Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C07DDEB0273C11F0AC41EF7CDAE4EC9C.roa
File: C07DDEB0273C11F0AC41EF7CDAE4EC9C.roa (raw, json)
Hash identifier: +g1nv7GtvewqYWh2dW2WhDrrX/TOkfNuO8yay/dnsaA=
Subject key identifier: 94:3B:F0:8E:35:17:A0:81:7A:44:09:5D:B6:C5:E8:63:54:D8:4D:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E6C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C07DDEB0273C11F0AC41EF7CDAE4EC9C.roa
Signing time: Fri 02 May 2025 10:03:53 +0000
ROA not before: Fri 02 May 2025 10:03:49 +0000
ROA not after: Sun 15 Jun 2025 10:03:49 +0000
asID: 396356
IP address blocks: 154.93.8.0/21 maxlen: 24
154.95.48.0/22 maxlen: 24
154.95.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 13:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97900 (0x17e6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 10:03:49 2025 GMT
Not After : Jun 15 10:03:49 2025 GMT
Subject: CN=68149889-c5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a6:ad:bd:8f:9c:3b:d8:a3:d1:89:8a:69:95:
34:6c:7a:86:d2:80:19:d2:c5:78:2e:11:9c:50:a8:
ac:1b:34:d5:cd:9c:06:ef:73:53:67:8f:e9:af:67:
f7:74:98:fc:64:ab:f3:93:7a:f1:0e:62:3d:02:85:
b4:d5:86:f8:43:0f:04:6b:f7:1f:31:5e:62:44:62:
d2:12:b5:2a:37:e7:20:55:4b:0e:66:af:a0:17:80:
c3:b9:9d:df:db:3e:75:32:52:28:f3:8e:36:4d:88:
00:e3:73:62:17:45:da:3b:97:64:ea:9b:66:75:80:
ec:e8:61:bf:be:b8:38:3d:4b:83:fc:a8:57:07:a5:
b1:26:70:49:c2:ae:cc:bd:c6:2e:af:1c:74:57:9b:
47:25:ec:7e:92:9b:39:8c:3c:e7:68:46:68:44:e9:
21:e2:1c:c9:7e:73:af:f2:6e:33:b0:dd:ad:fb:97:
5a:4f:bd:44:c9:34:5e:3c:39:29:3e:8b:05:5d:52:
f5:38:4b:33:11:02:e1:6c:10:ae:43:83:16:f9:03:
ec:9d:49:8c:08:98:84:82:f3:d0:e4:92:6a:55:89:
0b:ed:62:c0:cf:88:07:6d:9b:20:e6:a7:e8:af:e3:
7b:f7:4f:5d:bd:35:f4:24:98:fb:14:21:c1:a6:f9:
8f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3B:F0:8E:35:17:A0:81:7A:44:09:5D:B6:C5:E8:63:54:D8:4D:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C07DDEB0273C11F0AC41EF7CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.8.0/21
154.95.48.0-154.95.52.255
Signature Algorithm: sha256WithRSAEncryption
92:60:86:78:e6:c0:83:bc:7a:93:16:79:d1:f6:fc:b3:ac:ba:
a1:84:d4:f4:ab:f2:b2:da:d8:b6:78:c8:d4:4c:4e:7b:48:64:
b9:72:1e:8e:7f:8b:c1:c5:bf:ea:d8:a1:f3:c7:3d:db:b1:db:
ec:96:b1:46:d2:50:01:90:84:12:2f:de:93:0b:fa:ba:28:b0:
dc:a1:58:15:7a:ed:6b:14:51:33:f0:2d:4d:1c:d3:79:30:8b:
bd:11:1e:0a:d6:82:6f:57:82:48:d1:60:ee:47:bf:0e:17:ff:
7a:df:8d:36:77:d3:cb:53:b2:f9:d9:2c:b1:09:9c:65:8f:2b:
1d:f7:4a:99:99:ae:8e:28:3f:06:d1:f4:c1:5b:fc:fc:31:fe:
32:a8:94:c8:71:a4:b8:20:22:6e:fb:cf:86:47:af:05:31:72:
e7:cb:31:32:99:aa:8b:ad:5e:3d:a6:25:21:d8:63:65:f9:8c:
86:dd:cf:41:bd:fc:b8:93:79:03:20:7f:c0:4b:14:08:00:97:
46:99:99:d6:73:c8:23:be:1d:44:56:71:6b:12:d4:5e:39:f1:
25:31:25:c4:ce:76:51:ab:13:9f:1e:89:6c:02:d1:c4:33:69:
3c:82:1e:61:5e:b0:b3:aa:d1:b6:4f:1e:94:43:c6:36:9d:92:
38:5d:6f:ef
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAX5sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAyMTAwMzQ5WhcNMjUwNjE1MTAwMzQ5WjAYMRYw
FAYDVQQDEw02ODE0OTg4OS1jNWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq6atvY+cO9ij0YmKaZU0bHqG0oAZ0sV4LhGcUKisGzTVzZwG73NTZ4/p
r2f3dJj8ZKvzk3rxDmI9AoW01Yb4Qw8Ea/cfMV5iRGLSErUqN+cgVUsOZq+gF4DD
uZ3f2z51MlIo8442TYgA43NiF0XaO5dk6ptmdYDs6GG/vrg4PUuD/KhXB6WxJnBJ
wq7MvcYurxx0V5tHJex+kps5jDznaEZoROkh4hzJfnOv8m4zsN2t+5daT71EyTRe
PDkpPosFXVL1OEszEQLhbBCuQ4MW+QPsnUmMCJiEgvPQ5JJqVYkL7WLAz4gHbZsg
5qfor+N7909dvTX0JJj7FCHBpvmPUQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJQ7
8I41F6CBekQJXbbF6GNU2E2uMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMDdEREVCMDI3M0MxMUYwQUM0MUVGN0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDml0IMAwDBASaXzADBACa
XzQwDQYJKoZIhvcNAQELBQADggEBAJJghnjmwIO8epMWedH2/LOsuqGE1PSr8rLa
2LZ4yNRMTntIZLlyHo5/i8HFv+rYofPHPdux2+yWsUbSUAGQhBIv3pML+roosNyh
WBV67WsUUTPwLU0c03kwi70RHgrWgm9XgkjRYO5Hvw4X/3rfjTZ308tTsvnZLLEJ
nGWPKx33SpmZro4oPwbR9MFb/Pwx/jKolMhxpLggIm77z4ZHrwUxcufLMTKZqout
Xj2mJSHYY2X5jIbdz0G9/LiTeQMgf8BLFAgAl0aZmdZzyCO+HURWcWsS1F458SUx
JcTOdlGrE58eiWwC0cQzaTyCHmFesLOq0bZPHpRDxjadkjhdb+8=
-----END CERTIFICATE-----
Generated at Fri May 9 02:26:16 2025 by rpki-client