Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7508A56026AA11F0911E3CA2DAE4EC9C.roa
File: 7508A56026AA11F0911E3CA2DAE4EC9C.roa (raw, json)
Hash identifier: PPA/HCxKC42Y0ux7WQoo5qiMIarygW9n+Fis0doKf/s=
Subject key identifier: BA:3D:62:60:7B:7F:4A:AA:5D:ED:AF:2E:8B:C3:DE:48:D8:E8:E2:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7508A56026AA11F0911E3CA2DAE4EC9C.roa
Signing time: Thu 01 May 2025 16:36:40 +0000
ROA not before: Thu 01 May 2025 16:36:35 +0000
ROA not after: Mon 01 May 2028 16:36:35 +0000
asID: 17561
IP address blocks: 154.214.182.0/24 maxlen: 24
154.214.183.0/24 maxlen: 24
154.214.184.0/24 maxlen: 24
154.214.185.0/24 maxlen: 24
154.214.186.0/24 maxlen: 24
154.214.187.0/24 maxlen: 24
154.214.188.0/24 maxlen: 24
154.214.189.0/24 maxlen: 24
154.214.190.0/24 maxlen: 24
154.214.191.0/24 maxlen: 24
154.221.64.0/24 maxlen: 24
154.221.66.0/24 maxlen: 24
154.221.67.0/24 maxlen: 24
154.221.68.0/24 maxlen: 24
154.221.70.0/24 maxlen: 24
154.221.71.0/24 maxlen: 24
154.221.72.0/24 maxlen: 24
154.221.73.0/24 maxlen: 24
154.221.74.0/24 maxlen: 24
154.221.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 13:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97850 (0x17e3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 16:36:35 2025 GMT
Not After : May 1 16:36:35 2028 GMT
Subject: CN=6813a318-6d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:77:64:b6:d3:10:b3:37:ff:f1:05:16:70:
bd:b3:13:ad:71:5f:bb:6f:6c:14:1a:b5:cc:a3:d7:
eb:85:37:8d:26:c8:25:d7:a8:ee:c6:26:11:15:94:
51:63:69:3f:29:9e:58:ea:d0:05:5c:83:d3:20:9c:
50:f2:d2:5b:88:99:75:dc:cc:81:96:f5:47:01:69:
04:43:30:85:de:38:ac:84:74:1b:05:c8:56:dc:fd:
59:d9:6e:5a:05:7a:69:13:1e:16:4f:b6:06:11:df:
6d:84:31:d9:54:21:c9:de:14:c3:3a:0f:97:16:b4:
6d:ba:f6:0d:88:98:75:32:9a:7c:52:91:04:89:b4:
9b:ed:b4:59:64:3b:6e:e1:cf:19:44:f9:ea:4f:2b:
b7:2c:8e:7c:7d:ab:0d:14:d1:7d:04:06:3f:2f:64:
51:1e:cd:4f:0a:08:84:34:cd:0b:f4:e1:35:c5:0c:
fe:6c:27:4a:43:d3:79:1b:58:71:6d:54:0a:06:a4:
e9:29:b2:f8:a9:52:2e:0c:78:a1:d1:c8:cc:13:58:
7d:97:8b:86:5e:51:ed:fa:7b:cc:dd:2c:e0:82:9a:
f4:4e:df:08:39:49:c4:ab:25:66:cf:cb:67:aa:28:
ce:8c:73:55:3d:c2:5e:df:b5:65:ef:87:f5:91:2c:
dd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3D:62:60:7B:7F:4A:AA:5D:ED:AF:2E:8B:C3:DE:48:D8:E8:E2:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7508A56026AA11F0911E3CA2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.182.0-154.214.191.255
