Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88234F3A247311F0AD2A40CADAE4EC9C.roa
File: 88234F3A247311F0AD2A40CADAE4EC9C.roa (raw, json)
Hash identifier: iW0gvxpctnuR+XgbC21cMXdtrHLLhy8hRuUHkt4wRGo=
Subject key identifier: 86:59:89:05:AF:3A:B3:34:D0:D4:F6:42:B8:EC:BC:48:C5:EE:9F:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C7F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88234F3A247311F0AD2A40CADAE4EC9C.roa
Signing time: Mon 28 Apr 2025 20:58:28 +0000
ROA not before: Mon 28 Apr 2025 20:58:23 +0000
ROA not after: Wed 25 Jun 2025 20:58:23 +0000
asID: 63139
IP address blocks: 154.194.68.0/24 maxlen: 24
154.223.22.0/24 maxlen: 24
154.223.25.0/24 maxlen: 24
154.223.27.0/24 maxlen: 24
154.223.30.0/24 maxlen: 24
154.223.31.0/24 maxlen: 24
154.223.36.0/24 maxlen: 24
154.223.38.0/24 maxlen: 24
154.223.39.0/24 maxlen: 24
154.223.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97407 (0x17c7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 20:58:23 2025 GMT
Not After : Jun 25 20:58:23 2025 GMT
Subject: CN=680febf3-88b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ed:d9:70:50:fd:84:23:0a:53:32:24:34:00:
6a:ba:f7:b9:4f:39:61:17:42:51:f5:12:3f:6f:84:
ca:ac:84:8f:71:50:81:b0:12:e5:2e:6f:6c:30:f3:
c4:ad:f8:79:36:ba:6e:f3:65:9e:d5:32:ff:9e:21:
d6:73:f0:68:b1:48:02:cc:35:51:c9:3b:be:c1:8b:
d3:a0:e5:e9:3d:3a:b2:17:67:01:24:54:ea:78:cf:
8c:04:41:a0:15:51:f5:31:5c:ca:d7:e8:77:52:9c:
d8:6d:34:f9:03:35:87:7c:49:fb:6e:03:5d:ea:97:
22:a5:3a:46:d4:e0:fe:6c:d2:34:38:7d:1c:f1:fd:
f3:b7:28:0c:5f:79:6d:5c:ca:3b:f2:a2:73:0f:79:
2f:0d:72:6c:da:91:d0:c5:3d:f6:5e:cf:46:22:f2:
2c:44:4b:ef:20:28:a8:75:58:d6:92:ae:6b:fb:2f:
60:01:81:1d:58:c6:86:47:25:4f:1e:72:dd:6a:b9:
41:7a:c0:96:46:51:97:42:d9:b4:3d:23:b4:d3:16:
d9:81:f0:85:67:ba:67:29:8d:51:eb:5e:e2:59:7f:
6c:19:65:1a:81:ab:e3:b7:57:31:f5:d4:53:0e:cd:
d4:cb:8f:7d:7a:50:f4:f8:8c:55:e8:fc:99:46:09:
78:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:89:05:AF:3A:B3:34:D0:D4:F6:42:B8:EC:BC:48:C5:EE:9F:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88234F3A247311F0AD2A40CADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.68.0/24
154.223.22.0/24
154.223.25.0/24
154.223.27.0/24
154.223.30.0/23
154.223.36.0/24
154.223.38.0/23
154.223.50.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:2d:12:77:18:2c:4a:23:09:56:9b:9e:3b:b2:40:4d:4f:39:
af:98:fb:88:f9:25:16:a9:bd:53:fb:94:c7:2f:92:ec:e6:39:
01:37:ad:33:cd:23:00:a5:48:be:3d:dd:00:76:52:f0:8c:73:
99:5f:03:80:73:0f:33:28:d7:d7:df:af:d3:8a:c7:27:b7:ca:
8f:3c:b2:79:fe:21:1a:73:11:6c:8a:eb:b3:0c:60:29:e2:79:
ab:73:a1:a3:25:2a:14:5f:45:c7:18:5f:32:fe:cb:d2:7e:a7:
eb:c5:65:39:5a:55:80:df:82:2b:d8:53:96:d7:1c:14:e5:c5:
d7:43:65:f1:9d:b6:7e:98:1b:93:e6:b2:c1:07:d3:06:93:64:
66:92:7a:7d:8e:1f:ee:64:8a:be:bb:36:e1:18:e6:9a:a8:db:
c6:1a:55:7b:d4:da:54:18:cb:b4:1d:83:7f:ad:9f:5e:37:44:
fc:97:f5:57:85:6c:68:c7:00:5a:eb:95:bb:ab:9f:ea:02:e9:
a7:7e:42:35:67:c6:01:bb:53:e3:af:d2:26:ba:d3:9a:ec:7e:
71:7b:62:eb:e2:5a:6b:f4:e7:b7:9c:14:4b:52:bd:e8:b7:32:
13:f6:5e:ec:d7:ab:33:42:2f:33:f9:b2:db:c6:ca:e9:6b:16:
b3:9c:bf:72
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDAXx/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MjA1ODIzWhcNMjUwNjI1MjA1ODIzWjAYMRYw
FAYDVQQDEw02ODBmZWJmMy04OGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1O3ZcFD9hCMKUzIkNABquve5TzlhF0JR9RI/b4TKrISPcVCBsBLlLm9s
MPPErfh5Nrpu82We1TL/niHWc/BosUgCzDVRyTu+wYvToOXpPTqyF2cBJFTqeM+M
BEGgFVH1MVzK1+h3UpzYbTT5AzWHfEn7bgNd6pcipTpG1OD+bNI0OH0c8f3ztygM
X3ltXMo78qJzD3kvDXJs2pHQxT32Xs9GIvIsREvvICiodVjWkq5r+y9gAYEdWMaG
RyVPHnLdarlBesCWRlGXQtm0PSO00xbZgfCFZ7pnKY1R617iWX9sGWUagavjt1cx
9dRTDs3Uy499elD0+IxV6PyZRgl4BQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFIZZ
iQWvOrM00NT2QrjsvEjF7p+8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODIzNEYzQTI0NzMxMUYwQUQyQTQwQ0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAmsJEAwQAmt8WAwQAmt8Z
AwQAmt8bAwQBmt8eAwQAmt8kAwQBmt8mAwQAmt8yMA0GCSqGSIb3DQEBCwUAA4IB
AQC5LRJ3GCxKIwlWm547skBNTzmvmPuI+SUWqb1T+5THL5Ls5jkBN60zzSMApUi+
Pd0AdlLwjHOZXwOAcw8zKNfX36/Tiscnt8qPPLJ5/iEacxFsiuuzDGAp4nmrc6Gj
JSoUX0XHGF8y/svSfqfrxWU5WlWA34Ir2FOW1xwU5cXXQ2XxnbZ+mBuT5rLBB9MG
k2Rmknp9jh/uZIq+uzbhGOaaqNvGGlV71NpUGMu0HYN/rZ9eN0T8l/VXhWxoxwBa
65W7q5/qAumnfkI1Z8YBu1Pjr9ImutOa7H5xe2Lr4lpr9Oe3nBRLUr3otzIT9l7s
16szQi8z+bLbxsrpaxaznL9y
-----END CERTIFICATE-----
Generated at Sat May 10 22:28:09 2025 by rpki-client