Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/410E4570268D11F08734D5E2DAE4EC9C.roa
File: 410E4570268D11F08734D5E2DAE4EC9C.roa (raw, json)
Hash identifier: UfV1Y2vhORblo214DJMsQlJkTvIyGHsAnlLq35GAeBo=
Subject key identifier: D3:14:AC:8F:AD:6D:40:CB:C9:4F:F2:FF:42:69:2B:BF:25:6A:3A:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/410E4570268D11F08734D5E2DAE4EC9C.roa
Signing time: Thu 01 May 2025 13:07:38 +0000
ROA not before: Thu 01 May 2025 13:07:20 +0000
ROA not after: Fri 28 Apr 2028 13:07:20 +0000
asID: 17561
IP address blocks: 154.84.66.0/24 maxlen: 24
154.84.67.0/24 maxlen: 24
154.84.68.0/24 maxlen: 24
154.84.69.0/24 maxlen: 24
154.84.70.0/24 maxlen: 24
154.84.71.0/24 maxlen: 24
154.84.72.0/24 maxlen: 24
154.84.73.0/24 maxlen: 24
154.84.74.0/24 maxlen: 24
154.84.75.0/24 maxlen: 24
154.84.76.0/24 maxlen: 24
154.84.77.0/24 maxlen: 24
154.84.78.0/24 maxlen: 24
154.84.79.0/24 maxlen: 24
154.84.80.0/24 maxlen: 24
154.84.81.0/24 maxlen: 24
154.84.82.0/24 maxlen: 24
154.84.83.0/24 maxlen: 24
154.84.84.0/24 maxlen: 24
154.84.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97796 (0x17e04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 13:07:20 2025 GMT
Not After : Apr 28 13:07:20 2028 GMT
Subject: CN=6813721a-a0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:18:db:b1:a1:fc:20:53:72:f7:76:46:49:4f:
f1:11:2c:91:8d:6d:00:0d:b6:c4:c8:c5:48:e5:2f:
af:32:ad:79:4e:91:1d:2b:4c:1b:73:e4:49:0a:d9:
18:6a:b0:d4:ba:44:86:75:4d:7c:46:22:6a:ad:4d:
da:21:ef:93:3e:33:c9:9f:33:be:e2:d2:ae:f6:8d:
6c:e7:00:ed:3e:ef:89:9d:6b:8d:27:8d:d7:45:8d:
3d:1f:62:a6:9a:25:17:87:a4:7e:42:d4:82:be:e6:
02:8a:f1:51:fd:21:74:b3:9d:9d:91:a4:f5:00:55:
c9:a2:7f:75:0f:d3:3b:8a:0e:c5:4e:61:12:1f:39:
4b:33:cf:04:5f:1a:01:a7:19:c7:fd:92:91:51:01:
fb:db:25:07:21:5c:bf:f0:27:a4:d0:3f:54:13:ba:
63:34:be:e7:a2:3d:e0:86:82:95:cf:18:41:ed:88:
e9:81:6d:db:44:93:36:43:60:f6:a0:ea:1c:64:43:
3d:d7:55:5c:0c:cc:8d:4d:b4:85:f5:de:d1:08:e9:
de:76:8b:00:f6:e1:99:30:11:0a:7b:19:7a:f2:e0:
7b:70:78:af:57:21:f0:a2:5f:30:c4:15:c6:9a:db:
ef:82:a2:e3:1a:1e:f7:70:3c:6b:5c:8a:e9:f9:35:
80:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:14:AC:8F:AD:6D:40:CB:C9:4F:F2:FF:42:69:2B:BF:25:6A:3A:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/410E4570268D11F08734D5E2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.66.0-154.84.85.255
Signature Algorithm: sha256WithRSAEncryption
85:7a:f3:1e:1d:05:8c:b0:c1:83:7f:09:fb:e0:50:88:0f:35:
26:e1:ad:d7:29:bb:fb:e6:15:eb:0a:22:ae:23:39:ba:bf:e9:
05:dc:a6:8f:03:96:96:5b:e9:c5:b0:09:69:3a:86:94:6d:0d:
d5:30:0e:3b:0f:46:90:50:67:32:c2:de:17:77:78:15:5c:61:
fb:7e:17:03:73:b8:8e:d4:57:f0:45:98:21:3e:6c:fa:18:7b:
a2:20:50:61:8d:e2:b2:8c:a4:8c:45:9e:57:90:f4:6d:5f:f7:
ee:8e:c6:9a:ca:47:f0:1b:74:b6:82:38:18:e8:ac:16:d2:20:
16:85:c4:0b:74:ac:2e:97:c8:24:a8:80:08:97:7b:6c:19:bb:
fb:5e:ff:fe:a4:ed:28:c8:da:1b:87:9d:91:7a:bc:e3:28:ea:
54:41:67:c0:14:5a:5a:33:06:92:7c:10:ed:c3:3e:1b:12:f8:
2e:b5:f8:a2:70:6c:30:bc:0f:f6:cf:65:30:13:55:83:44:a5:
42:23:5c:67:bf:b2:73:0a:71:27:f8:22:26:2d:e7:81:c5:50:
df:13:9e:df:f9:ab:ed:d0:57:53:93:25:1c:5d:aa:0d:c2:ac:
56:20:77:e5:72:04:c7:53:81:bb:bd:1c:1c:38:6b:5f:db:34:
0d:9a:81:84
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAX4EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTMwNzIwWhcNMjgwNDI4MTMwNzIwWjAYMRYw
FAYDVQQDEw02ODEzNzIxYS1hMGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvhjbsaH8IFNy93ZGSU/xESyRjW0ADbbEyMVI5S+vMq15TpEdK0wbc+RJ
CtkYarDUukSGdU18RiJqrU3aIe+TPjPJnzO+4tKu9o1s5wDtPu+JnWuNJ43XRY09
H2KmmiUXh6R+QtSCvuYCivFR/SF0s52dkaT1AFXJon91D9M7ig7FTmESHzlLM88E
XxoBpxnH/ZKRUQH72yUHIVy/8Cek0D9UE7pjNL7noj3ghoKVzxhB7YjpgW3bRJM2
Q2D2oOocZEM911VcDMyNTbSF9d7RCOnedosA9uGZMBEKexl68uB7cHivVyHwol8w
xBXGmtvvgqLjGh73cDxrXIrp+TWArQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNMU
rI+tbUDLyU/y/0JpK78lajrZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTBFNDU3MDI2OEQxMUYwODczNEQ1RTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaVEIDBAGaVFQwDQYJ
KoZIhvcNAQELBQADggEBAIV68x4dBYywwYN/CfvgUIgPNSbhrdcpu/vmFesKIq4j
Obq/6QXcpo8DlpZb6cWwCWk6hpRtDdUwDjsPRpBQZzLC3hd3eBVcYft+FwNzuI7U
V/BFmCE+bPoYe6IgUGGN4rKMpIxFnleQ9G1f9+6OxprKR/AbdLaCOBjorBbSIBaF
xAt0rC6XyCSogAiXe2wZu/te//6k7SjI2huHnZF6vOMo6lRBZ8AUWlozBpJ8EO3D
PhsS+C61+KJwbDC8D/bPZTATVYNEpUIjXGe/snMKcSf4IiYt54HFUN8Tnt/5q+3Q
V1OTJRxdqg3CrFYgd+VyBMdTgbu9HBw4a1/bNA2agYQ=
-----END CERTIFICATE-----
Generated at Wed May 7 18:55:13 2025 by rpki-client