Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/871064622F3511F08E1FCBCCDAE4EC9C.roa
File: 871064622F3511F08E1FCBCCDAE4EC9C.roa (raw, json)
Hash identifier: gCTvBWRqc373+D3wW2B8xP0lR3BCngUHcuWa8bc1eMo=
Subject key identifier: EF:18:04:92:F8:CE:A6:3D:1B:58:2E:8E:5A:38:98:2C:79:AB:9B:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018021
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/871064622F3511F08E1FCBCCDAE4EC9C.roa
Signing time: Mon 12 May 2025 13:32:20 +0000
ROA not before: Mon 12 May 2025 13:32:15 +0000
ROA not after: Tue 20 May 2025 13:32:15 +0000
asID: 137951
IP address blocks: 154.215.4.0/22 maxlen: 24
154.215.8.0/22 maxlen: 24
154.218.128.0/18 maxlen: 24
154.221.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98337 (0x18021)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 13:32:15 2025 GMT
Not After : May 20 13:32:15 2025 GMT
Subject: CN=6821f864-feb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:75:f2:10:de:89:9e:09:e2:ce:d7:72:fb:0e:
36:92:d9:37:9a:f8:32:54:84:af:e8:34:96:48:56:
14:98:86:7b:18:fd:2d:9c:b5:2c:d8:34:e4:4d:15:
6b:63:7c:c7:32:e2:b9:df:e5:74:06:37:61:1b:cc:
f7:2b:10:2f:dd:ce:b6:9c:cd:eb:56:9c:4a:7b:97:
05:ad:90:c6:72:1c:70:4f:60:ee:2a:55:90:56:4c:
22:b8:e5:42:e9:00:19:8a:7d:6f:52:dd:13:e8:f2:
3b:fd:e5:df:fc:ac:bf:3b:c4:75:97:5a:44:0d:1d:
70:6a:7d:ef:e2:c3:6c:3c:2c:07:47:45:f8:d5:a0:
2b:b6:a6:37:3f:06:d0:15:d6:b3:7e:61:9d:a7:e1:
fb:a8:c9:1c:5b:90:7d:5d:81:9d:b7:94:d3:69:3a:
9b:e4:ef:46:25:0d:7e:ad:14:f0:72:06:b7:93:fc:
65:03:f7:9d:6f:17:6e:be:08:d9:34:42:37:1a:df:
6b:41:bb:02:81:32:dd:19:ee:b0:eb:be:98:9b:4f:
ca:c5:c3:34:11:46:99:e0:bb:a0:77:1b:37:47:58:
19:c7:58:42:c3:8b:ea:e5:57:8f:bb:20:36:03:a6:
f5:42:5d:bf:f1:5f:8b:f3:cd:97:82:48:3c:ca:1a:
46:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:18:04:92:F8:CE:A6:3D:1B:58:2E:8E:5A:38:98:2C:79:AB:9B:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/871064622F3511F08E1FCBCCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.4.0-154.215.11.255
154.218.128.0/18
154.221.4.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:72:97:5e:92:c4:7d:76:e3:8f:de:63:68:42:98:a1:d9:d0:
fc:d9:50:e3:56:b1:8d:20:37:c9:2c:af:4b:b2:4c:26:ba:cd:
8e:4a:56:26:70:22:f8:3a:b9:e2:51:49:05:df:63:1a:75:c8:
17:8d:6d:03:12:86:11:63:ef:ac:08:c2:c4:e3:68:e2:f7:19:
a9:b9:70:55:ff:e5:fc:84:3a:28:df:c1:2c:62:fc:ca:12:eb:
88:f1:4a:2f:1f:9b:27:9c:fb:27:fe:86:7f:71:e5:e2:8b:3f:
05:f1:72:df:27:8c:c7:59:61:0c:f1:b5:a0:1a:a4:b0:b2:10:
ec:6a:ff:a6:83:2f:46:0c:2c:11:bf:8f:02:87:36:40:f3:9c:
60:bf:41:1e:aa:97:57:45:be:98:cf:c3:93:df:05:7d:ff:54:
f0:33:5c:95:bd:ee:dd:2e:df:97:bb:cd:08:7d:a8:da:b7:49:
14:59:b4:95:a7:ad:f7:ac:da:a2:c5:7a:e8:f9:fd:bd:d4:62:
62:4e:27:30:6f:59:df:f1:34:6a:2d:39:96:01:aa:61:5a:fa:
6e:ba:8c:8a:03:4a:a8:07:c5:e8:13:16:59:47:5f:46:20:66:
6d:df:a0:bc:84:47:58:f9:9b:3c:8f:ea:60:87:ad:09:18:48:
41:db:26:49
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYAhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTMzMjE1WhcNMjUwNTIwMTMzMjE1WjAYMRYw
FAYDVQQDEw02ODIxZjg2NC1mZWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtnXyEN6Jngniztdy+w42ktk3mvgyVISv6DSWSFYUmIZ7GP0tnLUs2DTk
TRVrY3zHMuK53+V0BjdhG8z3KxAv3c62nM3rVpxKe5cFrZDGchxwT2DuKlWQVkwi
uOVC6QAZin1vUt0T6PI7/eXf/Ky/O8R1l1pEDR1wan3v4sNsPCwHR0X41aArtqY3
PwbQFdazfmGdp+H7qMkcW5B9XYGdt5TTaTqb5O9GJQ1+rRTwcga3k/xlA/edbxdu
vgjZNEI3Gt9rQbsCgTLdGe6w676Ym0/KxcM0EUaZ4Lugdxs3R1gZx1hCw4vq5VeP
uyA2A6b1Ql2/8V+L882Xgkg8yhpGGwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFO8Y
BJL4zqY9G1gujlo4mCx5q5vQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzEwNjQ2MjJGMzUxMUYwOEUxRkNCQ0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKa1wQDBAKa1wgDBAaa
2oADBAKa3QQwDQYJKoZIhvcNAQELBQADggEBAFpyl16SxH1244/eY2hCmKHZ0PzZ
UONWsY0gN8ksr0uyTCa6zY5KViZwIvg6ueJRSQXfYxp1yBeNbQMShhFj76wIwsTj
aOL3Gam5cFX/5fyEOijfwSxi/MoS64jxSi8fmyec+yf+hn9x5eKLPwXxct8njMdZ
YQzxtaAapLCyEOxq/6aDL0YMLBG/jwKHNkDznGC/QR6ql1dFvpjPw5PfBX3/VPAz
XJW97t0u35e7zQh9qNq3SRRZtJWnrfes2qLFeuj5/b3UYmJOJzBvWd/xNGotOZYB
qmFa+m66jIoDSqgHxegTFllHX0YgZm3foLyER1j5mzyP6mCHrQkYSEHbJkk=
-----END CERTIFICATE-----
Generated at Thu May 15 23:57:09 2025 by rpki-client