Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C420C9D4297A11F09D579680DAE4EC9C.roa
File: C420C9D4297A11F09D579680DAE4EC9C.roa (raw, json)
Hash identifier: xXuozkPZRE+Hbbs3ro5WtzlzchVZ23ijfQON+FCeTrQ=
Subject key identifier: C0:6B:C4:30:9A:EA:B2:49:6E:E3:71:92:22:17:60:5A:62:1E:DF:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017ED7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C420C9D4297A11F09D579680DAE4EC9C.roa
Signing time: Mon 05 May 2025 06:32:51 +0000
ROA not before: Mon 05 May 2025 06:32:46 +0000
ROA not after: Mon 19 May 2025 06:32:46 +0000
asID: 54801
IP address blocks: 154.200.241.0/24 maxlen: 24
154.200.242.0/24 maxlen: 24
154.200.248.0/23 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/22 maxlen: 24
154.201.40.0/23 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98007 (0x17ed7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 5 06:32:46 2025 GMT
Not After : May 19 06:32:46 2025 GMT
Subject: CN=68185b92-52ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6d:1d:ce:bd:7f:63:63:75:91:e4:f7:98:b6:
3f:41:41:3f:9c:75:b7:19:33:2f:5b:a4:9b:aa:b9:
d7:28:de:7a:54:ee:6d:b2:94:94:fb:d8:1d:d7:14:
91:ed:b7:da:36:b3:ea:4d:18:ee:73:2e:95:c7:8b:
64:38:8b:66:bb:e6:a6:66:68:98:a0:0c:af:da:bf:
6c:94:11:51:1b:ab:2b:36:9e:0c:c6:7d:d9:c1:3e:
bd:62:80:c7:48:15:13:43:20:8b:ad:e4:1b:d7:65:
ea:e6:ab:24:f0:67:d5:1d:4b:ea:a3:92:1a:7a:c9:
87:f1:01:e7:0d:07:84:5f:ba:30:9e:7b:db:23:e4:
50:aa:0c:c7:75:d1:0f:45:36:f8:aa:dd:21:d7:58:
f3:80:7c:2f:19:ee:7b:bf:e2:e9:4a:e1:5f:80:e9:
a2:2a:57:9b:dc:ab:e2:03:dc:7d:0d:53:ab:13:4c:
32:8b:97:ce:2f:a9:99:13:81:9e:71:66:3a:d6:85:
60:86:a8:76:a6:d7:ab:dc:fd:45:d6:45:81:04:01:
46:e7:7b:51:c0:28:5f:af:74:af:85:b8:b0:b6:06:
82:2d:09:8b:d1:34:b8:f8:70:1f:93:2b:46:75:50:
ec:61:93:4e:00:e7:19:6a:58:f2:6b:40:2f:3c:1f:
f1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6B:C4:30:9A:EA:B2:49:6E:E3:71:92:22:17:60:5A:62:1E:DF:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C420C9D4297A11F09D579680DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.241.0-154.200.242.255
154.200.248.0/23
154.201.7.0-154.201.11.255
154.201.40.0/23
154.213.211.0-154.213.212.255
154.222.77.0-154.222.78.255
Signature Algorithm: sha256WithRSAEncryption
40:b0:70:d1:69:ef:7c:6e:bd:12:6e:26:70:2d:06:53:4d:81:
a6:e9:8f:fa:a6:d8:ca:ed:dd:6b:20:93:c0:dd:45:6a:82:aa:
52:a9:a2:65:50:9a:e3:e1:39:ce:ba:6a:a9:93:a0:db:f3:9e:
dc:57:7c:2e:6e:61:5a:67:0d:f6:55:28:b6:ec:e4:f6:d1:8b:
cf:2d:dc:54:43:89:de:29:22:9f:73:38:76:ce:bc:04:db:43:
76:1c:60:80:a0:83:24:aa:e3:7d:fc:ae:b9:f6:0c:fc:7b:08:
3d:ca:72:d9:2f:6e:18:0b:3f:b2:e0:b5:a7:35:10:ab:20:4c:
f4:30:34:80:4b:7b:64:97:b9:ec:7f:80:d1:f7:ee:f9:e4:f2:
7a:7a:ff:71:ab:ab:16:1e:cd:e8:27:b3:17:01:cc:d7:34:3e:
e7:5b:25:9c:fc:23:5b:b5:21:84:1f:84:b7:8f:b4:bd:52:52:
64:15:33:4c:9a:ec:91:9d:a8:aa:4a:4e:03:4f:07:43:b1:ea:
1f:62:8e:d4:4b:b9:d0:d7:7e:bb:4c:e0:8d:04:9e:2e:20:39:
28:fd:48:9d:10:c5:7e:bf:bc:d2:f1:27:d4:0b:2a:b8:c5:24:
3e:3d:04:7b:53:91:e4:ad:ec:e3:65:e4:6b:cd:7a:5d:70:5d:
97:4d:6d:04
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIDAX7XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA1MDYzMjQ2WhcNMjUwNTE5MDYzMjQ2WjAYMRYw
FAYDVQQDEw02ODE4NWI5Mi01MmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs20dzr1/Y2N1keT3mLY/QUE/nHW3GTMvW6SbqrnXKN56VO5tspSU+9gd
1xSR7bfaNrPqTRjucy6Vx4tkOItmu+amZmiYoAyv2r9slBFRG6srNp4Mxn3ZwT69
YoDHSBUTQyCLreQb12Xq5qsk8GfVHUvqo5IaesmH8QHnDQeEX7ownnvbI+RQqgzH
ddEPRTb4qt0h11jzgHwvGe57v+LpSuFfgOmiKleb3KviA9x9DVOrE0wyi5fOL6mZ
E4GecWY61oVghqh2pter3P1F1kWBBAFG53tRwChfr3SvhbiwtgaCLQmL0TS4+HAf
kytGdVDsYZNOAOcZaljya0AvPB/xSQIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFMBr
xDCa6rJJbuNxkiIXYFpiHt+SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDIwQzlENDI5N0ExMUYwOUQ1Nzk2ODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACayPEDBACayPIDBAGa
yPgwDAMEAJrJBwMEAprJCAMEAZrJKDAMAwQAmtXTAwQAmtXUMAwDBACa3k0DBACa
3k4wDQYJKoZIhvcNAQELBQADggEBAECwcNFp73xuvRJuJnAtBlNNgabpj/qm2Mrt
3Wsgk8DdRWqCqlKpomVQmuPhOc66aqmToNvzntxXfC5uYVpnDfZVKLbs5PbRi88t
3FRDid4pIp9zOHbOvATbQ3YcYICggySq4338rrn2DPx7CD3KctkvbhgLP7Lgtac1
EKsgTPQwNIBLe2SXuex/gNH37vnk8np6/3GrqxYezegnsxcBzNc0PudbJZz8I1u1
IYQfhLePtL1SUmQVM0ya7JGdqKpKTgNPB0Ox6h9ijtRLudDXfrtM4I0Eni4gOSj9
SJ0QxX6/vNLxJ9QLKrjFJD49BHtTkeSt7ONl5GvNel1wXZdNbQQ=
-----END CERTIFICATE-----
Generated at Thu May 15 23:45:52 2025 by rpki-client