Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61F037C0265711F09A8A2C84DAE4EC9C.roa
File: 61F037C0265711F09A8A2C84DAE4EC9C.roa (raw, json)
Hash identifier: hA7/YDQ03AtZvdPQrF8puHI4NqsEc4B6ODaFqnUQQCo=
Subject key identifier: 20:11:02:6F:3B:AB:68:B9:E7:A0:D2:20:53:31:12:05:0A:4C:BC:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DC4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61F037C0265711F09A8A2C84DAE4EC9C.roa
Signing time: Thu 01 May 2025 06:42:00 +0000
ROA not before: Thu 01 May 2025 06:41:55 +0000
ROA not after: Fri 01 May 2026 06:41:55 +0000
asID: 984
IP address blocks: 154.218.114.0/24 maxlen: 24
154.218.115.0/24 maxlen: 24
154.218.116.0/24 maxlen: 24
154.218.117.0/24 maxlen: 24
154.218.118.0/24 maxlen: 24
154.218.119.0/24 maxlen: 24
154.218.120.0/24 maxlen: 24
154.218.121.0/24 maxlen: 24
154.218.122.0/24 maxlen: 24
154.218.123.0/24 maxlen: 24
154.218.124.0/24 maxlen: 24
154.218.125.0/24 maxlen: 24
154.218.126.0/24 maxlen: 24
154.218.127.0/24 maxlen: 24
154.221.65.0/24 maxlen: 24
154.221.69.0/24 maxlen: 24
154.221.76.0/24 maxlen: 24
154.221.77.0/24 maxlen: 24
154.221.80.0/24 maxlen: 24
154.221.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97732 (0x17dc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 06:41:55 2025 GMT
Not After : May 1 06:41:55 2026 GMT
Subject: CN=681317b8-0d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:25:b6:92:a3:c9:e3:f6:92:4a:94:31:5c:b6:
17:a7:07:8c:c5:dd:5b:d8:e3:db:b3:18:b1:88:df:
ea:4b:33:dd:2a:e4:94:e7:76:3e:6a:67:ff:29:13:
05:38:8d:53:51:d4:33:c1:0a:14:4a:54:af:01:f2:
b5:2f:02:7f:fb:24:2b:92:cc:e0:ad:37:dc:81:24:
31:f0:aa:20:d8:2a:f7:d0:20:44:d5:23:05:62:84:
cd:50:53:0d:09:e3:82:41:aa:3e:d5:bc:4f:2f:e2:
41:8d:b5:0f:af:c0:2a:cc:bf:78:c9:3e:43:7b:82:
6e:87:a2:54:be:22:2d:4f:1e:36:a1:0a:d7:45:b6:
1f:f9:ce:c4:ba:75:38:6a:cc:b0:a3:32:c1:b5:ff:
b5:ff:94:aa:67:76:39:0e:04:60:2d:a8:bb:d1:a7:
ab:4e:39:ad:36:76:b0:4b:70:cb:40:af:61:f9:12:
c3:c8:34:51:86:42:1b:a9:42:ee:d8:c3:77:70:9e:
ae:10:67:a6:08:e6:8d:d6:4a:56:78:df:6b:21:96:
f6:b4:97:23:8e:01:aa:a2:ab:bb:04:e9:43:c7:6e:
80:4a:c1:54:58:2c:2d:97:0d:9b:9d:da:02:c3:64:
d1:0a:0a:49:5e:0a:dc:92:e3:93:98:f8:82:b9:be:
80:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:11:02:6F:3B:AB:68:B9:E7:A0:D2:20:53:31:12:05:0A:4C:BC:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/61F037C0265711F09A8A2C84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.114.0-154.218.127.255
