Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6408295A245E11F08AA0A0C0DAE4EC9C.roa
File: 6408295A245E11F08AA0A0C0DAE4EC9C.roa (raw, json)
Hash identifier: tuewKCjb4CVnYeN7AqoEf22V2wUcU37o1z/FyaY9Ujo=
Subject key identifier: 42:5B:91:C6:1D:9A:84:A3:22:B0:1F:7D:4D:A9:31:12:38:73:F5:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C63
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6408295A245E11F08AA0A0C0DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 18:27:07 +0000
ROA not before: Mon 28 Apr 2025 18:27:03 +0000
ROA not after: Tue 28 Apr 2026 18:27:03 +0000
asID: 984
IP address blocks: 154.215.200.0/24 maxlen: 24
154.215.201.0/24 maxlen: 24
154.215.202.0/24 maxlen: 24
154.215.203.0/24 maxlen: 24
154.215.204.0/24 maxlen: 24
154.215.205.0/24 maxlen: 24
154.215.206.0/24 maxlen: 24
154.215.207.0/24 maxlen: 24
154.215.208.0/24 maxlen: 24
154.215.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 01:13:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97379 (0x17c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 18:27:03 2025 GMT
Not After : Apr 28 18:27:03 2026 GMT
Subject: CN=680fc87b-17ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:02:33:97:ec:bf:15:47:c5:53:61:1c:b8:ff:
b7:1c:a3:aa:52:b4:ac:b0:16:5e:24:73:50:72:3d:
4d:c3:67:62:ce:91:bb:22:c7:b7:65:b9:9f:09:2c:
a0:db:60:9c:7b:59:c5:ca:fd:26:14:0b:b6:1b:d7:
fe:ba:d2:94:f9:1e:23:3e:da:b0:48:bb:d8:16:c7:
45:20:a2:d7:57:e9:2b:ea:9c:0d:9e:5b:91:3d:12:
8b:1a:1c:d4:6e:45:d9:3d:6c:31:31:3a:ba:d3:21:
44:0a:8e:6d:a6:74:34:bc:ab:f1:73:ae:5b:e4:39:
f7:fe:7a:87:96:44:c5:f0:84:84:e9:68:28:7c:85:
83:67:ec:fb:c5:f1:6c:8f:dd:b5:09:76:62:63:75:
9b:14:f1:e8:fc:02:bb:d3:83:58:d8:af:7b:3d:7d:
f7:36:05:28:b4:88:b6:52:dd:bb:45:bc:85:47:c3:
cd:41:99:b9:a8:cd:eb:fa:60:77:fa:ac:0e:6c:30:
9a:d5:db:11:a4:27:77:17:3d:67:c3:a0:b2:b9:99:
a8:21:e0:80:48:52:0e:00:d3:35:69:56:4c:7d:3e:
f4:47:12:be:da:2d:6e:93:7b:e7:c7:a2:ac:f2:b7:
70:b5:9f:a2:ea:6c:e4:1f:24:70:a9:95:75:6a:42:
19:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5B:91:C6:1D:9A:84:A3:22:B0:1F:7D:4D:A9:31:12:38:73:F5:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6408295A245E11F08AA0A0C0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.200.0-154.215.209.255
Signature Algorithm: sha256WithRSAEncryption
c5:90:72:83:9b:22:69:33:c3:93:ee:31:fa:b6:d6:60:66:c5:
67:46:ad:1e:97:0c:00:3b:fb:be:cd:a8:9f:a4:ad:27:0e:f8:
8c:ac:db:47:39:d4:f6:0d:f2:58:85:21:13:5c:ed:bb:26:06:
d4:9b:b4:e6:f0:5e:65:66:a9:5c:e9:28:e4:de:83:8e:ee:c1:
cd:18:09:85:71:44:a8:26:b2:cf:cd:c3:ad:9b:6c:d1:f1:ff:
b2:2b:51:43:05:5d:d5:4e:a4:27:36:13:d0:e2:d1:18:6c:ce:
8e:c6:dd:13:59:e9:32:4e:2b:f0:e5:ec:70:d1:02:09:29:33:
b6:be:b9:a1:c0:44:a6:c1:b9:f6:e5:26:c8:f7:29:2c:03:16:
f4:c5:27:42:73:64:41:ad:2d:1f:42:b5:e7:43:95:8a:e2:e0:
1f:eb:40:2d:04:5e:64:35:ae:e7:7a:59:16:24:2e:37:8a:a5:
05:d3:9d:b6:d5:b3:2b:c7:82:62:d5:d8:da:c0:6e:23:d3:2e:
71:9a:fa:3a:c7:14:25:b0:5e:7d:64:0d:dc:ee:8e:2b:08:ee:
19:b6:ef:e0:3c:02:d0:51:91:1c:55:1c:33:2b:c9:1b:1a:ff:
8e:0e:b2:d5:b1:d2:67:1a:01:1a:f9:2a:ab:b7:8d:58:80:9e:
ba:d3:3d:20
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXxjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTgyNzAzWhcNMjYwNDI4MTgyNzAzWjAYMRYw
FAYDVQQDEw02ODBmYzg3Yi0xN2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxwIzl+y/FUfFU2EcuP+3HKOqUrSssBZeJHNQcj1Nw2dizpG7Ise3Zbmf
CSyg22Cce1nFyv0mFAu2G9f+utKU+R4jPtqwSLvYFsdFIKLXV+kr6pwNnluRPRKL
GhzUbkXZPWwxMTq60yFECo5tpnQ0vKvxc65b5Dn3/nqHlkTF8ISE6WgofIWDZ+z7
xfFsj921CXZiY3WbFPHo/AK704NY2K97PX33NgUotIi2Ut27RbyFR8PNQZm5qM3r
+mB3+qwObDCa1dsRpCd3Fz1nw6CyuZmoIeCASFIOANM1aVZMfT70RxK+2i1uk3vn
x6Ks8rdwtZ+i6mzkHyRwqZV1akIZNQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEJb
kcYdmoSjIrAffU2pMRI4c/WrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDA4Mjk1QTI0NUUxMUYwOEFBMEEwQzBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOa18gDBAGa19AwDQYJ
KoZIhvcNAQELBQADggEBAMWQcoObImkzw5PuMfq21mBmxWdGrR6XDAA7+77NqJ+k
rScO+Iys20c51PYN8liFIRNc7bsmBtSbtObwXmVmqVzpKOTeg47uwc0YCYVxRKgm
ss/Nw62bbNHx/7IrUUMFXdVOpCc2E9Di0Rhszo7G3RNZ6TJOK/Dl7HDRAgkpM7a+
uaHARKbBufblJsj3KSwDFvTFJ0JzZEGtLR9CtedDlYri4B/rQC0EXmQ1rud6WRYk
LjeKpQXTnbbVsyvHgmLV2NrAbiPTLnGa+jrHFCWwXn1kDdzujisI7hm27+A8AtBR
kRxVHDMryRsa/44OstWx0mcaARr5Kqu3jViAnrrTPSA=
-----END CERTIFICATE-----
Generated at Sun May 11 01:40:41 2025 by rpki-client