:97:f5:ef:20:a6:76:ba:f5:1e:
d6:a6:72:93:09:1a:53:89:cd:7c:6b:42:e6:5d:0a:d0:a9:b4:
88:86:5a:39:61:4b:00:a1:22:91:69:b0:68:02:3e:bb:22:74:
c4:98:57:34:9f:40:e0:2d:3d:ab:24:ce:7a:cf:e8:b5:9f:bb:
e6:cd:5a:c4:77:68:e0:3d:da:fe:18:b4:ad:db:57:d4:24:2c:
ed:ff:1d:30:55:9f:80:38:5a:24:db:bd:ff:2d:e2:f1:d4:e6:
b7:e2:22:f1:2f:3c:66:76:f0:33:de:91:1e:6e:e3:92:10:65:
60:c2:ef:77:0e:f1:ec:98:9e:9a:50:1c:10:4c:4f:b7:8b:e6:
38:c7:d5:79:37:96:30:9f:d6:17:5c:76:1d:8e:40:51:4e:29:
f9:67:5f:fc:d7:5b:32:b5:e6:38:52:59:3d:c1:7c:15:4b:46:
d0:85:f8:46:be:f1:ec:1c:ff:65:f9:72:a2:e6:78:68:86:74:
74:41:9a:fb:09:bb:8a:f1:2b:13:7e:8b:f0:e0:3d:7d:30:ae:
cc:49:79:bb:51:37:dc:4a:0c:67:44:03:18:44:6e:6f:cb:66:
a0:18:9a:d1
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAXyXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MjMxMjEzWhcNMjUwNjE1MjMxMjEzWjAYMRYw
FAYDVQQDEw02ODEwMGI1Mi05OWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoVEQjn4WJ3/q+bVRUqJ1muK+bRZYe+Zcjhtg1aWyNd985chOPufZoyfm
OV3wpUzCPrWJijCzWUaPhzkikIwHHMK3n5FVi1NvzyGIjK7r1xXP3BDhEKfe9n71
z25zLxjD09bM3jkdFnACdiUMqxbsKjXNQDqVUcg2E5WxOnoGi7QkgJv6dCmQZtPj
rZz8PmG83/7C/0J7B83G5As+DcdU9ZnAielyq+fzDwi1HG+Ivmw14zdP4i2UGiOb
ifiQ2+VZJB55rJ6JcIyzJKv30YisY5q3BUc8QcqReh7qgGCwF58Rtbi82TY8xJRe
P4x9rRSVXgW8UwnBH/GbdKRZH5BpdQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFLmv
9x1C0FQaWfLcbBeWYRBEwFlgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTg2MjUzQzI0ODYxMUYwODMyNDU1QzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBACay4UDBAOay4AwDAME
AZrLigMEAZrLjAMEAZrLkgMEAJrLmDANBgkqhkiG9w0BAQsFAAOCAQEAWuyTyg2W
8brqylhvgjiPzZh8Mo6Y3pR2hmNnl/XvIKZ2uvUe1qZykwkaU4nNfGtC5l0K0Km0
iIZaOWFLAKEikWmwaAI+uyJ0xJhXNJ9A4C09qyTOes/otZ+75s1axHdo4D3a/hi0
rdtX1CQs7f8dMFWfgDhaJNu9/y3i8dTmt+Ii8S88ZnbwM96RHm7jkhBlYMLvdw7x
7JiemlAcEExPt4vmOMfVeTeWMJ/WF1x2HY5AUU4p+Wdf/NdbMrXmOFJZPcF8FUtG
0IX4Rr7x7Bz/ZflyouZ4aIZ0dEGa+wm7ivErE36L8OA9fTCuzEl5u1E33EoMZ0QD
GERub8tmoBia0Q==
-----END CERTIFICATE-----
Generated at Sat May 10 06:57:14 2025 by rpki-client