Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D5EB932268611F0BF1214B6DAE4EC9C.roa
File: 5D5EB932268611F0BF1214B6DAE4EC9C.roa (raw, json)
Hash identifier: cuVoK1BZa4Xw2f9euzYvJ9mVFYx1YwA1to5P01j/sgU=
Subject key identifier: A4:A9:FF:F4:56:4D:8B:21:61:E9:F2:96:28:3E:83:9D:F2:09:94:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DF8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D5EB932268611F0BF1214B6DAE4EC9C.roa
Signing time: Thu 01 May 2025 12:18:19 +0000
ROA not before: Thu 01 May 2025 12:18:14 +0000
ROA not after: Wed 26 Apr 2028 12:18:14 +0000
asID: 17561
IP address blocks: 154.86.108.0/24 maxlen: 24
154.86.109.0/24 maxlen: 24
154.86.110.0/24 maxlen: 24
154.88.10.0/24 maxlen: 24
154.88.11.0/24 maxlen: 24
154.88.18.0/24 maxlen: 24
154.88.19.0/24 maxlen: 24
154.93.17.0/24 maxlen: 24
154.93.18.0/24 maxlen: 24
154.93.19.0/24 maxlen: 24
154.93.20.0/24 maxlen: 24
154.93.21.0/24 maxlen: 24
154.93.22.0/24 maxlen: 24
154.93.23.0/24 maxlen: 24
154.94.32.0/24 maxlen: 24
154.94.34.0/24 maxlen: 24
154.94.35.0/24 maxlen: 24
154.94.36.0/24 maxlen: 24
154.94.37.0/24 maxlen: 24
154.94.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97784 (0x17df8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:18:14 2025 GMT
Not After : Apr 26 12:18:14 2028 GMT
Subject: CN=6813668b-7683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:44:e4:5c:e6:1f:14:ea:d0:3d:f5:df:dc:
20:25:48:6d:df:ab:9e:ea:4f:13:ae:f6:43:f9:48:
1d:ca:d2:0e:da:70:0c:ed:36:5d:a4:9e:29:27:7f:
c2:16:70:8b:ca:73:80:d9:37:4d:de:a8:d4:47:ff:
52:c4:cf:c9:d9:79:2e:05:f6:86:42:db:1f:a6:69:
13:84:24:2a:58:51:3a:02:af:f5:9e:69:dd:72:b6:
46:a1:b9:97:8b:7d:54:e1:71:9d:ac:94:36:fb:c0:
00:06:3a:e2:97:b8:05:bc:dc:a2:24:ba:ca:14:64:
34:d4:12:9e:b6:42:f1:e9:15:b5:a1:3d:2c:80:85:
2a:ca:bc:c0:95:ea:de:3c:ad:6b:f8:c7:17:23:6c:
fe:62:a8:dc:5f:d8:bd:50:98:f8:68:95:ed:dc:21:
85:71:a0:76:16:c0:2c:7e:91:cb:ea:ea:cb:e3:2a:
30:69:5c:39:fb:cf:59:f0:f4:d3:22:81:3b:2f:8f:
46:31:99:9e:9e:d7:ef:fc:96:28:5c:fc:ad:9a:2e:
e9:68:a1:b4:55:df:1b:56:d1:02:77:6d:0e:f0:8c:
2c:f0:a0:27:f9:20:65:28:0b:35:ec:40:86:fb:7f:
d3:cc:4a:1f:fd:9f:be:08:4d:20:16:4d:3f:16:46:
64:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A9:FF:F4:56:4D:8B:21:61:E9:F2:96:28:3E:83:9D:F2:09:94:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D5EB932268611F0BF1214B6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.108.0-154.86.110.255