154.221.65.0/24
154.221.69.0/24
154.221.76.0/23
154.221.80.0/24
154.221.82.0/24
Signature Algorithm: sha256WithRSAEncryption
65:4c:be:de:82:6a:af:03:08:64:17:c8:12:83:e5:1a:32:0c:
5d:1d:da:95:d8:59:da:89:ed:a0:76:03:bc:4e:59:a9:5d:d2:
24:0f:79:6f:49:87:4f:85:22:53:b4:09:ff:45:27:1d:3c:7d:
e5:8d:02:6b:fe:ef:7a:a8:b5:28:a5:ff:86:e9:ea:d6:9d:ae:
8c:89:f1:e2:1e:61:43:89:31:a2:3e:7d:6a:68:56:70:d1:d1:
00:4e:7b:c2:ad:46:72:8f:48:86:08:72:49:9e:2c:9d:35:92:
2e:e7:0d:58:b6:03:35:8a:7a:6d:d4:97:5d:a0:ed:b0:dc:4e:
e7:af:e2:a2:5a:50:4c:cc:97:2f:53:e3:b8:6e:88:36:32:44:
4b:27:87:71:e9:78:e0:7c:b1:e3:ee:32:f3:5b:f9:a4:e2:dd:
c0:be:71:12:18:92:75:b8:5e:9f:57:d0:6a:6b:fb:73:0e:f4:
3b:6c:f4:dc:53:e9:0b:8a:fe:2b:cb:f7:91:6f:90:e3:b6:ea:
fb:48:96:17:5d:d2:0e:fc:df:55:a8:7b:e6:b0:03:b9:95:eb:
56:a5:9b:3f:b3:7d:66:ff:bc:1b:61:83:2d:10:ce:80:53:5d:
06:fb:b9:db:40:9a:70:b9:8f:fb:e5:57:b4:62:2f:07:53:30:
f4:0d:63:95
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAX3EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMDY0MTU1WhcNMjYwNTAxMDY0MTU1WjAYMRYw
FAYDVQQDEw02ODEzMTdiOC0wZDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuiW2kqPJ4/aSSpQxXLYXpweMxd1b2OPbsxixiN/qSzPdKuSU53Y+amf/
KRMFOI1TUdQzwQoUSlSvAfK1LwJ/+yQrkszgrTfcgSQx8Kog2Cr30CBE1SMFYoTN
UFMNCeOCQao+1bxPL+JBjbUPr8AqzL94yT5De4Juh6JUviItTx42oQrXRbYf+c7E
unU4asywozLBtf+1/5SqZ3Y5DgRgLai70aerTjmtNnawS3DLQK9h+RLDyDRRhkIb
qULu2MN3cJ6uEGemCOaN1kpWeN9rIZb2tJcjjgGqoqu7BOlDx26ASsFUWCwtlw2b
ndoCw2TRCgpJXgrckuOTmPiCub6ARwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFCAR
Am87q2i556DSIFMxEgUKTLzgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MUYwMzdDMDI2NTcxMUYwOUE4QTJDODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAGa2nIDBAea2gADBACa
3UEDBACa3UUDBAGa3UwDBACa3VADBACa3VIwDQYJKoZIhvcNAQELBQADggEBAGVM
vt6Caq8DCGQXyBKD5RoyDF0d2pXYWdqJ7aB2A7xOWald0iQPeW9Jh0+FIlO0Cf9F
Jx08feWNAmv+73qotSil/4bp6tadroyJ8eIeYUOJMaI+fWpoVnDR0QBOe8KtRnKP
SIYIckmeLJ01ki7nDVi2AzWKem3Ul12g7bDcTuev4qJaUEzMly9T47huiDYyREsn
h3HpeOB8sePuMvNb+aTi3cC+cRIYknW4Xp9X0Gpr+3MO9Dts9NxT6QuK/ivL95Fv
kOO26vtIlhdd0g7831Woe+awA7mV61almz+zfWb/vBthgy0QzoBTXQb7udtAmnC5
j/vlV7RiLwdTMPQNY5U=
-----END CERTIFICATE-----
Generated at Fri May 9 00:38:18 2025 by rpki-client