Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A4A8CC2245C11F098A80FB2DAE4EC9C.roa
File: 8A4A8CC2245C11F098A80FB2DAE4EC9C.roa (raw, json)
Hash identifier: I5B7ITuUqSFs0wuNJwsZWavX6bbPy+Xwys/N7pKn2Lo=
Subject key identifier: 5F:0E:BC:0B:EC:2E:4C:E8:96:8D:07:4C:E2:EC:12:21:65:CC:53:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C5B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A4A8CC2245C11F098A80FB2DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 18:13:53 +0000
ROA not before: Mon 28 Apr 2025 18:13:48 +0000
ROA not after: Sun 26 Apr 2026 18:13:48 +0000
asID: 984
IP address blocks: 154.216.169.0/24 maxlen: 24
154.216.176.0/24 maxlen: 24
154.216.178.0/24 maxlen: 24
154.216.179.0/24 maxlen: 24
154.216.183.0/24 maxlen: 24
154.216.184.0/24 maxlen: 24
154.216.187.0/24 maxlen: 24
154.216.189.0/24 maxlen: 24
154.216.191.0/24 maxlen: 24
154.219.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 11 May 2025 11:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97371 (0x17c5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 18:13:48 2025 GMT
Not After : Apr 26 18:13:48 2026 GMT
Subject: CN=680fc561-d9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2c:d2:f9:2f:68:fa:4a:20:1a:8d:98:56:b3:
a1:80:a6:fc:06:cf:4e:e5:3b:7b:2f:36:22:5c:ef:
07:dd:e4:95:bc:0e:e8:69:ee:27:75:0b:e1:94:0a:
bd:cf:47:56:94:eb:de:3a:83:64:f7:cb:af:09:4e:
05:79:db:80:70:b2:96:d3:03:ba:c6:5e:67:14:e3:
5c:af:c3:8c:f7:5c:80:87:9d:2c:95:ed:cf:21:f6:
81:3a:64:d0:ad:a4:7d:3c:d2:b3:dc:27:65:3d:b2:
de:bf:db:4c:4e:82:49:16:9b:23:bf:25:ac:7d:94:
a0:bb:07:2b:c3:04:46:29:b3:99:b4:19:6c:b4:20:
1b:cb:57:b0:7d:95:21:4a:c4:0a:15:86:1c:2f:cc:
5d:94:5c:09:6f:d7:1d:c5:7a:09:56:bb:fe:b9:5d:
43:f8:5c:d2:04:4f:c1:97:52:dd:07:50:2c:8b:ed:
83:4b:0f:7b:c0:ed:65:84:bb:7f:cf:59:0e:b7:cf:
eb:88:b0:32:7e:28:cd:47:a0:3a:05:14:42:98:82:
7e:84:90:57:e8:f5:58:a1:e2:62:11:56:b8:51:89:
37:a6:68:cf:4f:d6:77:a2:10:02:ba:46:3c:61:40:
fd:fe:88:6b:3e:a7:af:05:5c:c8:b8:3f:94:a5:f3:
18:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0E:BC:0B:EC:2E:4C:E8:96:8D:07:4C:E2:EC:12:21:65:CC:53:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A4A8CC2245C11F098A80FB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.169.0/24
154.216.176.0/24
154.216.178.0/23
154.216.183.0-154.216.184.255
154.216.187.0/24
154.216.189.0/24
154.216.191.0/24
154.219.9.0/24
Signature Algorithm: sha256WithRSAEncryption
72:cd:fe:65:3d:6f:79:fc:91:b9:88:98:9b:cb:40:f3:a6:7d:
bc:c5:d2:19:a7:76:9b:aa:ec:cd:cc:7d:a6:ad:64:43:1b:a5:
28:af:3a:3b:e5:66:8d:9d:6b:f2:23:5b:ba:83:b2:94:71:89:
7d:92:0b:0b:e5:a1:15:78:0c:34:05:3b:be:d2:83:e4:36:eb:
f6:ca:f3:aa:e7:1b:fa:b5:d1:15:e6:2a:04:6b:c9:35:d3:56:
09:cb:e8:d0:a8:a8:48:32:39:25:29:36:e3:75:8b:74:1b:b3:
52:89:e1:01:87:d7:a0:55:3e:c6:a5:56:47:d2:ef:8c:c3:32:
fe:00:5d:f6:51:bf:2b:f7:8c:2c:0d:f9:1a:85:b8:c1:47:7e:
dd:84:06:16:43:9b:1a:eb:c3:68:28:0a:43:d7:c3:1f:be:bd:
35:c2:a0:a5:74:21:90:54:02:f2:5a:ec:61:4d:f0:91:fd:59:
ff:9f:cc:3e:4c:e1:19:3e:f9:b4:68:34:fb:08:6a:b8:49:ef:
b4:da:2e:c5:6c:f3:c6:cb:22:71:64:4c:5e:3c:55:aa:c8:68:
a4:df:53:d8:b1:69:35:6f:f5:e2:e2:93:ca:80:ad:b1:f0:17:
26:a3:ba:85:39:f1:51:a1:2e:94:7d:f7:a5:4d:9f:2e:97:8d:
53:2a:b4:7f
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAXxbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTgxMzQ4WhcNMjYwNDI2MTgxMzQ4WjAYMRYw
FAYDVQQDEw02ODBmYzU2MS1kOWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqizS+S9o+kogGo2YVrOhgKb8Bs9O5Tt7LzYiXO8H3eSVvA7oae4ndQvh
lAq9z0dWlOveOoNk98uvCU4FeduAcLKW0wO6xl5nFONcr8OM91yAh50sle3PIfaB
OmTQraR9PNKz3CdlPbLev9tMToJJFpsjvyWsfZSguwcrwwRGKbOZtBlstCAby1ew
fZUhSsQKFYYcL8xdlFwJb9cdxXoJVrv+uV1D+FzSBE/Bl1LdB1Asi+2DSw97wO1l
hLt/z1kOt8/riLAyfijNR6A6BRRCmIJ+hJBX6PVYoeJiEVa4UYk3pmjPT9Z3ohAC
ukY8YUD9/ohrPqevBVzIuD+UpfMYtwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFF8O
vAvsLkzolo0HTOLsEiFlzFMNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QTRBOENDMjI0NUMxMUYwOThBODBGQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmtipAwQAmtiwAwQBmtiy
MAwDBACa2LcDBACa2LgDBACa2LsDBACa2L0DBACa2L8DBACa2wkwDQYJKoZIhvcN
AQELBQADggEBAHLN/mU9b3n8kbmImJvLQPOmfbzF0hmndpuq7M3MfaatZEMbpSiv
OjvlZo2da/IjW7qDspRxiX2SCwvloRV4DDQFO77Sg+Q26/bK86rnG/q10RXmKgRr
yTXTVgnL6NCoqEgyOSUpNuN1i3Qbs1KJ4QGH16BVPsalVkfS74zDMv4AXfZRvyv3
jCwN+RqFuMFHft2EBhZDmxrrw2goCkPXwx++vTXCoKV0IZBUAvJa7GFN8JH9Wf+f
zD5M4Rk++bRoNPsIarhJ77TaLsVs88bLInFkTF48VarIaKTfU9ixaTVv9eLik8qA
rbHwFyajuoU58VGhLpR996VNny6XjVMqtH8=
-----END CERTIFICATE-----
Generated at Fri May 9 15:25:24 2025 by rpki-client