Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/520E7C5825BD11F08646A6F2DAE4EC9C.roa
File: 520E7C5825BD11F08646A6F2DAE4EC9C.roa (raw, json)
Hash identifier: r7PwwPTsVzawzQ1vGy9xlBpDQI15O8X9XRIAdZaPGkY=
Subject key identifier: FC:EE:B7:78:44:1D:E3:96:10:92:29:1E:5C:32:0E:16:06:57:11:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/520E7C5825BD11F08646A6F2DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 12:19:11 +0000
ROA not before: Wed 30 Apr 2025 12:18:59 +0000
ROA not after: Wed 26 Apr 2028 12:18:59 +0000
asID: 17561
IP address blocks: 154.206.127.0/24 maxlen: 24
154.207.128.0/24 maxlen: 24
154.207.129.0/24 maxlen: 24
154.207.130.0/24 maxlen: 24
154.207.133.0/24 maxlen: 24
154.207.134.0/24 maxlen: 24
154.208.0.0/24 maxlen: 24
154.214.16.0/24 maxlen: 24
154.214.17.0/24 maxlen: 24
154.214.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97636 (0x17d64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 12:18:59 2025 GMT
Not After : Apr 26 12:18:59 2028 GMT
Subject: CN=6812153f-59a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:db:9a:a8:be:4b:6b:d3:ae:8e:47:6c:ce:13:
61:b0:48:20:b6:b9:4d:eb:ce:10:66:97:55:39:fa:
67:e8:34:72:a6:14:4c:3b:47:92:57:ff:a5:4d:4d:
c8:14:b1:75:d7:c5:e7:8a:6e:dc:20:98:59:10:99:
c0:45:f5:6d:24:df:c3:fe:50:51:13:15:2a:65:05:
ce:c6:9d:91:ca:33:a9:4f:63:69:2e:98:2f:da:a2:
ef:75:d1:13:c5:87:df:b9:63:ce:51:89:8a:c1:49:
f5:28:10:9b:dc:e3:fb:07:00:75:20:25:d5:d1:a8:
64:9b:d8:77:00:dc:03:8c:bb:d0:2c:34:6f:98:df:
a1:b3:90:30:c9:6e:bc:12:2e:f8:fa:c3:91:6e:76:
29:6b:a1:3e:b7:51:46:0a:ca:d6:c4:41:1d:ce:fb:
d9:15:ac:e1:98:fb:af:2f:a1:a6:25:a5:13:34:23:
04:68:9e:dd:49:9a:a7:37:de:9a:27:4c:8e:ae:cc:
fa:6f:8a:08:3c:04:f9:b8:f0:d4:4c:9d:1e:82:93:
5d:f4:40:69:2a:94:13:a1:6d:d3:3d:a1:44:59:1d:
74:ec:0a:39:14:64:70:f1:db:2d:ea:3b:31:8f:21:
56:c5:d5:78:f9:2b:61:5c:97:9c:9b:63:ac:d3:cc:
0d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EE:B7:78:44:1D:E3:96:10:92:29:1E:5C:32:0E:16:06:57:11:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/520E7C5825BD11F08646A6F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.127.0/24
154.207.128.0-154.207.130.255
154.207.133.0-154.207.134.255
154.208.0.0/24
154.214.16.0-154.214.18.255
Signature Algorithm: sha256WithRSAEncryption
20:f8:db:9f:49:a7:26:db:bf:1b:4d:c0:46:5b:07:ac:42:b1:
92:62:0c:8a:84:68:fe:f8:27:49:b7:f0:4f:9b:a4:1c:4f:65:
80:6f:44:07:fe:30:e1:5e:d2:78:c1:1b:39:18:9d:a5:95:7c:
cd:23:57:9e:9f:7a:87:9d:1e:ff:ee:0d:8f:51:27:6c:37:55:
db:f6:e3:1d:81:d7:4f:61:5f:77:85:37:e4:a6:0e:7f:0c:e8:
fe:ac:a3:0a:2d:59:11:97:9a:b7:aa:75:90:4e:48:76:19:38:
d0:c3:b4:29:db:fd:c6:2b:ef:3b:7b:82:ca:68:44:7f:43:a2:
93:8f:fc:de:9f:ea:41:0e:be:ca:f4:59:87:83:e8:13:01:22:
46:84:aa:7c:2e:7f:e2:69:f2:27:4d:6b:1b:00:c6:32:2a:ed:
4e:d6:8e:c9:d3:56:3e:6b:fc:ba:47:4f:99:da:5b:4f:17:45:
0a:e0:2b:e1:78:7b:a6:bc:f3:51:a7:50:59:92:93:d4:c1:90:
3f:4a:a0:48:8f:73:12:47:68:25:c8:c1:f9:68:03:3a:83:ea:
f2:ff:0c:33:e5:b0:c8:8f:40:f5:18:15:d1:a0:33:f7:25:95:
e1:50:a4:86:30:3e:b1:31:81:ac:03:ef:17:52:1e:55:e8:4c:
88:7b:88:c2
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAX1kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMTIxODU5WhcNMjgwNDI2MTIxODU5WjAYMRYw
FAYDVQQDEw02ODEyMTUzZi01OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1tuaqL5La9OujkdszhNhsEggtrlN684QZpdVOfpn6DRyphRMO0eSV/+l
TU3IFLF118Xnim7cIJhZEJnARfVtJN/D/lBRExUqZQXOxp2RyjOpT2NpLpgv2qLv
ddETxYffuWPOUYmKwUn1KBCb3OP7BwB1ICXV0ahkm9h3ANwDjLvQLDRvmN+hs5Aw
yW68Ei74+sORbnYpa6E+t1FGCsrWxEEdzvvZFazhmPuvL6GmJaUTNCMEaJ7dSZqn
N96aJ0yOrsz6b4oIPAT5uPDUTJ0egpNd9EBpKpQToW3TPaFEWR107Ao5FGRw8dst
6jsxjyFWxdV4+SthXJecm2Os08wNawIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFPzu
t3hEHeOWEJIpHlwyDhYGVxGfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MjBFN0M1ODI1QkQxMUYwODY0NkE2RjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAms5/MAwDBAeaz4ADBACa
z4IwDAMEAJrPhQMEAJrPhgMEAJrQADAMAwQEmtYQAwQAmtYSMA0GCSqGSIb3DQEB
CwUAA4IBAQAg+NufSacm278bTcBGWwesQrGSYgyKhGj++CdJt/BPm6QcT2WAb0QH
/jDhXtJ4wRs5GJ2llXzNI1een3qHnR7/7g2PUSdsN1Xb9uMdgddPYV93hTfkpg5/
DOj+rKMKLVkRl5q3qnWQTkh2GTjQw7Qp2/3GK+87e4LKaER/Q6KTj/zen+pBDr7K
9FmHg+gTASJGhKp8Ln/iafInTWsbAMYyKu1O1o7J01Y+a/y6R0+Z2ltPF0UK4Cvh
eHumvPNRp1BZkpPUwZA/SqBIj3MSR2glyMH5aAM6g+ry/wwz5bDIj0D1GBXRoDP3
JZXhUKSGMD6xMYGsA+8XUh5V6EyIe4jC
-----END CERTIFICATE-----
Generated at Mon May 12 10:27:03 2025 by rpki-client