Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0314B042F1A11F0940F9C9CDAE4EC9C.roa
File: D0314B042F1A11F0940F9C9CDAE4EC9C.roa (raw, json)
Hash identifier: EnODUuocl8NEead7sOG1jHnENSrFX6ZL70TAPqc1d1U=
Subject key identifier: C0:E3:BE:55:7E:D0:1F:21:2F:19:41:A4:DB:C6:02:AF:E7:FA:E6:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FD7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0314B042F1A11F0940F9C9CDAE4EC9C.roa
Signing time: Mon 12 May 2025 10:21:06 +0000
ROA not before: Mon 12 May 2025 10:21:01 +0000
ROA not after: Thu 24 Jul 2025 10:21:01 +0000
asID: 135097
IP address blocks: 154.212.164.0/22 maxlen: 24
154.212.168.0/21 maxlen: 24
154.212.176.0/20 maxlen: 24
154.212.192.0/18 maxlen: 24
154.213.8.0/21 maxlen: 24
154.213.80.0/20 maxlen: 24
154.216.4.0/22 maxlen: 24
154.216.8.0/21 maxlen: 24
154.220.4.0/22 maxlen: 24
154.220.8.0/21 maxlen: 24
154.220.16.0/20 maxlen: 24
154.220.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 17 May 2025 09:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98263 (0x17fd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 10:21:01 2025 GMT
Not After : Jul 24 10:21:01 2025 GMT
Subject: CN=6821cb92-e5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d5:ee:26:48:1d:e1:4d:74:24:f8:d9:12:fd:
fa:98:de:20:36:bc:17:95:d1:8a:08:b0:a6:00:81:
8d:15:f1:35:38:f5:1a:a5:5e:51:12:00:c3:e3:57:
95:23:b0:62:d3:17:fd:9e:76:65:ef:29:d0:d7:fd:
0d:c7:97:b1:bb:7e:35:9b:90:e0:3a:9d:d7:3f:4d:
0c:a2:46:e0:14:20:ff:46:08:23:db:07:a2:f1:d0:
fd:33:ff:c5:bd:96:aa:32:6a:92:10:42:d0:34:6d:
8a:81:0f:ad:b8:6e:ac:bf:6a:a7:d6:f3:29:55:51:
36:d3:00:65:78:00:91:c3:3f:b4:27:43:04:1d:e9:
ec:58:bb:47:ae:15:03:c4:5c:43:d1:9b:5e:29:77:
b4:81:41:96:b6:88:b8:f3:cb:87:cf:35:69:78:d9:
73:47:5d:93:4b:82:e4:c7:cb:af:73:06:c6:5f:63:
77:ce:4f:d8:03:0d:ff:4a:25:d4:b7:f2:93:33:e7:
b4:7c:1c:cd:29:7d:bb:fb:db:05:46:cc:7e:43:99:
a5:e0:4c:01:d3:bf:32:07:4d:24:e2:10:42:af:38:
31:23:15:70:ae:87:8d:36:b6:3c:e6:b8:f0:0d:67:
7f:07:97:c0:bc:db:ed:34:b9:c3:af:64:59:89:44:
c8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E3:BE:55:7E:D0:1F:21:2F:19:41:A4:DB:C6:02:AF:E7:FA:E6:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0314B042F1A11F0940F9C9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.164.0-154.212.255.255
154.213.8.0/21
154.213.80.0/20
154.216.4.0-154.216.15.255
154.220.4.0-154.220.31.255
154.220.64.0/18
Signature Algorithm: sha256WithRSAEncryption
84:92:7e:29:b3:e3:fd:e2:7b:0a:65:07:43:d2:30:1b:d7:58:
f7:7b:63:bc:74:90:13:f0:8c:d1:92:00:f0:8d:4b:2d:aa:de:
7f:24:ed:2f:97:71:2e:ad:65:c7:ee:b5:a3:01:2d:3f:7d:8b:
81:41:d4:43:ae:ec:e2:4f:de:50:7b:75:ab:46:13:5c:57:1f:
bb:94:02:43:31:40:68:84:ed:a4:27:6b:1f:7d:77:b9:1f:41:
8d:f8:2c:fa:c7:c3:3a:d2:59:ab:3a:03:da:21:0d:34:96:48:
b3:51:b0:a7:f9:bc:9f:42:e2:79:21:c1:2a:8f:4b:b7:9b:91:
4a:28:67:6d:cf:b5:b9:b4:db:2e:7b:7d:10:ee:0a:c4:cc:73:
86:11:78:9f:6e:fd:6b:15:96:a1:f7:df:aa:dd:c2:d4:32:08:
6a:10:27:57:0e:c4:3b:46:70:7c:2d:3e:09:77:0c:95:89:a6:
da:a9:3e:de:5a:c0:41:37:ed:e4:1c:5f:a4:80:87:91:aa:da:
53:0b:68:a8:eb:83:30:69:07:17:86:e9:d1:2b:76:c6:92:ec:
42:ed:8c:3e:1c:b6:c6:7e:56:1a:92:95:1f:40:26:f5:94:3d:
d0:66:9d:e2:25:8b:d0:bd:1c:1f:84:10:4b:53:f4:e4:1c:6e:
3b:19:26:97
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAX/XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTAyMTAxWhcNMjUwNzI0MTAyMTAxWjAYMRYw
FAYDVQQDEw02ODIxY2I5Mi1lNWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3tXuJkgd4U10JPjZEv36mN4gNrwXldGKCLCmAIGNFfE1OPUapV5REgDD
41eVI7Bi0xf9nnZl7ynQ1/0Nx5exu341m5DgOp3XP00MokbgFCD/Rggj2wei8dD9
M//FvZaqMmqSEELQNG2KgQ+tuG6sv2qn1vMpVVE20wBleACRwz+0J0MEHensWLtH
rhUDxFxD0ZteKXe0gUGWtoi488uHzzVpeNlzR12TS4Lkx8uvcwbGX2N3zk/YAw3/
SiXUt/KTM+e0fBzNKX27+9sFRsx+Q5ml4EwB078yB00k4hBCrzgxIxVwroeNNrY8
5rjwDWd/B5fAvNvtNLnDr2RZiUTI6wIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFMDj
vlV+0B8hLxlBpNvGAq/n+uYQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDMxNEIwNDJGMUExMUYwOTQwRjlDOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7MAsDBAKa1KQDAwCa1AMEA5rV
CAMEBJrVUDAMAwQCmtgEAwQEmtgAMAwDBAKa3AQDBAWa3AADBAaa3EAwDQYJKoZI
hvcNAQELBQADggEBAISSfimz4/3iewplB0PSMBvXWPd7Y7x0kBPwjNGSAPCNSy2q
3n8k7S+XcS6tZcfutaMBLT99i4FB1EOu7OJP3lB7datGE1xXH7uUAkMxQGiE7aQn
ax99d7kfQY34LPrHwzrSWas6A9ohDTSWSLNRsKf5vJ9C4nkhwSqPS7ebkUooZ23P
tbm02y57fRDuCsTMc4YReJ9u/WsVlqH336rdwtQyCGoQJ1cOxDtGcHwtPgl3DJWJ
ptqpPt5awEE37eQcX6SAh5Gq2lMLaKjrgzBpBxeG6dErdsaS7ELtjD4ctsZ+VhqS
lR9AJvWUPdBmneIli9C9HB+EEEtT9OQcbjsZJpc=
-----END CERTIFICATE-----
Generated at Thu May 15 23:44:54 2025 by rpki-client