Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2133DCC261B11F084FDA1E1DAE4EC9C.roa
File: D2133DCC261B11F084FDA1E1DAE4EC9C.roa (raw, json)
Hash identifier: HdEC3ygQ6CHtKR+1vAETzjI2jb8y2g+S4dnnH5U5w4c=
Subject key identifier: 2C:B8:47:4D:DC:A5:34:76:23:3C:20:90:21:B5:53:52:2F:54:B2:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D9F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2133DCC261B11F084FDA1E1DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 23:35:38 +0000
ROA not before: Wed 30 Apr 2025 23:35:33 +0000
ROA not after: Fri 14 Apr 2028 23:35:33 +0000
asID: 17561
IP address blocks: 154.85.165.0/24 maxlen: 24
154.85.166.0/24 maxlen: 24
154.85.167.0/24 maxlen: 24
154.85.168.0/24 maxlen: 24
154.85.169.0/24 maxlen: 24
154.85.170.0/24 maxlen: 24
154.85.171.0/24 maxlen: 24
154.85.172.0/24 maxlen: 24
154.85.173.0/24 maxlen: 24
154.85.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 11 May 2025 00:06:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97695 (0x17d9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 23:35:33 2025 GMT
Not After : Apr 14 23:35:33 2028 GMT
Subject: CN=6812b3ca-eee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:8f:b1:a1:c7:96:f6:fb:40:0c:1b:96:d5:
94:0c:40:3f:3b:ee:c8:2e:ca:91:de:33:b8:9a:db:
d1:03:f1:8d:37:ec:9a:f3:40:85:9f:38:42:30:bf:
29:5f:1b:33:ec:ba:5a:94:83:93:bf:f1:66:c3:3c:
32:14:05:a9:60:1b:b0:53:11:aa:cb:85:c6:88:70:
6d:c8:75:94:a4:49:81:f6:0e:23:4d:3f:f7:23:dd:
d8:25:1b:ad:7d:e2:e9:f1:ea:32:57:b9:a7:ae:6c:
5d:33:98:5d:81:2d:35:64:56:19:af:73:92:e6:9c:
28:f0:7a:82:22:79:a1:f9:7d:6c:da:75:ae:99:f6:
c9:e1:0d:9e:65:fa:d4:30:e0:9d:16:6e:42:e3:47:
9d:43:15:e3:42:a5:29:9d:9e:17:67:88:15:c4:08:
3c:1f:4e:d3:30:e4:9c:e5:97:a6:c6:22:3c:7d:54:
f9:82:c3:51:d8:38:b6:4d:c8:fc:31:2f:8b:22:b8:
3d:72:e6:92:26:26:7c:33:6e:75:91:17:4e:35:bc:
7e:c2:9f:ae:7e:84:0f:d3:3a:31:bc:ff:fc:19:5e:
10:9e:56:12:70:45:ce:e9:8f:f4:3b:0f:2b:4a:19:
4e:2e:64:02:ab:89:75:2e:91:ff:10:33:d4:0d:92:
34:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B8:47:4D:DC:A5:34:76:23:3C:20:90:21:B5:53:52:2F:54:B2:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2133DCC261B11F084FDA1E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.165.0-154.85.174.255
Signature Algorithm: sha256WithRSAEncryption
b9:6a:b1:bb:96:7b:1d:80:6c:38:e8:4a:ee:b8:85:55:bb:8c:
2c:be:2f:2a:2d:52:e5:96:91:1b:29:0c:e5:70:77:a9:2b:01:
70:5f:d8:93:74:02:56:9d:c7:52:da:4a:f3:3d:f7:d9:61:fb:
cc:36:1b:2e:95:b3:21:f1:b0:ac:43:1b:3a:7d:ec:40:41:cc:
4c:ff:28:e9:0b:53:5c:36:10:60:4f:6d:a5:03:f6:08:9a:25:
76:71:a3:bb:1c:95:86:07:fb:c2:f1:3f:f1:44:d8:2f:e8:61:
4a:d2:b7:73:e9:57:97:da:21:03:17:73:e5:a2:70:75:be:5f:
d6:c8:de:1e:09:5c:f7:4a:c4:ce:ec:89:b8:a8:e6:71:ae:da:
1c:66:bb:0b:75:71:ce:72:88:0b:06:82:49:1c:a1:d3:a8:0c:
eb:28:28:37:4b:25:89:60:1d:a3:26:1e:3c:14:8b:6a:49:c7:
54:39:eb:fc:40:42:3b:68:d0:96:ad:bc:37:60:3a:8e:5c:44:
25:f3:a5:65:9f:82:7f:71:ca:8a:8a:7f:09:ba:15:9c:9d:c0:
2f:98:b0:9c:13:1f:18:ed:93:2b:71:13:f9:f6:79:2c:9a:03:
ec:c0:69:9d:bc:a2:e0:ad:4e:75:e8:c8:dd:f8:b5:f5:37:46:
a1:7b:6c:9c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAX2fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMjMzNTMzWhcNMjgwNDE0MjMzNTMzWjAYMRYw
FAYDVQQDEw02ODEyYjNjYS1lZWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtv6PsaHHlvb7QAwbltWUDEA/O+7ILsqR3jO4mtvRA/GNN+ya80CFnzhC
ML8pXxsz7LpalIOTv/FmwzwyFAWpYBuwUxGqy4XGiHBtyHWUpEmB9g4jTT/3I93Y
JRutfeLp8eoyV7mnrmxdM5hdgS01ZFYZr3OS5pwo8HqCInmh+X1s2nWumfbJ4Q2e
ZfrUMOCdFm5C40edQxXjQqUpnZ4XZ4gVxAg8H07TMOSc5ZemxiI8fVT5gsNR2Di2
Tcj8MS+LIrg9cuaSJiZ8M251kRdONbx+wp+ufoQP0zoxvP/8GV4QnlYScEXO6Y/0
Ow8rShlOLmQCq4l1LpH/EDPUDZI0aQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCy4
R03cpTR2IzwgkCG1U1IvVLJXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjEzM0RDQzI2MUIxMUYwODRGREExRTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaVaUDBACaVa4wDQYJ
KoZIhvcNAQELBQADggEBALlqsbuWex2AbDjoSu64hVW7jCy+LyotUuWWkRspDOVw
d6krAXBf2JN0Aladx1LaSvM999lh+8w2Gy6VsyHxsKxDGzp97EBBzEz/KOkLU1w2
EGBPbaUD9giaJXZxo7sclYYH+8LxP/FE2C/oYUrSt3PpV5faIQMXc+WicHW+X9bI
3h4JXPdKxM7sibio5nGu2hxmuwt1cc5yiAsGgkkcodOoDOsoKDdLJYlgHaMmHjwU
i2pJx1Q56/xAQjto0JatvDdgOo5cRCXzpWWfgn9xyoqKfwm6FZydwC+YsJwTHxjt
kytxE/n2eSyaA+zAaZ28ouCtTnXoyN34tfU3RqF7bJw=
-----END CERTIFICATE-----
Generated at Fri May 9 06:49:52 2025 by rpki-client