Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD78A7A225B111F09096B4A9DAE4EC9C.roa
File: DD78A7A225B111F09096B4A9DAE4EC9C.roa (raw, json)
Hash identifier: T5NGC+xV39tvVdpjMxr7bYvyGnwvTMPQgfepDWtFl6I=
Subject key identifier: 9C:D4:AD:E6:B5:43:57:C6:8A:D5:13:90:DF:B1:B4:B4:4D:34:DB:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D4A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD78A7A225B111F09096B4A9DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 10:57:11 +0000
ROA not before: Wed 30 Apr 2025 10:57:04 +0000
ROA not after: Tue 25 Apr 2028 10:57:04 +0000
asID: 17561
IP address blocks: 154.207.163.0/24 maxlen: 24
154.207.165.0/24 maxlen: 24
154.207.166.0/24 maxlen: 24
154.207.168.0/24 maxlen: 24
154.207.169.0/24 maxlen: 24
154.207.170.0/24 maxlen: 24
154.207.171.0/24 maxlen: 24
154.207.173.0/24 maxlen: 24
154.207.175.0/24 maxlen: 24
154.207.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:07:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97610 (0x17d4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 10:57:04 2025 GMT
Not After : Apr 25 10:57:04 2028 GMT
Subject: CN=68120207-ff0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:94:7e:24:76:da:68:5d:bd:57:37:fa:2a:
a4:3d:b0:5e:61:88:e2:6e:4a:a8:0b:79:4e:f7:0d:
ad:8a:1a:c0:fd:8b:f3:13:f2:01:b5:06:9e:ad:2f:
98:2d:f1:25:7c:55:be:16:9f:4c:49:4b:71:32:e3:
e8:7b:69:74:59:c8:48:39:3c:13:dc:30:6b:6b:03:
e7:26:82:93:ce:36:b3:1c:d6:7c:37:b4:0d:09:a0:
ed:af:62:76:ec:5b:7f:cb:43:27:3a:2b:8a:51:bf:
83:07:7a:e2:bd:76:45:22:9e:82:8f:3d:df:58:9e:
40:c9:a9:25:6e:49:6f:2e:5d:06:3f:73:83:9e:60:
6c:c2:ff:48:d9:18:1a:6a:b7:54:45:3c:1b:0a:ed:
0b:b1:55:7a:60:f1:ab:ca:c2:e4:4a:c5:4c:92:10:
56:b5:2d:ce:99:f1:76:3e:3d:6a:3b:93:22:9e:5e:
b2:4e:f6:aa:c4:68:d1:ba:7d:b3:c0:27:01:21:62:
73:5c:68:b6:be:9c:e9:62:9f:41:83:52:10:c9:05:
55:19:42:d9:84:f7:be:12:6a:bf:9e:83:dc:93:09:
99:b3:da:65:0f:18:16:82:da:57:c4:20:80:e5:52:
2a:95:50:c0:fa:50:90:9c:be:a2:f0:98:5e:b3:3e:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D4:AD:E6:B5:43:57:C6:8A:D5:13:90:DF:B1:B4:B4:4D:34:DB:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD78A7A225B111F09096B4A9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.163.0/24
154.207.165.0-154.207.166.255
154.207.168.0/22
154.207.173.0/24
154.207.175.0/24
154.207.177.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f1:bf:ab:63:99:b8:59:c0:e1:d4:9b:0d:91:ed:0e:96:3c:
3f:7f:1a:4b:79:f8:f6:9d:e4:b0:1b:d5:d2:ee:c9:76:3a:28:
7b:85:ef:fe:fa:2e:fb:18:e2:8d:0f:8c:25:79:1e:3d:2e:eb:
c5:4f:ea:73:b9:67:ce:26:fd:d7:51:8f:63:57:2d:8a:9d:ca:
89:8a:fb:02:05:66:02:15:6d:bf:13:49:83:bf:62:b5:99:2d:
42:8d:78:06:30:89:8c:45:fd:99:74:84:3f:63:c9:e3:c4:1a:
7d:14:05:f0:30:a9:a1:15:72:f5:32:3b:ad:b6:df:06:ee:fd:
23:6f:5e:f1:16:5c:6b:6d:ac:60:89:c7:d3:ec:9a:18:bc:91:
26:0e:f6:2c:08:a9:8b:89:be:6e:cd:dc:12:34:4e:da:48:e2:
4c:a4:bd:44:a0:5c:89:c4:d7:75:ee:29:6a:4c:f7:53:c2:74:
8c:1e:01:78:bf:9e:25:3a:0c:e6:19:8a:8b:c5:ad:cd:49:83:
9d:96:4c:8f:e8:c8:ac:d4:68:89:3a:cc:20:7f:a8:89:4f:41:
f1:4e:70:ad:35:51:33:ca:7d:58:c8:46:ad:8a:1a:6e:e5:15:
a2:f9:06:ac:bc:4f:f4:00:6e:f3:d5:60:1b:35:71:6d:2f:6a:
14:af:b5:79
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAX1KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMTA1NzA0WhcNMjgwNDI1MTA1NzA0WjAYMRYw
FAYDVQQDEw02ODEyMDIwNy1mZjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr9qUfiR22mhdvVc3+iqkPbBeYYjibkqoC3lO9w2tihrA/YvzE/IBtQae
rS+YLfElfFW+Fp9MSUtxMuPoe2l0WchIOTwT3DBrawPnJoKTzjazHNZ8N7QNCaDt
r2J27Ft/y0MnOiuKUb+DB3rivXZFIp6Cjz3fWJ5AyaklbklvLl0GP3ODnmBswv9I
2RgaardURTwbCu0LsVV6YPGrysLkSsVMkhBWtS3OmfF2Pj1qO5Minl6yTvaqxGjR
un2zwCcBIWJzXGi2vpzpYp9Bg1IQyQVVGULZhPe+Emq/noPckwmZs9plDxgWgtpX
xCCA5VIqlVDA+lCQnL6i8Jhesz7GmwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFJzU
rea1Q1fGitUTkN+xtLRNNNvMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDc4QTdBMjI1QjExMUYwOTA5NkI0QTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAms+jMAwDBACaz6UDBACa
z6YDBAKaz6gDBACaz60DBACaz68DBACaz7EwDQYJKoZIhvcNAQELBQADggEBAFDx
v6tjmbhZwOHUmw2R7Q6WPD9/Gkt5+Pad5LAb1dLuyXY6KHuF7/76LvsY4o0PjCV5
Hj0u68VP6nO5Z84m/ddRj2NXLYqdyomK+wIFZgIVbb8TSYO/YrWZLUKNeAYwiYxF
/Zl0hD9jyePEGn0UBfAwqaEVcvUyO6223wbu/SNvXvEWXGttrGCJx9Psmhi8kSYO
9iwIqYuJvm7N3BI0TtpI4kykvUSgXInE13XuKWpM91PCdIweAXi/niU6DOYZiovF
rc1Jg52WTI/oyKzUaIk6zCB/qIlPQfFOcK01UTPKfVjIRq2KGm7lFaL5Bqy8T/QA
bvPVYBs1cW0vahSvtXk=
-----END CERTIFICATE-----
Generated at Sun May 11 00:45:26 2025 by rpki-client