Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7DA4B338267F11F0A10F3088DAE4EC9C.roa
File: 7DA4B338267F11F0A10F3088DAE4EC9C.roa (raw, json)
Hash identifier: fOY6z4O1TLLPSsKGJ+cF9qC7fbnRvgp8Ra9WrjtaaB4=
Subject key identifier: 75:56:75:7B:95:70:23:A3:BE:19:EB:CE:31:63:83:CF:54:AC:01:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017DEC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7DA4B338267F11F0A10F3088DAE4EC9C.roa
Signing time: Thu 01 May 2025 11:29:06 +0000
ROA not before: Thu 01 May 2025 11:29:01 +0000
ROA not after: Wed 26 Apr 2028 11:29:01 +0000
asID: 17561
IP address blocks: 154.81.4.0/24 maxlen: 24
154.81.5.0/24 maxlen: 24
154.81.6.0/24 maxlen: 24
154.81.7.0/24 maxlen: 24
154.82.0.0/24 maxlen: 24
154.82.1.0/24 maxlen: 24
154.82.2.0/24 maxlen: 24
154.82.3.0/24 maxlen: 24
154.82.4.0/24 maxlen: 24
154.82.5.0/24 maxlen: 24
154.82.6.0/24 maxlen: 24
154.82.7.0/24 maxlen: 24
154.82.8.0/24 maxlen: 24
154.82.9.0/24 maxlen: 24
154.82.10.0/24 maxlen: 24
154.82.11.0/24 maxlen: 24
154.82.12.0/24 maxlen: 24
154.82.13.0/24 maxlen: 24
154.82.14.0/24 maxlen: 24
154.82.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97772 (0x17dec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 11:29:01 2025 GMT
Not After : Apr 26 11:29:01 2028 GMT
Subject: CN=68135b02-3500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b9:71:a1:45:b4:b8:69:86:09:2b:cd:04:d1:
a0:a8:d0:d6:c9:eb:59:b0:4e:5a:01:50:f8:07:b1:
5c:65:7b:79:9c:89:9c:60:b2:f0:05:ab:ff:94:e0:
b7:1e:4a:77:86:44:50:82:77:2c:79:8a:62:6a:e7:
f5:b2:62:f4:1b:36:1c:c2:96:79:22:54:b1:c3:25:
a7:91:38:1f:5d:63:a4:2a:6c:31:ab:32:86:0c:a6:
6f:e1:01:e7:d3:94:1c:7b:0a:00:cd:08:25:be:ec:
34:ed:60:58:0e:0f:5b:ba:92:ab:61:95:28:54:83:
d3:6a:f4:ea:23:39:42:cc:47:f5:f7:07:c5:73:11:
8e:e0:b4:86:3e:2c:7b:dd:d2:26:28:63:6b:2f:11:
7c:02:02:cf:e0:7c:fd:73:26:ae:29:4b:e4:b9:eb:
2b:73:0e:d0:57:85:b0:61:01:77:f9:e9:12:f0:93:
09:28:2f:55:26:6b:0e:f5:82:dd:e0:86:52:3d:33:
c7:5d:3a:06:a0:23:db:8a:ef:98:fc:c1:f3:3a:0a:
e9:14:25:a2:04:b9:43:d6:e7:08:30:23:a1:49:1e:
77:7f:c6:d8:2b:05:5a:d8:13:b8:6c:ae:ef:4d:1f:
18:60:48:77:eb:a3:50:ff:e0:b7:e7:79:c6:b1:4f:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:56:75:7B:95:70:23:A3:BE:19:EB:CE:31:63:83:CF:54:AC:01:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7DA4B338267F11F0A10F3088DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.4.0/22
154.82.0.0/20
Signature Algorithm: sha256WithRSAEncryption
70:a2:8c:ef:16:16:5b:39:83:b5:01:94:fb:c2:c6:b3:e8:e3:
90:1e:ca:93:b1:ac:04:b8:af:ac:6d:70:db:e1:3e:6b:c5:9d:
c8:96:86:5c:09:b0:1e:2d:4e:2b:e8:54:a0:36:17:39:c5:fa:
56:a7:37:c8:6c:08:91:cf:e1:8d:ed:53:ba:99:9d:66:c7:0c:
85:20:b6:d9:58:82:d3:82:e2:5c:e1:0e:3f:f0:8f:5b:59:84:
4f:65:ae:34:50:ce:70:d6:f6:af:ee:d5:1a:60:13:ad:d7:91:
fc:e4:28:fd:7c:c3:34:30:9d:d2:e9:38:bd:bc:82:39:92:e2:
38:0e:94:6d:df:ea:db:3d:90:27:0d:66:ec:71:42:c2:d6:d3:
b0:59:03:b7:7a:52:88:01:e8:d6:33:fe:4a:24:2d:ad:95:4d:
d2:3b:2a:96:46:0e:0c:79:95:15:b3:d4:66:2e:ae:57:1e:84:
48:e2:a3:be:1a:bc:d0:1a:6d:04:88:a7:a3:f5:a6:f6:02:c6:
51:86:1d:da:4f:65:db:e6:e5:f4:99:5d:e9:70:33:3a:30:d5:
b9:97:de:04:8c:b1:e3:72:f4:cd:76:d8:24:be:d7:bb:08:8a:
24:39:8b:8b:63:b2:7a:d6:46:86:ec:d8:66:50:8a:9c:46:fc:
a6:63:b3:e9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX3sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTEyOTAxWhcNMjgwNDI2MTEyOTAxWjAYMRYw
FAYDVQQDEw02ODEzNWIwMi0zNTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxblxoUW0uGmGCSvNBNGgqNDWyetZsE5aAVD4B7FcZXt5nImcYLLwBav/
lOC3Hkp3hkRQgncseYpiauf1smL0GzYcwpZ5IlSxwyWnkTgfXWOkKmwxqzKGDKZv
4QHn05QcewoAzQglvuw07WBYDg9bupKrYZUoVIPTavTqIzlCzEf19wfFcxGO4LSG
Pix73dImKGNrLxF8AgLP4Hz9cyauKUvkuesrcw7QV4WwYQF3+ekS8JMJKC9VJmsO
9YLd4IZSPTPHXToGoCPbiu+Y/MHzOgrpFCWiBLlD1ucIMCOhSR53f8bYKwVa2BO4
bK7vTR8YYEh366NQ/+C353nGsU+KjQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHVW
dXuVcCOjvhnrzjFjg89UrAGtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83REE0QjMzODI2N0YxMUYwQTEwRjMwODhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlEEAwQEmlIAMA0GCSqG
SIb3DQEBCwUAA4IBAQBwoozvFhZbOYO1AZT7wsaz6OOQHsqTsawEuK+sbXDb4T5r
xZ3IloZcCbAeLU4r6FSgNhc5xfpWpzfIbAiRz+GN7VO6mZ1mxwyFILbZWILTguJc
4Q4/8I9bWYRPZa40UM5w1vav7tUaYBOt15H85Cj9fMM0MJ3S6Ti9vII5kuI4DpRt
3+rbPZAnDWbscULC1tOwWQO3elKIAejWM/5KJC2tlU3SOyqWRg4MeZUVs9RmLq5X
HoRI4qO+GrzQGm0EiKej9ab2AsZRhh3aT2Xb5uX0mV3pcDM6MNW5l94EjLHjcvTN
dtgkvte7CIokOYuLY7J61kaG7NhmUIqcRvymY7Pp
-----END CERTIFICATE-----
Generated at Sun May 11 12:40:40 2025 by rpki-client