154.221.64.0/24
154.221.66.0-154.221.68.255
154.221.70.0-154.221.75.255
Signature Algorithm: sha256WithRSAEncryption
94:1b:5f:d2:06:1d:61:bc:aa:58:6a:fe:11:e2:74:e4:60:29:
bf:5d:80:0b:cf:83:00:ce:0b:33:ba:01:c1:8e:47:cf:ec:94:
e6:9f:bc:05:b5:39:1a:3e:e8:13:e9:c8:f2:0b:07:4a:76:f6:
a1:80:98:a9:f4:aa:33:04:6e:8e:51:17:8a:65:84:0a:86:ea:
05:d8:f6:9c:f0:4e:1a:b7:be:d0:11:c1:a9:a1:4d:ec:93:e2:
68:f8:7b:7f:fb:7e:9f:14:4e:c2:3b:04:47:c9:d7:91:bf:a2:
dc:8b:b9:52:ca:3b:2c:a8:d2:2b:5c:15:ee:e3:43:17:78:47:
6a:65:24:0f:9b:40:ef:c1:1d:9d:a7:14:50:72:e0:d5:d9:7c:
9b:63:71:06:a9:5d:22:ca:c1:62:07:c9:d4:62:56:ab:64:da:
7e:8c:4f:4d:fc:59:90:06:55:25:ca:c3:fc:25:24:73:e9:ed:
53:35:91:93:3b:ff:b1:b5:f6:9c:d4:f1:79:bd:a3:6c:1e:3a:
16:b3:50:dc:94:70:a0:8e:87:8d:bf:ba:31:19:d6:40:cf:4e:
8f:43:f3:de:d4:02:ef:5f:c9:02:16:d5:3a:f7:90:c5:a0:31:
25:bd:20:4a:15:34:aa:15:b8:95:16:a4:63:b0:f4:e3:73:e5:
0f:36:ec:ea
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDAX46MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTYzNjM1WhcNMjgwNTAxMTYzNjM1WjAYMRYw
FAYDVQQDEw02ODEzYTMxOC02ZDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAymp3ZLbTELM3//EFFnC9sxOtcV+7b2wUGrXMo9frhTeNJsgl16juxiYR
FZRRY2k/KZ5Y6tAFXIPTIJxQ8tJbiJl13MyBlvVHAWkEQzCF3jishHQbBchW3P1Z
2W5aBXppEx4WT7YGEd9thDHZVCHJ3hTDOg+XFrRtuvYNiJh1Mpp8UpEEibSb7bRZ
ZDtu4c8ZRPnqTyu3LI58fasNFNF9BAY/L2RRHs1PCgiENM0L9OE1xQz+bCdKQ9N5
G1hxbVQKBqTpKbL4qVIuDHih0cjME1h9l4uGXlHt+nvM3Szggpr0Tt8IOUnEqyVm
z8tnqijOjHNVPcJe37Vl74f1kSzd7QIDAQABo4ICzzCCAsswHQYDVR0OBBYEFLo9
YmB7f0qqXe2vLovD3kjY6OKVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NTA4QTU2MDI2QUExMUYwOTExRTNDQTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAGa1rYDBAaa1oADBACa
3UAwDAMEAZrdQgMEAJrdRDAMAwQBmt1GAwQCmt1IMA0GCSqGSIb3DQEBCwUAA4IB
AQCUG1/SBh1hvKpYav4R4nTkYCm/XYALz4MAzgszugHBjkfP7JTmn7wFtTkaPugT
6cjyCwdKdvahgJip9KozBG6OUReKZYQKhuoF2Pac8E4at77QEcGpoU3sk+Jo+Ht/
+36fFE7COwRHydeRv6Lci7lSyjssqNIrXBXu40MXeEdqZSQPm0DvwR2dpxRQcuDV
2XybY3EGqV0iysFiB8nUYlarZNp+jE9N/FmQBlUlysP8JSRz6e1TNZGTO/+xtfac
1PF5vaNsHjoWs1DclHCgjoeNv7oxGdZAz06PQ/Pe1ALvX8kCFtU695DFoDElvSBK
FTSqFbiVFqRjsPTjc+UPNuzq
-----END CERTIFICATE-----
Generated at Fri May 9 02:56:43 2025 by rpki-client