Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB1677C02FB111F09A069C90DAE4EC9C.roa
File: BB1677C02FB111F09A069C90DAE4EC9C.roa (raw, json)
Hash identifier: 4aWsxLsGMGvHoG+B/FW5r/y0sqgUdmq4rJ39OmuyLCg=
Subject key identifier: F0:D4:06:C0:FE:B0:3A:A7:92:6E:EA:13:8F:3C:D8:C2:0A:23:56:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018048
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB1677C02FB111F09A069C90DAE4EC9C.roa
Signing time: Tue 13 May 2025 04:21:25 +0000
ROA not before: Tue 13 May 2025 04:21:20 +0000
ROA not after: Mon 02 Jun 2025 04:21:20 +0000
asID: 153706
IP address blocks: 154.193.208.0/24 maxlen: 24
154.193.209.0/24 maxlen: 24
154.193.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 16 May 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98376 (0x18048)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 13 04:21:20 2025 GMT
Not After : Jun 2 04:21:20 2025 GMT
Subject: CN=6822c8c5-ebf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c0:28:9d:c3:ee:80:37:b8:93:9e:ca:b4:bd:
95:76:a1:0e:b7:0d:27:27:cc:3e:30:eb:84:4c:25:
5f:35:5b:fa:58:bc:67:b3:9e:f0:5e:1e:05:89:7c:
12:56:24:eb:e2:4a:ed:5c:e8:bd:2b:76:48:fc:1b:
08:b4:54:96:1d:72:79:2a:40:7d:3d:10:b7:d9:6a:
76:2a:e6:4d:d8:70:f2:cf:c8:f5:15:e8:47:af:aa:
ab:fc:c0:0d:e2:ec:b3:09:40:95:79:70:fb:0c:8e:
e1:bf:cb:44:67:df:a2:ea:8d:b6:a1:47:fa:49:ea:
cb:fd:11:38:a0:cf:4d:be:b7:e5:b7:2d:fe:cb:f3:
42:f9:1c:90:86:14:04:7c:52:8b:4c:20:93:45:b0:
d3:c4:0f:5d:bc:23:cf:2d:74:c8:bb:7f:6b:fe:31:
c1:e6:68:5b:9f:bc:23:a2:9c:62:4f:2d:b5:6e:a7:
f5:27:df:af:8c:1d:e0:7a:e6:52:00:a7:71:ee:d2:
f8:c0:23:e0:08:8c:e4:68:57:fb:39:d8:dc:93:0b:
8d:3b:76:b0:87:fa:11:7c:ba:f0:f2:e6:56:a1:e4:
63:ec:ca:ee:47:16:1f:9a:92:f0:fc:5d:8a:73:b1:
72:e8:38:c5:ea:f4:66:15:51:bc:bf:00:2b:d2:a5:
d8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D4:06:C0:FE:B0:3A:A7:92:6E:EA:13:8F:3C:D8:C2:0A:23:56:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB1677C02FB111F09A069C90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.208.0-154.193.210.255
Signature Algorithm: sha256WithRSAEncryption
5f:ce:ae:6b:40:34:aa:ac:f2:69:53:8d:a2:37:ca:5a:da:c2:
f1:cd:5b:cc:85:b1:38:ea:bc:27:c0:26:68:e4:59:5b:b0:0e:
8a:f5:a0:ad:2b:72:22:1a:d9:01:c7:b0:ae:24:c7:54:2f:b2:
42:a7:a2:82:21:22:b0:93:d4:c1:aa:60:0b:e3:00:3b:3f:b2:
5c:33:6c:c5:37:87:67:1e:ef:04:c4:6d:00:f9:7d:20:b8:64:
a9:29:7b:54:db:2a:04:b7:4a:dc:7a:a5:2f:fc:e8:a4:c8:57:
10:08:d1:4b:28:1e:a7:eb:af:13:2f:47:13:c5:48:73:82:54:
d1:95:8d:36:c7:24:cc:77:92:a9:d6:ff:2c:af:a7:27:b5:eb:
01:70:b6:32:be:2e:10:fa:9f:2d:da:05:fd:f2:4f:b8:8f:e9:
f3:0f:61:da:d2:09:59:40:1a:e4:0e:14:ef:99:5c:09:81:db:
82:1d:b4:44:36:f3:7f:8a:2f:32:13:bd:1f:f0:74:5e:04:89:
f0:a2:0f:6c:35:e5:99:52:30:18:a8:cc:b4:52:6b:3a:e9:fe:
aa:54:cb:54:c5:9a:29:4b:55:03:83:ab:02:c4:67:4e:25:05:
15:83:3e:aa:63:45:56:3a:de:25:54:72:4b:0a:60:55:2c:a9:
22:af:f7:17
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYBIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEzMDQyMTIwWhcNMjUwNjAyMDQyMTIwWjAYMRYw
FAYDVQQDEw02ODIyYzhjNS1lYmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1MAoncPugDe4k57KtL2VdqEOtw0nJ8w+MOuETCVfNVv6WLxns57wXh4F
iXwSViTr4krtXOi9K3ZI/BsItFSWHXJ5KkB9PRC32Wp2KuZN2HDyz8j1FehHr6qr
/MAN4uyzCUCVeXD7DI7hv8tEZ9+i6o22oUf6SerL/RE4oM9Nvrflty3+y/NC+RyQ
hhQEfFKLTCCTRbDTxA9dvCPPLXTIu39r/jHB5mhbn7wjopxiTy21bqf1J9+vjB3g
euZSAKdx7tL4wCPgCIzkaFf7OdjckwuNO3awh/oRfLrw8uZWoeRj7MruRxYfmpLw
/F2Kc7Fy6DjF6vRmFVG8vwAr0qXYcwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPDU
BsD+sDqnkm7qE4882MIKI1ZXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjE2NzdDMDJGQjExMUYwOUEwNjlDOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASawdADBACawdIwDQYJ
KoZIhvcNAQELBQADggEBAF/OrmtANKqs8mlTjaI3ylrawvHNW8yFsTjqvCfAJmjk
WVuwDor1oK0rciIa2QHHsK4kx1QvskKnooIhIrCT1MGqYAvjADs/slwzbMU3h2ce
7wTEbQD5fSC4ZKkpe1TbKgS3Stx6pS/86KTIVxAI0UsoHqfrrxMvRxPFSHOCVNGV
jTbHJMx3kqnW/yyvpye16wFwtjK+LhD6ny3aBf3yT7iP6fMPYdrSCVlAGuQOFO+Z
XAmB24IdtEQ283+KLzITvR/wdF4EifCiD2w15ZlSMBiozLRSazrp/qpUy1TFmilL
VQODqwLEZ04lBRWDPqpjRVY63iVUcksKYFUsqSKv9xc=
-----END CERTIFICATE-----
Generated at Wed May 14 18:52:37 2025 by rpki-client