Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA68FEDC2F2711F0924E9EF0DAE4EC9C.roa
File: AA68FEDC2F2711F0924E9EF0DAE4EC9C.roa (raw, json)
Hash identifier: KgZReLCIfyA91JogI3uUSktl/4i41INPRYnDnYlDLxc=
Subject key identifier: 09:65:50:6F:BE:22:F2:99:9D:95:59:01:13:7B:C6:0D:A9:E0:F2:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FFB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA68FEDC2F2711F0924E9EF0DAE4EC9C.roa
Signing time: Mon 12 May 2025 11:53:06 +0000
ROA not before: Mon 12 May 2025 11:53:01 +0000
ROA not after: Tue 20 May 2025 11:53:01 +0000
asID: 9009
IP address blocks: 154.218.194.0/24 maxlen: 24
154.218.205.0/24 maxlen: 24
154.218.206.0/24 maxlen: 24
154.218.214.0/24 maxlen: 24
154.218.215.0/24 maxlen: 24
154.218.222.0/24 maxlen: 24
154.218.231.0/24 maxlen: 24
154.218.239.0/24 maxlen: 24
154.218.246.0/24 maxlen: 24
154.218.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98299 (0x17ffb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 11:53:01 2025 GMT
Not After : May 20 11:53:01 2025 GMT
Subject: CN=6821e122-7c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b3:fd:18:cd:ea:bc:a5:d3:0a:7e:65:28:0e:
6d:30:b3:ae:38:30:64:f5:1b:8b:58:8b:d3:e1:c7:
ba:94:4b:d5:18:cb:59:b0:9a:af:8b:15:cd:c7:01:
49:39:83:c4:3d:7f:6b:bf:27:dd:c3:02:87:47:2d:
dc:d9:4a:39:4b:5a:05:d7:39:b2:17:38:fd:2d:b7:
46:c4:2f:ea:97:7f:64:57:23:10:07:74:e0:39:2b:
0c:ea:52:03:fd:63:c0:24:59:10:1a:7d:ec:1f:bb:
58:1b:c8:22:67:a8:b1:41:ee:d6:fc:1e:e6:7f:84:
90:0a:35:08:b8:1c:24:02:f6:af:2d:dd:89:39:ab:
98:db:87:e9:de:8d:ef:ee:ea:d9:16:d5:84:ea:a0:
3f:d7:b7:81:35:ab:01:23:1f:db:b1:8e:25:a9:10:
82:d1:9b:02:5c:4d:e2:ae:3b:ad:71:ca:f3:0d:ae:
f6:25:c6:e2:5e:0f:da:e2:50:84:24:e8:08:3f:26:
66:19:60:9c:ad:05:35:d3:84:6a:02:ee:96:7e:e7:
ab:11:64:05:92:cb:f1:aa:9f:06:5e:eb:68:2f:78:
a2:1d:f5:f9:67:55:bd:89:1c:d6:d4:cf:75:35:bc:
c6:3b:41:d1:9e:4e:28:56:bd:c3:b1:b9:24:d9:7a:
a8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:65:50:6F:BE:22:F2:99:9D:95:59:01:13:7B:C6:0D:A9:E0:F2:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA68FEDC2F2711F0924E9EF0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.194.0/24
154.218.205.0-154.218.206.255
154.218.214.0/23
154.218.222.0/24
154.218.231.0/24
154.218.239.0/24
154.218.246.0/24
154.218.253.0/24
Signature Algorithm: sha256WithRSAEncryption
12:4c:23:4d:ce:9b:e9:e0:01:c8:c1:de:5b:14:20:7e:53:1c:
fd:84:6b:1b:c7:c4:56:8f:04:1e:e9:7e:ac:5f:94:8c:c6:70:
50:c6:a8:18:93:9e:60:d7:bf:ef:5f:44:09:3a:ae:f7:7f:5b:
91:8d:42:aa:2d:43:59:ac:2b:09:c3:8c:e3:00:70:0f:e1:a5:
96:3c:37:64:32:6e:9b:9d:e2:83:10:0c:c9:50:88:95:53:16:
3a:e6:dc:35:3f:c7:66:c0:64:92:5d:22:0c:d8:59:1b:b1:df:
d5:f5:59:c3:25:2c:04:48:d7:31:5a:6f:f8:4f:1a:1d:69:7e:
ef:ab:5e:28:ca:a6:b1:69:40:6a:21:7a:83:3f:ed:a7:76:ec:
bb:a6:a0:89:80:44:39:4c:a4:e9:ff:18:2d:1a:c0:cb:e2:3f:
20:69:30:76:4b:2b:e6:b6:3f:92:0f:6a:bd:9c:1e:b8:19:0a:
79:a0:53:99:91:14:b1:ed:c7:07:ab:d8:63:5c:59:60:6f:b1:
f0:bc:8d:07:86:3f:3f:20:71:8b:46:dd:35:16:9c:82:e7:07:
f3:d8:bf:ed:da:17:5b:6a:80:b9:03:83:6a:be:71:9d:f4:80:
33:92:58:1e:77:62:ac:c2:dc:ff:43:ac:32:fc:36:4a:db:db:
e4:e4:88:33
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAX/7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTE1MzAxWhcNMjUwNTIwMTE1MzAxWjAYMRYw
FAYDVQQDEw02ODIxZTEyMi03YzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy7P9GM3qvKXTCn5lKA5tMLOuODBk9RuLWIvT4ce6lEvVGMtZsJqvixXN
xwFJOYPEPX9rvyfdwwKHRy3c2Uo5S1oF1zmyFzj9LbdGxC/ql39kVyMQB3TgOSsM
6lID/WPAJFkQGn3sH7tYG8giZ6ixQe7W/B7mf4SQCjUIuBwkAvavLd2JOauY24fp
3o3v7urZFtWE6qA/17eBNasBIx/bsY4lqRCC0ZsCXE3irjutccrzDa72JcbiXg/a
4lCEJOgIPyZmGWCcrQU104RqAu6WfuerEWQFksvxqp8GXutoL3iiHfX5Z1W9iRzW
1M91NbzGO0HRnk4oVr3Dsbkk2XqoEwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFAll
UG++IvKZnZVZARN7xg2p4PIqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTY4RkVEQzJGMjcxMUYwOTI0RTlFRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmtrCMAwDBACa2s0DBACa
2s4DBAGa2tYDBACa2t4DBACa2ucDBACa2u8DBACa2vYDBACa2v0wDQYJKoZIhvcN
AQELBQADggEBABJMI03Om+ngAcjB3lsUIH5THP2EaxvHxFaPBB7pfqxflIzGcFDG
qBiTnmDXv+9fRAk6rvd/W5GNQqotQ1msKwnDjOMAcA/hpZY8N2Qybpud4oMQDMlQ
iJVTFjrm3DU/x2bAZJJdIgzYWRux39X1WcMlLARI1zFab/hPGh1pfu+rXijKprFp
QGoheoM/7ad27LumoImARDlMpOn/GC0awMviPyBpMHZLK+a2P5IPar2cHrgZCnmg
U5mRFLHtxwer2GNcWWBvsfC8jQeGPz8gcYtG3TUWnILnB/PYv+3aF1tqgLkDg2q+
cZ30gDOSWB53YqzC3P9DrDL8Nkrb2+TkiDM=
-----END CERTIFICATE-----
Generated at Thu May 15 23:44:51 2025 by rpki-client