154.88.10.0/23
154.88.18.0/23
154.93.17.0-154.93.23.255
154.94.32.0/24
154.94.34.0-154.94.37.255
154.94.39.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d5:84:e0:8d:81:df:91:9d:9e:93:f5:06:41:55:79:62:0f:
78:56:18:f6:eb:98:a4:90:a8:d1:f5:27:49:87:be:65:c9:a6:
f2:34:2b:3a:c3:fe:96:05:4a:65:47:9a:de:9f:63:4f:9c:d1:
6a:20:59:f1:0f:68:49:4f:5b:26:ff:a2:8d:c7:b6:44:0d:b9:
c4:9e:a9:28:d6:a7:75:b9:de:e7:a2:9e:d9:25:ef:38:fa:b0:
b0:8f:2c:71:d6:c1:60:34:2c:b9:54:e6:4d:62:85:7f:16:15:
28:28:0b:49:8d:28:16:18:bf:ff:66:97:ee:75:a5:c2:e4:7b:
4b:24:61:3c:05:5b:b9:a9:94:00:07:50:ac:b5:14:54:a3:99:
4d:66:4f:37:0f:5c:35:ef:6a:a8:78:2d:7e:df:d2:d4:29:fa:
c6:99:a6:b4:f0:84:bf:2d:82:b1:5b:8f:1e:66:cd:76:74:e5:
54:0d:f0:72:c0:87:84:c9:3c:04:da:8c:4b:45:9a:76:c4:29:
a4:29:a3:f1:6b:40:c8:54:1f:fe:de:cd:67:28:0e:57:2b:3e:
9f:8f:45:4d:72:76:51:cb:90:13:6d:14:a1:4f:fe:5c:4e:c8:
3b:34:fa:1d:e8:fd:e8:d5:19:3a:ce:b4:ac:19:b9:96:b3:73:
f3:3b:5f:d2
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAX34MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTIxODE0WhcNMjgwNDI2MTIxODE0WjAYMRYw
FAYDVQQDEw02ODEzNjY4Yi03NjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtE5E5FzmHxTq0D3139wgJUht36ue6k8TrvZD+UgdytIO2nAM7TZdpJ4p
J3/CFnCLynOA2TdN3qjUR/9SxM/J2XkuBfaGQtsfpmkThCQqWFE6Aq/1nmndcrZG
obmXi31U4XGdrJQ2+8AABjril7gFvNyiJLrKFGQ01BKetkLx6RW1oT0sgIUqyrzA
lerePK1r+McXI2z+YqjcX9i9UJj4aJXt3CGFcaB2FsAsfpHL6urL4yowaVw5+89Z
8PTTIoE7L49GMZmentfv/JYoXPytmi7paKG0Vd8bVtECd20O8Iws8KAn+SBlKAs1
7ECG+3/TzEof/Z++CE0gFk0/FkZklwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFKSp
//RWTYshYenylig+g53yCZQgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDVFQjkzMjI2ODYxMUYwQkYxMjE0QjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAKaVmwDBACaVm4DBAGa
WAoDBAGaWBIwDAMEAJpdEQMEA5pdEAMEAJpeIDAMAwQBml4iAwQBml4kAwQAml4n
MA0GCSqGSIb3DQEBCwUAA4IBAQA81YTgjYHfkZ2ek/UGQVV5Yg94Vhj265ikkKjR
9SdJh75lyabyNCs6w/6WBUplR5ren2NPnNFqIFnxD2hJT1sm/6KNx7ZEDbnEnqko
1qd1ud7nop7ZJe84+rCwjyxx1sFgNCy5VOZNYoV/FhUoKAtJjSgWGL//ZpfudaXC
5HtLJGE8BVu5qZQAB1CstRRUo5lNZk83D1w172qoeC1+39LUKfrGmaa08IS/LYKx
W48eZs12dOVUDfBywIeEyTwE2oxLRZp2xCmkKaPxa0DIVB/+3s1nKA5XKz6fj0VN
cnZRy5ATbRShT/5cTsg7NPod6P3o1Rk6zrSsGbmWs3PzO1/S
-----END CERTIFICATE-----
Generated at Sat May 10 04:50:24 2025 by rpki-client