Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6EB582EA246211F0B859C3D9DAE4EC9C.roa
File: 6EB582EA246211F0B859C3D9DAE4EC9C.roa (raw, json)
Hash identifier: UytQ6sFoXxdJrV+GKNu14efSDbVap8oylsVOs4S81I4=
Subject key identifier: B9:E8:7D:00:6F:1A:B0:DF:B3:E8:75:03:54:2E:85:F6:60:C0:09:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C6B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6EB582EA246211F0B859C3D9DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 18:56:04 +0000
ROA not before: Mon 28 Apr 2025 18:55:59 +0000
ROA not after: Wed 04 Jun 2025 18:55:59 +0000
asID: 48031
IP address blocks: 154.218.20.0/24 maxlen: 24
154.218.21.0/24 maxlen: 24
154.218.23.0/24 maxlen: 24
154.218.24.0/24 maxlen: 24
154.222.208.0/24 maxlen: 24
154.222.209.0/24 maxlen: 24
154.222.210.0/24 maxlen: 24
154.222.211.0/24 maxlen: 24
154.222.223.0/24 maxlen: 24
154.222.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97387 (0x17c6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 18:55:59 2025 GMT
Not After : Jun 4 18:55:59 2025 GMT
Subject: CN=680fcf43-688d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a2:14:f3:09:6e:ae:93:fb:ae:ff:7d:37:52:
b7:55:aa:0e:3e:c8:34:71:34:31:73:05:bb:d2:ed:
2b:15:76:2f:8b:bd:ea:8c:00:f4:25:05:30:02:9a:
91:1d:24:88:b4:e5:b5:40:86:45:8e:16:6e:1a:d4:
1b:f3:f5:aa:9a:b5:08:1c:a1:b4:15:4a:eb:47:0c:
f4:cb:ae:ad:30:4f:76:e6:8d:8f:9c:f3:ea:f7:dc:
fc:97:4a:01:a3:b4:86:1b:2e:4d:ea:17:12:06:b2:
ea:b1:ae:11:66:a0:35:0a:2f:52:e7:b5:e3:ae:cf:
2a:6e:4c:7f:e6:87:2c:5c:6a:4c:0f:01:5c:0d:6e:
73:a4:fa:a7:8b:24:06:71:ac:fd:88:ef:0a:4e:69:
ed:32:cd:5b:60:85:b9:1b:f2:08:65:3c:e8:13:b8:
10:16:de:2d:ef:e4:7e:3c:e4:73:30:0d:ea:e5:38:
60:94:3b:8a:98:5a:95:38:f6:4e:eb:0e:01:3f:e1:
bb:79:27:6a:d8:e7:08:df:9e:57:15:e2:1e:b3:60:
a4:b1:23:77:c4:1a:80:01:ec:bf:d2:1d:91:98:90:
53:95:31:5a:49:c0:23:3b:5c:5b:3b:d9:21:09:2b:
49:21:94:cf:d0:1c:5a:1e:46:56:06:75:77:35:af:
37:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E8:7D:00:6F:1A:B0:DF:B3:E8:75:03:54:2E:85:F6:60:C0:09:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6EB582EA246211F0B859C3D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.20.0/23
154.218.23.0-154.218.24.255
154.222.208.0/22
154.222.223.0/24
154.222.247.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:46:cd:7f:30:c5:ab:ac:24:5d:7c:21:a0:4e:b5:e3:34:0f:
55:d4:43:ce:10:79:0c:62:35:9b:b2:36:ce:10:59:0d:dd:10:
dd:9e:42:5c:18:16:0f:9b:4e:b2:24:b4:e3:b1:4d:2d:8b:35:
8e:e9:c3:fb:98:ab:5c:f1:71:37:a4:1c:51:58:99:4d:cf:60:
20:36:51:e9:5a:e9:7a:c2:50:7f:f6:3c:a5:e0:c8:a4:eb:d5:
58:8c:5a:65:a0:33:66:5d:ef:4b:cd:a9:f4:9c:2b:f0:23:0a:
ed:f0:61:c4:ee:a0:73:7f:6b:84:d9:39:c5:fc:86:2d:36:a2:
a6:30:bb:b7:d5:eb:2e:b8:a2:33:f7:22:50:4e:f8:6c:64:ed:
48:78:a5:36:5f:c7:00:65:cb:52:f8:66:c5:33:1c:43:91:42:
93:c2:e3:df:25:1b:7f:82:b0:4e:a1:2d:3e:43:16:fc:2b:67:
47:52:1e:d3:5e:ed:84:d3:4e:98:4e:c4:b1:9d:a0:d2:68:60:
37:e3:d8:9f:82:16:ed:45:19:5e:2e:d9:e2:8b:ea:45:02:1d:
bf:0f:b2:0a:dd:53:1a:06:3b:65:67:ee:fb:df:f3:f0:a7:a0:
56:fb:8a:c7:03:60:17:7f:b7:a4:98:14:1b:d8:e2:25:f9:63:
aa:a4:fe:03
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAXxrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTg1NTU5WhcNMjUwNjA0MTg1NTU5WjAYMRYw
FAYDVQQDEw02ODBmY2Y0My02ODhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyKIU8wlurpP7rv99N1K3VaoOPsg0cTQxcwW70u0rFXYvi73qjAD0JQUw
ApqRHSSItOW1QIZFjhZuGtQb8/WqmrUIHKG0FUrrRwz0y66tME925o2PnPPq99z8
l0oBo7SGGy5N6hcSBrLqsa4RZqA1Ci9S57Xjrs8qbkx/5ocsXGpMDwFcDW5zpPqn
iyQGcaz9iO8KTmntMs1bYIW5G/IIZTzoE7gQFt4t7+R+PORzMA3q5ThglDuKmFqV
OPZO6w4BP+G7eSdq2OcI355XFeIes2CksSN3xBqAAey/0h2RmJBTlTFaScAjO1xb
O9khCStJIZTP0BxaHkZWBnV3Na83LwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFLno
fQBvGrDfs+h1A1QuhfZgwAkIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RUI1ODJFQTI0NjIxMUYwQjg1OUMzRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBmtoUMAwDBACa2hcDBACa
2hgDBAKa3tADBACa3t8DBACa3vcwDQYJKoZIhvcNAQELBQADggEBAEpGzX8wxaus
JF18IaBOteM0D1XUQ84QeQxiNZuyNs4QWQ3dEN2eQlwYFg+bTrIktOOxTS2LNY7p
w/uYq1zxcTekHFFYmU3PYCA2Uela6XrCUH/2PKXgyKTr1ViMWmWgM2Zd70vNqfSc
K/AjCu3wYcTuoHN/a4TZOcX8hi02oqYwu7fV6y64ojP3IlBO+Gxk7Uh4pTZfxwBl
y1L4ZsUzHEORQpPC498lG3+CsE6hLT5DFvwrZ0dSHtNe7YTTTphOxLGdoNJoYDfj
2J+CFu1FGV4u2eKL6kUCHb8PsgrdUxoGO2Vn7vvf8/CnoFb7iscDYBd/t6SYFBvY
4iX5Y6qk/gM=
-----END CERTIFICATE-----
Generated at Sat May 10 19:07:52 2025 by rpki-client