Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/493F6558248511F0B95404C0DAE4EC9C.roa
File: 493F6558248511F0B95404C0DAE4EC9C.roa (raw, json)
Hash identifier: q+wWAIW4q8v+KgxTBScdkiBP8gaqzWVQooFsNLFgjUE=
Subject key identifier: 82:E6:96:FF:43:C7:24:88:CC:C0:AB:1F:13:E9:4E:B7:A8:CA:F3:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C95
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/493F6558248511F0B95404C0DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 23:05:33 +0000
ROA not before: Mon 28 Apr 2025 23:05:28 +0000
ROA not after: Sun 15 Jun 2025 23:05:28 +0000
asID: 138915
IP address blocks: 154.203.142.0/24 maxlen: 24
154.203.153.0/24 maxlen: 24
154.203.154.0/23 maxlen: 24
154.203.156.0/24 maxlen: 24
154.203.157.0/24 maxlen: 24
154.203.158.0/24 maxlen: 24
154.203.159.0/24 maxlen: 24
154.203.164.0/24 maxlen: 24
154.203.166.0/24 maxlen: 24
154.203.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97429 (0x17c95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 23:05:28 2025 GMT
Not After : Jun 15 23:05:28 2025 GMT
Subject: CN=681009bd-e91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:1e:6a:1f:a4:72:ce:1e:4d:67:28:34:9f:
ed:6e:2e:41:08:3a:1f:25:16:ba:40:61:ff:b1:f6:
22:86:8b:3e:c7:12:45:e3:38:00:04:c5:60:2c:e0:
3a:83:9f:be:6f:7e:12:2d:ab:14:06:c1:c1:3a:48:
a1:d8:6c:7d:24:a2:13:67:e3:85:07:8e:f5:f0:85:
fd:95:0a:60:3c:f7:0d:f8:c8:95:d9:ba:ba:1c:dd:
b5:06:1b:ef:98:db:01:20:41:0a:87:5b:76:0d:69:
34:78:b6:49:5f:06:b5:ed:2c:62:51:96:e1:c3:2f:
9f:43:d1:86:4b:1f:ad:58:d0:d4:5b:d0:0c:c6:1a:
ad:19:76:98:d7:91:df:6a:22:15:72:f3:57:2f:aa:
9e:06:4e:54:f4:0a:92:9a:cb:70:07:e4:35:73:de:
98:9e:9c:69:13:a5:9c:0f:02:5e:ec:64:53:a9:81:
32:31:44:e2:09:6e:b8:b0:fe:67:ab:e1:db:51:aa:
19:c5:99:bd:18:2e:42:a0:41:91:92:e5:16:db:57:
64:70:15:70:da:2a:9c:df:51:13:cd:74:d8:c6:b8:
b4:02:21:f5:66:f3:0a:de:71:67:cd:c3:21:7a:c3:
2a:1f:41:a5:e9:c6:86:a6:0a:62:9e:b0:d7:c3:89:
80:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E6:96:FF:43:C7:24:88:CC:C0:AB:1F:13:E9:4E:B7:A8:CA:F3:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/493F6558248511F0B95404C0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.142.0/24
154.203.153.0-154.203.159.255
154.203.164.0/24
154.203.166.0/24
154.203.169.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:76:02:e6:48:7d:28:31:4d:91:c7:50:51:cc:3d:37:0b:1c:
2d:74:e4:20:61:53:bf:53:f0:90:8e:89:84:7d:a7:7d:df:c3:
c5:fc:e9:88:77:c8:da:82:c8:5a:36:64:f9:d5:68:6b:a0:eb:
f7:10:44:bc:d9:78:95:b3:7f:c6:30:4a:f9:42:11:06:20:73:
3c:07:2a:0b:d1:d4:4b:1b:1f:b0:12:5d:ac:f1:e0:e6:52:d1:
8c:68:92:66:90:a5:67:dd:d1:bd:03:7f:94:d0:62:80:36:e8:
5d:40:c8:67:c8:c8:52:25:2b:e2:47:74:84:1c:df:09:dd:25:
12:58:a0:69:f4:90:2e:4c:8a:2f:ae:61:72:9a:06:8e:d0:ee:
75:41:4f:69:7f:79:b2:1e:d5:05:e2:69:9b:9c:38:49:34:d1:
c7:9e:71:42:19:16:52:2b:1c:81:e9:d0:3e:9c:8b:43:a5:b0:
36:01:a7:d6:99:fa:9e:f3:d2:d5:18:97:9d:ff:85:34:e7:4d:
97:27:2b:4b:80:8e:48:17:22:07:76:37:26:56:93:57:82:4f:
0f:04:df:9a:9e:6a:a6:3c:80:0a:9b:9e:b1:95:1e:c9:21:b4:
fe:38:ef:00:ee:c2:ad:1f:c9:4c:b0:07:c3:49:5b:a4:03:fa:
6b:7b:ae:97
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAXyVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MjMwNTI4WhcNMjUwNjE1MjMwNTI4WjAYMRYw
FAYDVQQDEw02ODEwMDliZC1lOTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxSQeah+kcs4eTWcoNJ/tbi5BCDofJRa6QGH/sfYihos+xxJF4zgABMVg
LOA6g5++b34SLasUBsHBOkih2Gx9JKITZ+OFB4718IX9lQpgPPcN+MiV2bq6HN21
BhvvmNsBIEEKh1t2DWk0eLZJXwa17SxiUZbhwy+fQ9GGSx+tWNDUW9AMxhqtGXaY
15HfaiIVcvNXL6qeBk5U9AqSmstwB+Q1c96YnpxpE6WcDwJe7GRTqYEyMUTiCW64
sP5nq+HbUaoZxZm9GC5CoEGRkuUW21dkcBVw2iqc31ETzXTYxri0AiH1ZvMK3nFn
zcMhesMqH0Gl6caGpgpinrDXw4mAwwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFILm
lv9DxySIzMCrHxPpTreoyvMPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTNGNjU1ODI0ODUxMUYwQjk1NDA0QzBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAmsuOMAwDBACay5kDBAWa
y4ADBACay6QDBACay6YDBACay6kwDQYJKoZIhvcNAQELBQADggEBAM52AuZIfSgx
TZHHUFHMPTcLHC105CBhU79T8JCOiYR9p33fw8X86Yh3yNqCyFo2ZPnVaGug6/cQ
RLzZeJWzf8YwSvlCEQYgczwHKgvR1EsbH7ASXazx4OZS0YxokmaQpWfd0b0Df5TQ
YoA26F1AyGfIyFIlK+JHdIQc3wndJRJYoGn0kC5Mii+uYXKaBo7Q7nVBT2l/ebIe
1QXiaZucOEk00ceecUIZFlIrHIHp0D6ci0OlsDYBp9aZ+p7z0tUYl53/hTTnTZcn
K0uAjkgXIgd2NyZWk1eCTw8E35qeaqY8gAqbnrGVHskhtP447wDuwq0fyUywB8NJ
W6QD+mt7rpc=
-----END CERTIFICATE-----
Generated at Thu May 8 12:33:55 2025 by rpki-client