Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5BF85EC8246411F0BE2FE3E4DAE4EC9C.roa
File: 5BF85EC8246411F0BE2FE3E4DAE4EC9C.roa (raw, json)
Hash identifier: NDLO8k/gnt1gLEtjfgwaGzNdmjKjQxfnAPSNogEID5w=
Subject key identifier: E3:A6:E4:73:4A:67:E1:BC:0F:4C:42:10:59:B8:D2:6B:BF:D4:FB:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C6F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5BF85EC8246411F0BE2FE3E4DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 19:09:51 +0000
ROA not before: Mon 28 Apr 2025 19:09:46 +0000
ROA not after: Wed 04 Jun 2025 19:09:46 +0000
asID: 48031
IP address blocks: 154.213.6.0/24 maxlen: 24
154.213.7.0/24 maxlen: 24
154.222.248.0/24 maxlen: 24
154.222.249.0/24 maxlen: 24
154.222.250.0/24 maxlen: 24
154.222.251.0/24 maxlen: 24
154.222.253.0/24 maxlen: 24
154.222.254.0/24 maxlen: 24
154.222.255.0/24 maxlen: 24
154.223.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97391 (0x17c6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 19:09:46 2025 GMT
Not After : Jun 4 19:09:46 2025 GMT
Subject: CN=680fd27f-dbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:30:06:bb:b1:7e:68:66:60:24:d7:01:81:69:
6a:34:da:c1:dd:a7:ab:8b:b4:85:71:b8:d2:78:d1:
a7:42:b7:e0:a9:1c:d4:92:72:68:64:62:29:7e:25:
56:65:6a:f3:df:e3:0f:7c:e3:7a:9d:2f:7a:a4:ec:
0f:7e:ca:f3:2d:14:c1:c9:5f:cc:1e:69:c0:72:e0:
c7:f6:98:8c:09:fe:f7:05:81:47:80:be:77:98:96:
a0:d4:0b:45:24:e8:b0:e1:49:87:66:6f:3d:82:78:
2a:55:b8:28:0b:d5:59:f2:aa:e2:fd:40:d8:fe:c5:
dd:89:4f:45:22:1b:e9:6f:39:f3:d9:bc:fc:f9:64:
89:18:19:16:2a:df:cd:90:cd:b9:6b:25:8c:4d:cb:
97:4b:7f:84:48:75:51:b7:a4:c7:98:9e:fc:6e:fc:
1e:4d:31:6d:f7:ee:6b:1e:cb:3e:18:83:ab:b1:c6:
d9:22:34:08:23:8c:30:e5:2d:14:a3:09:88:00:7e:
f0:30:fa:d8:f6:f4:e8:94:db:f9:79:9c:98:b4:8b:
f2:b2:b2:28:87:c7:24:09:ce:05:74:97:3e:e9:f3:
76:20:01:58:df:4b:80:11:f0:c3:98:29:9c:64:aa:
9c:0b:40:fa:c8:37:3d:fb:49:a5:ed:9a:5e:a5:02:
bc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A6:E4:73:4A:67:E1:BC:0F:4C:42:10:59:B8:D2:6B:BF:D4:FB:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5BF85EC8246411F0BE2FE3E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.6.0/23
154.222.248.0/22
154.222.253.0-154.222.255.255
154.223.80.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:04:2c:fe:5f:91:2d:f7:70:96:54:43:0d:cf:8e:e4:d9:78:
8d:8f:53:67:06:fd:24:4d:93:8d:37:fd:c0:df:05:b7:e0:66:
3f:b8:70:08:72:56:84:56:dd:1e:b3:f7:3c:a8:82:89:bd:cf:
d0:16:58:93:fe:af:96:96:8a:d2:8b:b1:bc:2c:d6:8a:9f:9f:
d8:14:cb:a3:94:e3:1b:90:d3:1e:0c:77:98:26:17:41:e4:15:
e2:3b:a9:5d:7f:99:10:fc:9a:ab:b5:39:23:06:34:a7:91:d3:
3a:dd:78:68:1f:23:48:2e:bf:4e:db:da:5c:53:77:83:50:6f:
c3:d4:5d:32:31:ae:28:9c:34:0f:46:2b:7a:cf:7a:60:a0:4a:
cc:c8:f6:34:d2:c1:82:85:20:5f:4e:b9:f2:7f:82:8d:ce:45:
1e:d9:4b:aa:20:a3:a5:5b:9c:32:a5:73:0f:6a:5e:53:b0:f5:
ab:bd:67:c9:97:0b:d8:9d:7b:7d:8d:47:4f:78:5c:9d:01:fe:
8d:ae:b0:c7:36:c6:d0:30:2c:e1:12:64:35:53:cd:a5:3f:ff:
37:24:fb:b6:28:a9:47:f0:d0:64:ca:e7:54:23:05:98:82:fd:
33:d6:48:c5:d2:e1:aa:11:1b:4e:fc:4f:90:93:52:6b:14:f9:
8e:9d:29:b3
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAXxvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTkwOTQ2WhcNMjUwNjA0MTkwOTQ2WjAYMRYw
FAYDVQQDEw02ODBmZDI3Zi1kYmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqjAGu7F+aGZgJNcBgWlqNNrB3aeri7SFcbjSeNGnQrfgqRzUknJoZGIp
fiVWZWrz3+MPfON6nS96pOwPfsrzLRTByV/MHmnAcuDH9piMCf73BYFHgL53mJag
1AtFJOiw4UmHZm89gngqVbgoC9VZ8qri/UDY/sXdiU9FIhvpbznz2bz8+WSJGBkW
Kt/NkM25ayWMTcuXS3+ESHVRt6THmJ78bvweTTFt9+5rHss+GIOrscbZIjQII4ww
5S0UowmIAH7wMPrY9vTolNv5eZyYtIvysrIoh8ckCc4FdJc+6fN2IAFY30uAEfDD
mCmcZKqcC0D6yDc9+0ml7ZpepQK8rQIDAQABo4ICvjCCArowHQYDVR0OBBYEFOOm
5HNKZ+G8D0xCEFm40mu/1PvfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QkY4NUVDODI0NjQxMUYwQkUyRkUzRTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQBmtUGAwQCmt74MAsDBACa
3v0DAwCa3gMEAJrfUDANBgkqhkiG9w0BAQsFAAOCAQEA1gQs/l+RLfdwllRDDc+O
5Nl4jY9TZwb9JE2TjTf9wN8Ft+BmP7hwCHJWhFbdHrP3PKiCib3P0BZYk/6vlpaK
0ouxvCzWip+f2BTLo5TjG5DTHgx3mCYXQeQV4jupXX+ZEPyaq7U5IwY0p5HTOt14
aB8jSC6/TtvaXFN3g1Bvw9RdMjGuKJw0D0Yres96YKBKzMj2NNLBgoUgX0658n+C
jc5FHtlLqiCjpVucMqVzD2peU7D1q71nyZcL2J17fY1HT3hcnQH+ja6wxzbG0DAs
4RJkNVPNpT//NyT7tiipR/DQZMrnVCMFmIL9M9ZIxdLhqhEbTvxPkJNSaxT5jp0p
sw==
-----END CERTIFICATE-----
Generated at Wed May 7 14:02:33 2025 by rpki-client