Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B3F61B8268F11F0B0C861F0DAE4EC9C.roa
File: 8B3F61B8268F11F0B0C861F0DAE4EC9C.roa (raw, json)
Hash identifier: IMfdq1fxp3c1KiLWsVO4TYAeKoBDtFVuoJ4yPnhUnjA=
Subject key identifier: 78:6D:55:A7:D2:D0:C2:55:49:BA:DC:CD:7A:41:35:D9:7F:B5:92:94
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E0A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B3F61B8268F11F0B0C861F0DAE4EC9C.roa
Signing time: Thu 01 May 2025 13:24:01 +0000
ROA not before: Thu 01 May 2025 13:23:54 +0000
ROA not after: Fri 28 Apr 2028 13:23:54 +0000
asID: 17561
IP address blocks: 154.84.106.0/24 maxlen: 24
154.84.107.0/24 maxlen: 24
154.84.108.0/24 maxlen: 24
154.84.109.0/24 maxlen: 24
154.84.110.0/24 maxlen: 24
154.84.111.0/24 maxlen: 24
154.84.112.0/24 maxlen: 24
154.84.113.0/24 maxlen: 24
154.84.114.0/24 maxlen: 24
154.84.115.0/24 maxlen: 24
154.84.116.0/24 maxlen: 24
154.84.117.0/24 maxlen: 24
154.84.118.0/24 maxlen: 24
154.84.119.0/24 maxlen: 24
154.84.120.0/24 maxlen: 24
154.84.121.0/24 maxlen: 24
154.84.122.0/24 maxlen: 24
154.84.123.0/24 maxlen: 24
154.84.124.0/24 maxlen: 24
154.84.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97802 (0x17e0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 13:23:54 2025 GMT
Not After : Apr 28 13:23:54 2028 GMT
Subject: CN=681375f1-2dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fb:f0:90:35:ba:94:e1:64:50:98:a5:f2:99:
e1:95:17:7b:99:f8:7c:81:87:b1:5e:4e:ff:b5:b0:
83:d7:6e:5b:db:9f:60:87:db:75:7c:ec:ba:24:7e:
eb:5a:f6:10:5a:dc:51:f9:f8:a1:c0:3f:25:7e:bd:
28:bb:d7:0d:46:92:0b:d7:d9:59:9c:d6:10:b7:2d:
df:fe:10:d9:51:54:74:33:4b:84:48:78:70:e8:aa:
cc:e7:7f:c7:68:97:a1:a9:a0:80:bf:f9:3e:5d:09:
b1:8b:b8:01:c1:7b:77:36:7b:67:17:6a:f3:df:94:
4a:5e:c6:a1:36:78:61:a0:ab:d1:b0:a0:12:c9:75:
2e:b8:27:f7:56:f7:4a:97:bd:3d:bd:af:bb:42:ec:
3c:3f:4c:87:7f:84:06:2f:94:d3:c6:69:df:b6:16:
f6:3b:6b:eb:f0:46:33:10:2f:f9:0d:6d:05:c6:e9:
88:e9:87:3c:7a:7d:80:6f:79:49:d3:ad:2c:7b:5b:
ad:53:88:d7:fe:8f:a8:3c:66:63:57:25:ce:bc:ee:
d8:2d:15:fa:d5:e7:93:3c:f1:bc:b0:2f:e2:17:9e:
03:53:59:01:7a:74:e6:76:e8:8c:4d:19:f5:4f:21:
b8:b6:c6:90:cc:80:66:dd:07:7d:10:cd:fd:01:79:
d8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6D:55:A7:D2:D0:C2:55:49:BA:DC:CD:7A:41:35:D9:7F:B5:92:94
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B3F61B8268F11F0B0C861F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.106.0-154.84.125.255
Signature Algorithm: sha256WithRSAEncryption
aa:4e:48:30:ef:e9:bb:7e:9c:cb:ac:7f:89:f0:29:02:1e:3c:
b2:ba:cd:a7:7a:ed:7e:0e:25:6d:8c:24:da:d0:d9:66:20:a2:
74:bf:e1:b9:eb:62:57:52:67:3a:18:3a:9a:8d:f3:f2:44:4b:
19:61:fe:09:45:4a:96:56:dc:0d:03:05:f7:a0:b2:96:f0:9f:
7f:36:3c:fd:94:79:60:fe:1f:d7:ff:f4:75:64:b4:15:e8:0d:
54:88:08:73:90:b7:31:19:42:da:6e:c4:b3:be:13:43:2f:f4:
ce:6b:a0:b2:31:5b:ef:ae:86:af:a2:5b:ff:3b:d7:fa:82:71:
ea:05:f6:ea:dd:49:59:d9:0b:0b:ab:b2:01:74:b0:06:45:0e:
f2:6e:c6:0c:de:a6:b3:0a:db:23:db:53:57:28:1f:7b:52:e8:
6c:3c:ca:e9:bc:3b:66:d4:09:44:a9:e6:ee:25:fa:45:c8:d9:
7d:1d:c3:70:5b:30:28:84:64:8d:d8:66:55:2a:aa:76:e7:e5:
a2:f9:7b:33:0c:05:c2:8d:11:63:27:f4:b7:6f:05:57:d8:3a:
c0:fd:d5:21:9c:0f:c6:4b:62:4f:d7:e7:be:97:8f:d2:4f:df:
c5:bc:4c:19:8e:41:60:56:7e:72:43:4d:40:a9:8d:a5:6f:87:
21:e5:b7:d4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAX4KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTMyMzU0WhcNMjgwNDI4MTMyMzU0WjAYMRYw
FAYDVQQDEw02ODEzNzVmMS0yZGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1/vwkDW6lOFkUJil8pnhlRd7mfh8gYexXk7/tbCD125b259gh9t1fOy6
JH7rWvYQWtxR+fihwD8lfr0ou9cNRpIL19lZnNYQty3f/hDZUVR0M0uESHhw6KrM
53/HaJehqaCAv/k+XQmxi7gBwXt3NntnF2rz35RKXsahNnhhoKvRsKASyXUuuCf3
VvdKl709va+7Quw8P0yHf4QGL5TTxmnfthb2O2vr8EYzEC/5DW0FxumI6Yc8en2A
b3lJ060se1utU4jX/o+oPGZjVyXOvO7YLRX61eeTPPG8sC/iF54DU1kBenTmduiM
TRn1TyG4tsaQzIBm3Qd9EM39AXnY+QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHht
VafS0MJVSbrczXpBNdl/tZKUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjNGNjFCODI2OEYxMUYwQjBDODYxRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaVGoDBAGaVHwwDQYJ
KoZIhvcNAQELBQADggEBAKpOSDDv6bt+nMusf4nwKQIePLK6zad67X4OJW2MJNrQ
2WYgonS/4bnrYldSZzoYOpqN8/JESxlh/glFSpZW3A0DBfegspbwn382PP2UeWD+
H9f/9HVktBXoDVSICHOQtzEZQtpuxLO+E0Mv9M5roLIxW++uhq+iW/871/qCceoF
9urdSVnZCwursgF0sAZFDvJuxgzeprMK2yPbU1coH3tS6Gw8yum8O2bUCUSp5u4l
+kXI2X0dw3BbMCiEZI3YZlUqqnbn5aL5ezMMBcKNEWMn9LdvBVfYOsD91SGcD8ZL
Yk/X576Xj9JP38W8TBmOQWBWfnJDTUCpjaVvhyHlt9Q=
-----END CERTIFICATE-----
Generated at Sun May 11 15:35:46 2025 by rpki-client