Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9D2E544269F11F0BCEC66DCDAE4EC9C.roa
File: B9D2E544269F11F0BCEC66DCDAE4EC9C.roa (raw, json)
Hash identifier: HWJvY5cUQ2CnnaNsQU/F5lM8uUYuD63iLYTruCEfqVA=
Subject key identifier: 7C:6C:A0:AD:40:75:B0:BC:F7:10:8D:CA:00:01:05:B3:8A:FC:7F:B7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E28
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9D2E544269F11F0BCEC66DCDAE4EC9C.roa
Signing time: Thu 01 May 2025 15:19:51 +0000
ROA not before: Thu 01 May 2025 15:19:46 +0000
ROA not after: Fri 28 Apr 2028 15:19:46 +0000
asID: 17561
IP address blocks: 154.95.214.0/24 maxlen: 24
154.95.215.0/24 maxlen: 24
154.95.216.0/24 maxlen: 24
154.95.217.0/24 maxlen: 24
154.95.218.0/24 maxlen: 24
154.95.219.0/24 maxlen: 24
154.95.220.0/24 maxlen: 24
154.95.221.0/24 maxlen: 24
154.95.222.0/24 maxlen: 24
154.95.223.0/24 maxlen: 24
154.95.224.0/24 maxlen: 24
154.95.225.0/24 maxlen: 24
154.95.226.0/24 maxlen: 24
154.95.227.0/24 maxlen: 24
154.95.228.0/24 maxlen: 24
154.95.229.0/24 maxlen: 24
154.95.230.0/24 maxlen: 24
154.95.231.0/24 maxlen: 24
154.95.232.0/24 maxlen: 24
154.95.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97832 (0x17e28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 15:19:46 2025 GMT
Not After : Apr 28 15:19:46 2028 GMT
Subject: CN=68139117-03a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cc:19:38:33:ba:fa:d7:90:c5:0c:5a:31:86:
17:12:27:c4:11:c0:53:bb:79:7a:74:fc:e8:cb:20:
de:5f:36:77:b5:9e:a6:5c:28:3c:97:d6:ab:63:bd:
5c:ce:bf:2f:53:dd:31:87:2e:20:65:4f:a1:a0:c4:
e9:7e:d4:79:8f:dd:21:e7:a3:81:ab:cd:b6:bb:58:
44:f7:4a:9b:d2:65:e2:59:d8:41:b8:dd:bf:e6:ca:
fd:27:c8:bc:41:3f:ca:23:43:8b:1b:85:91:a5:b2:
11:a0:9a:0a:77:6a:3d:37:db:54:1f:27:85:fa:37:
4f:bf:1b:f8:8b:9a:45:b6:83:b4:36:c4:5d:20:89:
b2:8d:3c:89:7d:b3:9e:e2:68:7d:dc:19:43:62:5d:
02:3a:1a:26:94:9b:1b:b1:85:10:6e:df:aa:56:65:
7d:1d:80:06:a9:31:db:3c:04:25:6a:8a:5c:2c:37:
77:e5:55:70:36:c5:d8:a4:ae:99:1b:0b:cd:3a:df:
47:79:6d:cf:ef:a5:d8:75:04:ae:5b:b0:2e:0d:f2:
74:b0:3c:ab:88:e7:ed:21:e5:2b:ee:bc:d2:f4:41:
47:7b:5b:91:14:4a:b6:d8:64:0c:b6:76:4e:0b:d8:
c6:40:f2:86:ab:ca:0b:3c:ea:81:90:60:0b:89:0e:
31:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6C:A0:AD:40:75:B0:BC:F7:10:8D:CA:00:01:05:B3:8A:FC:7F:B7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9D2E544269F11F0BCEC66DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.214.0-154.95.233.255
Signature Algorithm: sha256WithRSAEncryption
20:d8:0c:25:e9:9d:9d:44:ca:a1:ce:0b:fa:e9:ba:e3:c0:35:
db:60:d9:7b:d1:e8:ae:a0:51:51:fa:1c:57:ea:69:12:86:d3:
a5:63:36:c9:31:c4:69:7c:63:73:bd:81:a6:6a:82:47:ca:0f:
a9:f9:6b:6d:8b:04:51:0d:9a:af:f1:58:48:38:e9:f5:0f:5c:
91:b7:fa:e3:62:e6:e4:a1:62:da:de:ef:3e:9d:5f:44:86:8a:
56:5c:38:9d:17:81:0c:6d:ce:c1:23:c7:a8:96:98:89:fe:b4:
55:03:94:c4:45:a1:0a:86:ef:63:af:03:29:3f:a6:97:75:b2:
c9:9c:3d:c1:7f:0b:e6:ed:5f:a1:22:67:4d:92:73:63:92:23:
3a:20:94:4d:9b:5c:4a:f7:c3:9b:ce:3d:3e:fa:06:e2:01:0e:
92:bc:0d:c9:eb:c0:27:92:80:1a:e3:a3:ac:b7:d2:f4:9d:e3:
76:7a:35:b6:18:1a:b3:08:63:e9:7b:62:fe:c8:51:f8:75:f5:
0f:07:e2:44:4c:8a:a4:e0:27:f7:6c:43:d7:f2:58:a7:d8:36:
0c:55:f1:25:fa:42:c1:38:1c:ec:2c:94:76:2c:11:bb:3c:98:
8d:94:bd:b2:c7:23:ca:18:24:c3:cf:44:fc:64:a5:4c:e4:05:
75:a2:b6:0c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAX4oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTUxOTQ2WhcNMjgwNDI4MTUxOTQ2WjAYMRYw
FAYDVQQDEw02ODEzOTExNy0wM2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0MwZODO6+teQxQxaMYYXEifEEcBTu3l6dPzoyyDeXzZ3tZ6mXCg8l9ar
Y71czr8vU90xhy4gZU+hoMTpftR5j90h56OBq822u1hE90qb0mXiWdhBuN2/5sr9
J8i8QT/KI0OLG4WRpbIRoJoKd2o9N9tUHyeF+jdPvxv4i5pFtoO0NsRdIImyjTyJ
fbOe4mh93BlDYl0COhomlJsbsYUQbt+qVmV9HYAGqTHbPAQlaopcLDd35VVwNsXY
pK6ZGwvNOt9HeW3P76XYdQSuW7AuDfJ0sDyriOftIeUr7rzS9EFHe1uRFEq22GQM
tnZOC9jGQPKGq8oLPOqBkGALiQ4xowIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHxs
oK1AdbC89xCNygABBbOK/H+3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUQyRTU0NDI2OUYxMUYwQkNFQzY2RENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaX9YDBAGaX+gwDQYJ
KoZIhvcNAQELBQADggEBACDYDCXpnZ1EyqHOC/rpuuPANdtg2XvR6K6gUVH6HFfq
aRKG06VjNskxxGl8Y3O9gaZqgkfKD6n5a22LBFENmq/xWEg46fUPXJG3+uNi5uSh
Ytre7z6dX0SGilZcOJ0XgQxtzsEjx6iWmIn+tFUDlMRFoQqG72OvAyk/ppd1ssmc
PcF/C+btX6EiZ02Sc2OSIzoglE2bXEr3w5vOPT76BuIBDpK8DcnrwCeSgBrjo6y3
0vSd43Z6NbYYGrMIY+l7Yv7IUfh19Q8H4kRMiqTgJ/dsQ9fyWKfYNgxV8SX6QsE4
HOwslHYsEbs8mI2UvbLHI8oYJMPPRPxkpUzkBXWitgw=
-----END CERTIFICATE-----
Generated at Sat May 10 05:09:58 2025 by rpki-client