Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/485B0C2816AC11F0B6C8A4D56DB8BCC6.roa
File: 485B0C2816AC11F0B6C8A4D56DB8BCC6.roa (raw, json)
Hash identifier: v3SVQDPMwClbhq7uAcqN6BPpfkt5ZVqwokdNqpt8nm4=
Subject key identifier: 02:F4:09:BF:19:FE:72:B4:69:7C:CD:51:8A:7E:77:5F:0E:9A:AC:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178DB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/485B0C2816AC11F0B6C8A4D56DB8BCC6.roa
Signing time: Fri 11 Apr 2025 08:09:25 +0000
ROA not before: Fri 11 Apr 2025 08:09:21 +0000
ROA not after: Sun 22 Jun 2025 08:09:21 +0000
asID: 2914
IP address blocks: 154.214.221.0/24 maxlen: 24
154.214.223.0/24 maxlen: 24
154.214.252.0/24 maxlen: 24
154.214.253.0/24 maxlen: 24
154.214.254.0/24 maxlen: 24
154.214.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96475 (0x178db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 11 08:09:21 2025 GMT
Not After : Jun 22 08:09:21 2025 GMT
Subject: CN=67f8ce35-053e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:22:b2:32:83:ae:9d:05:74:07:a6:ec:d5:
6e:d9:17:4f:5a:3d:09:78:51:c6:a0:93:5e:45:ae:
34:db:bf:38:26:6e:9e:a4:f2:be:ec:40:52:be:e0:
20:64:4d:4f:80:8e:f6:bf:6e:ae:bd:89:c2:6a:92:
ac:76:12:b8:44:21:26:0d:eb:ac:0e:94:d8:ff:41:
63:f7:0b:1c:33:ed:d1:1b:63:46:f7:8c:c2:88:23:
34:5f:85:88:c5:17:5a:cb:22:4b:c2:79:bd:9d:4d:
02:69:57:aa:9a:c1:19:26:0f:38:05:92:a6:f2:a7:
d2:59:28:75:e9:b9:b1:76:09:10:f8:83:64:2a:da:
a6:dc:bc:ec:17:f4:ce:cc:66:29:a3:d6:2a:64:44:
c2:1a:e2:c4:cb:5e:7b:be:4f:5a:8a:24:94:a7:91:
e6:c4:38:88:96:43:44:1c:ca:54:3c:bf:70:1a:4c:
0e:1d:ec:34:32:bb:fe:d1:ca:28:4d:98:22:9d:67:
67:fe:44:44:12:17:59:ba:23:9b:95:96:17:2e:c0:
d9:0c:40:32:8a:6d:10:8d:cb:b9:77:34:53:db:e0:
0e:e3:d5:cf:6c:a6:e9:62:94:0a:bb:63:22:f9:d3:
f4:00:87:cb:fc:02:78:57:e9:50:51:bf:d7:8f:1d:
be:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F4:09:BF:19:FE:72:B4:69:7C:CD:51:8A:7E:77:5F:0E:9A:AC:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/485B0C2816AC11F0B6C8A4D56DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.221.0/24
154.214.223.0/24
154.214.252.0/22
Signature Algorithm: sha256WithRSAEncryption
56:fd:ed:42:a7:d7:45:8d:02:2a:5d:e0:eb:f8:51:ed:ae:c1:
4a:fb:bc:28:2a:30:62:40:b2:04:bd:91:c2:31:e5:20:a2:81:
40:bc:33:2f:25:57:de:9c:db:7c:21:a9:39:31:7e:39:45:09:
d8:42:b7:a9:6a:ed:1f:9e:e5:13:46:b5:de:38:9c:a7:ae:1d:
5b:bf:52:31:17:72:c0:d8:50:26:e2:d6:da:02:e0:8a:a3:3e:
31:11:2b:80:9f:95:51:58:66:fc:51:20:1f:7c:01:a5:11:56:
b8:88:8d:8c:a1:77:33:dd:cd:12:64:fe:7f:62:bf:ab:ee:75:
d9:f3:37:a2:2f:23:3e:c3:97:1e:42:15:cb:1d:88:c2:01:55:
01:73:60:22:d6:18:76:6d:7b:33:42:e7:5e:ee:b7:8c:03:0a:
1c:1d:e6:0a:4e:e1:bb:72:41:73:f5:c5:c0:64:21:5e:9a:9e:
cf:59:bc:a4:e9:05:2a:89:38:28:25:3d:a6:79:20:ea:32:17:
b8:8f:7c:b9:17:9d:bb:f4:e7:52:23:8a:02:79:6b:0b:8e:f7:
02:db:10:a4:c1:dc:88:72:1f:0e:45:b9:c4:4a:a7:34:d3:40:
56:85:94:d7:e7:0d:77:61:9b:51:b1:8d:a6:88:9d:b5:f3:80:
96:42:bb:db
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXjbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDExMDgwOTIxWhcNMjUwNjIyMDgwOTIxWjAYMRYw
FAYDVQQDEw02N2Y4Y2UzNS0wNTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGgisjKDrp0FdAem7NVu2RdPWj0JeFHGoJNeRa402784Jm6epPK+7EBS
vuAgZE1PgI72v26uvYnCapKsdhK4RCEmDeusDpTY/0Fj9wscM+3RG2NG94zCiCM0
X4WIxRdayyJLwnm9nU0CaVeqmsEZJg84BZKm8qfSWSh16bmxdgkQ+INkKtqm3Lzs
F/TOzGYpo9YqZETCGuLEy157vk9aiiSUp5HmxDiIlkNEHMpUPL9wGkwOHew0Mrv+
0cooTZginWdn/kREEhdZuiOblZYXLsDZDEAyim0Qjcu5dzRT2+AO49XPbKbpYpQK
u2Mi+dP0AIfL/AJ4V+lQUb/Xjx2+eQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFAL0
Cb8Z/nK0aXzNUYp+d18Omqz+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODVCMEMyODE2QUMxMUYwQjZDOEE0RDU2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmtbdAwQAmtbfAwQCmtb8
MA0GCSqGSIb3DQEBCwUAA4IBAQBW/e1Cp9dFjQIqXeDr+FHtrsFK+7woKjBiQLIE
vZHCMeUgooFAvDMvJVfenNt8Iak5MX45RQnYQrepau0fnuUTRrXeOJynrh1bv1Ix
F3LA2FAm4tbaAuCKoz4xESuAn5VRWGb8USAffAGlEVa4iI2MoXcz3c0SZP5/Yr+r
7nXZ8zeiLyM+w5ceQhXLHYjCAVUBc2Ai1hh2bXszQude7reMAwocHeYKTuG7ckFz
9cXAZCFemp7PWbyk6QUqiTgoJT2meSDqMhe4j3y5F5279OdSI4oCeWsLjvcC2xCk
wdyIch8ORbnESqc000BWhZTX5w13YZtRsY2miJ2184CWQrvb
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:47:40 2025 by rpki-client