Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F480BFDE2F2011F0A45BBCC4DAE4EC9C.roa
File: F480BFDE2F2011F0A45BBCC4DAE4EC9C.roa (raw, json)
Hash identifier: cnGFhMMCntc46luDnuGDIVjYjr7H32vQ/utg2MEtDvQ=
Subject key identifier: 8D:59:97:6C:F4:32:10:D8:E7:CA:A6:18:00:AC:BE:D4:2C:67:57:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017FE1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F480BFDE2F2011F0A45BBCC4DAE4EC9C.roa
Signing time: Mon 12 May 2025 11:05:04 +0000
ROA not before: Mon 12 May 2025 11:04:59 +0000
ROA not after: Sun 08 Jun 2025 11:04:59 +0000
asID: 45194
IP address blocks: 154.84.192.0/24 maxlen: 24
154.84.193.0/24 maxlen: 24
154.84.194.0/24 maxlen: 24
154.84.195.0/24 maxlen: 24
154.84.196.0/24 maxlen: 24
154.84.197.0/24 maxlen: 24
154.84.198.0/24 maxlen: 24
154.84.199.0/24 maxlen: 24
154.84.200.0/24 maxlen: 24
154.84.201.0/24 maxlen: 24
154.84.202.0/24 maxlen: 24
154.84.203.0/24 maxlen: 24
154.84.204.0/24 maxlen: 24
154.84.205.0/24 maxlen: 24
154.84.206.0/24 maxlen: 24
154.84.208.0/24 maxlen: 24
154.84.211.0/24 maxlen: 24
154.84.242.0/24 maxlen: 24
154.84.247.0/24 maxlen: 24
154.84.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 04:21:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98273 (0x17fe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 12 11:04:59 2025 GMT
Not After : Jun 8 11:04:59 2025 GMT
Subject: CN=6821d5e0-f2b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:db:7a:25:bb:6f:25:51:41:7d:13:a8:4f:
22:de:e7:23:d5:e3:13:60:0b:cd:c6:58:d3:e0:8f:
df:26:fa:e7:e1:14:0a:ff:d0:55:c0:e9:7a:2d:eb:
65:09:7d:61:1a:ff:13:e1:3f:06:79:6a:8a:c6:64:
7b:00:ab:b1:3e:ce:2a:cc:3b:10:3c:7f:83:eb:d0:
38:15:47:ff:e2:4f:78:c7:5d:bd:d3:7e:bf:6c:fd:
41:3f:38:4f:4e:37:84:30:24:6a:f2:33:ea:c1:08:
9d:b3:98:8e:ec:d0:5b:e9:48:e8:2d:9b:06:36:b9:
6d:20:75:e8:77:f6:8e:df:79:8f:3b:4e:3f:e6:c8:
90:2f:3d:59:33:6a:c5:b6:62:7c:c7:3f:f3:79:18:
6f:ad:93:01:3d:fd:20:46:2f:b3:65:3f:66:94:42:
aa:38:56:2f:cb:9c:87:5a:13:c2:d8:ac:62:fd:29:
1e:51:2f:eb:14:34:73:be:c7:10:b8:4a:ee:ae:f3:
4f:0c:51:f9:fc:65:eb:f9:bf:8a:33:99:b9:a1:fc:
fb:e4:a8:89:99:f3:67:7b:8a:6e:6b:71:ce:1d:d6:
74:5f:3d:88:f5:17:a2:62:1c:02:31:7d:66:a1:73:
3a:f3:d0:23:40:78:e0:53:1e:d6:ce:dd:a7:38:ae:
59:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:59:97:6C:F4:32:10:D8:E7:CA:A6:18:00:AC:BE:D4:2C:67:57:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F480BFDE2F2011F0A45BBCC4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.192.0-154.84.206.255
154.84.208.0/24
154.84.211.0/24
154.84.242.0/24
154.84.247.0-154.84.248.255
Signature Algorithm: sha256WithRSAEncryption
c8:eb:58:26:15:10:75:4b:52:a2:8f:70:9c:b1:a4:1d:8e:a1:
01:b7:b1:eb:c7:72:6a:1a:e5:3a:f3:5e:f9:fa:9d:f7:e3:72:
98:a2:6c:26:71:e4:c5:b8:fd:88:20:cd:4b:cf:8a:48:77:59:
e3:c9:c2:54:7d:43:ec:bf:27:90:45:f0:b3:9b:0f:d7:6f:5d:
05:03:2a:fb:cf:6a:dd:92:66:3c:60:f2:75:08:6e:2e:9b:79:
3a:cb:04:ad:03:5c:7e:52:5d:72:83:8f:1b:26:cb:74:c6:be:
9e:80:bc:29:3e:6a:4a:81:dd:04:28:80:c2:1a:a2:4c:95:42:
1e:74:12:cd:b8:b0:eb:67:a7:4e:f1:3c:da:48:92:08:f1:3e:
cb:22:cb:6c:dc:eb:53:80:68:60:6c:c5:8e:61:a0:f7:62:09:
5e:d8:04:0e:56:88:84:6d:99:fc:2f:45:3a:0f:61:fd:e1:a4:
3f:32:4b:fb:d6:f9:f6:d3:76:af:09:2e:c5:6a:96:c4:57:86:
55:d6:68:f0:b3:ee:9e:8d:c9:f9:07:31:eb:30:80:10:20:ac:
78:d7:bc:02:ae:1f:8a:79:46:08:7c:11:1e:21:ab:cb:e9:17:
2c:32:e9:ad:b2:18:42:11:fb:83:79:81:f9:46:41:5e:5b:b4:
64:16:d2:59
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAX/hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTEyMTEwNDU5WhcNMjUwNjA4MTEwNDU5WjAYMRYw
FAYDVQQDEw02ODIxZDVlMC1mMmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqa/beiW7byVRQX0TqE8i3ucj1eMTYAvNxljT4I/fJvrn4RQK/9BVwOl6
LetlCX1hGv8T4T8GeWqKxmR7AKuxPs4qzDsQPH+D69A4FUf/4k94x129036/bP1B
PzhPTjeEMCRq8jPqwQids5iO7NBb6UjoLZsGNrltIHXod/aO33mPO04/5siQLz1Z
M2rFtmJ8xz/zeRhvrZMBPf0gRi+zZT9mlEKqOFYvy5yHWhPC2Kxi/SkeUS/rFDRz
vscQuErurvNPDFH5/GXr+b+KM5m5ofz75KiJmfNne4pua3HOHdZ0Xz2I9ReiYhwC
MX1moXM689AjQHjgUx7Wzt2nOK5ZqQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFI1Z
l2z0MhDY58qmGACsvtQsZ1fUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNDgwQkZERTJGMjAxMUYwQTQ1QkJDQzREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAaaVMADBACaVM4DBACa
VNADBACaVNMDBACaVPIwDAMEAJpU9wMEAJpU+DANBgkqhkiG9w0BAQsFAAOCAQEA
yOtYJhUQdUtSoo9wnLGkHY6hAbex68dyahrlOvNe+fqd9+NymKJsJnHkxbj9iCDN
S8+KSHdZ48nCVH1D7L8nkEXws5sP129dBQMq+89q3ZJmPGDydQhuLpt5OssErQNc
flJdcoOPGybLdMa+noC8KT5qSoHdBCiAwhqiTJVCHnQSzbiw62enTvE82kiSCPE+
yyLLbNzrU4BoYGzFjmGg92IJXtgEDlaIhG2Z/C9FOg9h/eGkPzJL+9b59tN2rwku
xWqWxFeGVdZo8LPuno3J+Qcx6zCAECCseNe8Aq4finlGCHwRHiGry+kXLDLprbIY
QhH7g3mB+UZBXlu0ZBbSWQ==
-----END CERTIFICATE-----
Generated at Tue May 13 09:38:31 2025 by rpki-client