Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85186ADC24F511F0B2D113BBDAE4EC9C.roa
File: 85186ADC24F511F0B2D113BBDAE4EC9C.roa (raw, json)
Hash identifier: uYRdjakJgPky5cmhlEEMz7YMZRPcpZ/HLdRxfMNha18=
Subject key identifier: 7D:9B:42:B3:41:19:29:49:33:A5:26:B0:0E:3F:C4:D9:9F:0E:30:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017CF8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85186ADC24F511F0B2D113BBDAE4EC9C.roa
Signing time: Tue 29 Apr 2025 12:28:57 +0000
ROA not before: Tue 29 Apr 2025 12:28:52 +0000
ROA not after: Tue 29 Jul 2025 12:28:52 +0000
asID: 9294
IP address blocks: 154.196.96.0/19 maxlen: 24
154.205.64.0/18 maxlen: 24
154.211.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 09 May 2025 00:06:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97528 (0x17cf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 12:28:52 2025 GMT
Not After : Jul 29 12:28:52 2025 GMT
Subject: CN=6810c609-a0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d5:57:86:04:54:97:3f:56:32:95:66:cb:8e:
2b:50:90:2b:f5:9b:0f:11:cc:7d:fa:54:3b:99:17:
4c:09:70:09:32:6e:77:73:5c:12:ab:ad:f5:fc:38:
e7:6e:48:05:9d:fc:bf:5a:25:22:d6:0f:dd:25:4d:
fc:eb:4b:eb:0e:ca:60:3c:67:3a:5b:3e:40:ab:57:
7d:1d:27:24:bb:da:03:61:e0:2e:55:e7:d4:0b:b9:
ed:d7:44:5f:e3:7c:1a:4b:ee:99:da:ba:da:86:c3:
1f:30:43:e5:c0:69:cc:ff:c5:19:c3:8a:db:c8:ce:
c2:4a:54:f2:52:79:d8:be:c4:5a:65:51:11:84:6a:
45:5b:e0:ac:f4:77:88:01:c1:00:34:10:78:3f:a9:
44:4f:46:44:99:34:6f:c3:72:95:b8:36:3a:a2:7a:
89:83:aa:87:54:8c:bd:69:e9:fe:64:b3:1b:b1:59:
88:d6:55:d7:06:21:26:2a:8c:32:cf:2e:68:16:e7:
1f:a0:a3:57:91:28:45:5c:4a:6e:da:54:45:25:f2:
6f:83:41:89:1c:59:f0:94:3f:62:1c:f9:cd:6f:4c:
63:11:b6:97:ff:46:6a:5a:fe:86:59:0c:b4:1a:f0:
f3:79:26:80:86:94:75:d2:f1:bb:51:42:c4:54:e0:
50:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:9B:42:B3:41:19:29:49:33:A5:26:B0:0E:3F:C4:D9:9F:0E:30:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85186ADC24F511F0B2D113BBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.96.0/19
154.205.64.0/18
154.211.32.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:79:7d:59:13:f2:45:83:3b:16:7c:4d:22:b8:7e:0e:d1:f7:
d1:0d:c2:90:4a:d0:31:a8:76:0c:4f:35:12:f5:2b:c5:af:ce:
e2:bd:b2:9f:3d:f8:82:ee:e4:0e:de:b9:24:ec:d2:a4:bb:f7:
5e:75:00:5e:a7:22:e4:d6:ef:b3:e2:40:28:4a:3c:38:0b:ce:
94:60:4d:da:f4:54:60:d8:f0:38:cc:a2:f0:9d:38:b5:ce:b4:
72:25:81:c1:18:78:e8:67:8b:5d:9a:60:9f:23:9d:c7:aa:f8:
09:a5:21:b1:57:1d:8f:64:9a:58:25:48:90:f2:fb:52:32:23:
f8:59:8d:85:72:f4:0f:fb:52:6e:5f:b8:41:0d:57:2b:65:a4:
ae:90:b8:b4:37:a8:ee:ce:e9:50:bd:8a:2c:a7:77:23:87:6f:
9d:84:aa:3e:75:0c:76:ef:16:8b:ee:2c:16:c1:41:91:3f:86:
fd:de:e6:42:3f:14:50:bf:28:69:1c:b3:fb:02:f0:da:61:44:
b7:4a:c8:49:0a:fa:11:e2:87:fa:ae:a3:0d:79:61:54:23:09:
03:ab:eb:71:a8:23:5f:0d:69:45:ec:d3:07:28:8a:13:3b:86:
6a:93:57:b2:0c:4f:d0:a6:7e:2f:82:c8:c2:68:5c:33:be:eb:
fc:3a:88:50
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXz4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI5MTIyODUyWhcNMjUwNzI5MTIyODUyWjAYMRYw
FAYDVQQDEw02ODEwYzYwOS1hMGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArdVXhgRUlz9WMpVmy44rUJAr9ZsPEcx9+lQ7mRdMCXAJMm53c1wSq631
/DjnbkgFnfy/WiUi1g/dJU3860vrDspgPGc6Wz5Aq1d9HScku9oDYeAuVefUC7nt
10Rf43waS+6Z2rrahsMfMEPlwGnM/8UZw4rbyM7CSlTyUnnYvsRaZVERhGpFW+Cs
9HeIAcEANBB4P6lET0ZEmTRvw3KVuDY6onqJg6qHVIy9aen+ZLMbsVmI1lXXBiEm
Kowyzy5oFucfoKNXkShFXEpu2lRFJfJvg0GJHFnwlD9iHPnNb0xjEbaX/0ZqWv6G
WQy0GvDzeSaAhpR10vG7UULEVOBQHwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFH2b
QrNBGSlJM6UmsA4/xNmfDjDNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTE4NkFEQzI0RjUxMUYwQjJEMTEzQkJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFmsRgAwQGms1AAwQFmtMg
MA0GCSqGSIb3DQEBCwUAA4IBAQAceX1ZE/JFgzsWfE0iuH4O0ffRDcKQStAxqHYM
TzUS9SvFr87ivbKfPfiC7uQO3rkk7NKku/dedQBepyLk1u+z4kAoSjw4C86UYE3a
9FRg2PA4zKLwnTi1zrRyJYHBGHjoZ4tdmmCfI53HqvgJpSGxVx2PZJpYJUiQ8vtS
MiP4WY2FcvQP+1JuX7hBDVcrZaSukLi0N6juzulQvYosp3cjh2+dhKo+dQx27xaL
7iwWwUGRP4b93uZCPxRQvyhpHLP7AvDaYUS3SshJCvoR4of6rqMNeWFUIwkDq+tx
qCNfDWlF7NMHKIoTO4Zqk1eyDE/Qpn4vgsjCaFwzvuv8OohQ
-----END CERTIFICATE-----
Generated at Wed May 7 22:13:42 2025 by rpki-client