Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70FC47A01A1211F09A1506086EB8BCC6.roa
File: 70FC47A01A1211F09A1506086EB8BCC6.roa (raw, json)
Hash identifier: qcNTaJpPuojfqPG9qB1syNrVxBx1i7T08z4Z3o1qRN8=
Subject key identifier: 19:75:02:CE:85:6E:94:BB:34:8A:84:85:D2:4A:82:C5:E5:02:CA:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017955
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70FC47A01A1211F09A1506086EB8BCC6.roa
Signing time: Tue 15 Apr 2025 15:58:16 +0000
ROA not before: Tue 15 Apr 2025 15:58:11 +0000
ROA not after: Thu 17 Jul 2025 15:58:11 +0000
asID: 135377
IP address blocks: 154.202.65.0/24 maxlen: 24
154.202.66.0/23 maxlen: 24
154.202.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96597 (0x17955)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 15:58:11 2025 GMT
Not After : Jul 17 15:58:11 2025 GMT
Subject: CN=67fe8218-a233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a9:5a:01:99:33:da:7c:d5:83:ef:4e:7b:d7:
cd:97:aa:ee:90:15:f4:07:00:3c:2a:e9:54:d0:ee:
99:6d:f1:8d:33:71:1f:6c:b8:72:c9:0a:95:82:1c:
cf:08:25:e2:e0:48:bd:05:d4:ea:6e:d9:a6:f0:da:
0a:1d:c2:23:c2:43:f3:18:c3:f9:cc:ef:90:de:22:
90:32:72:c9:7a:79:54:da:5f:5d:14:0f:5a:ca:c4:
2b:64:06:53:73:f4:29:71:ad:32:3c:49:f7:62:9d:
aa:77:49:aa:87:b9:55:56:7e:be:b3:f8:0c:b8:28:
13:34:1a:70:7b:b0:22:c8:68:83:aa:25:3e:6f:55:
c0:2e:c9:25:18:d8:57:dc:4e:6c:cf:26:c3:a5:1e:
7c:73:24:91:f4:2d:66:58:2e:fd:e3:71:2f:84:34:
9c:aa:fc:de:ca:1f:05:73:7b:ff:2f:33:71:df:4e:
43:44:ba:64:5b:14:da:f7:1f:fb:38:1b:8e:cb:38:
3d:5a:80:cd:87:92:82:de:35:7c:fb:63:e5:f3:c2:
89:0b:33:2b:48:1b:b7:0f:bc:83:f5:67:fc:25:94:
be:a5:74:f3:96:a1:da:85:f5:00:92:81:bf:b3:10:
90:87:91:a2:0b:fa:f8:3e:d8:26:89:40:97:0d:7d:
4d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:75:02:CE:85:6E:94:BB:34:8A:84:85:D2:4A:82:C5:E5:02:CA:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70FC47A01A1211F09A1506086EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.65.0-154.202.68.255
Signature Algorithm: sha256WithRSAEncryption
62:04:e1:93:a1:c1:7e:98:30:a2:79:82:4a:37:9a:af:69:30:
41:2f:4c:ff:96:a4:9e:6b:54:18:8e:fd:78:67:07:d0:39:58:
0a:3e:d6:0e:cd:45:6c:bf:7f:c7:66:ec:7e:30:2a:13:e4:95:
f7:96:18:cc:93:13:e0:5d:48:07:1a:be:38:d5:27:f7:c5:17:
4d:0f:47:8f:6a:f6:10:8c:17:02:04:59:23:db:85:7f:70:0a:
48:81:1c:11:42:c3:7d:b7:fe:46:98:1e:39:8e:97:b5:0d:b2:
17:84:31:51:f0:27:85:4b:35:a6:7c:e3:0c:07:c3:b4:3e:a5:
de:ea:70:26:d1:12:96:03:29:3e:4e:bd:e6:14:39:2d:2f:61:
3e:74:3f:f8:07:bd:51:91:d0:85:38:81:f9:9d:ec:00:6e:88:
27:28:ab:99:87:b5:4c:3e:18:19:a8:3e:81:9c:86:3f:2d:b6:
5a:23:51:b5:d3:32:11:1d:28:8e:ad:24:bb:2a:f5:88:b2:aa:
0e:7f:a8:c8:54:f8:b9:71:21:37:f1:a2:2c:55:c8:6c:18:3b:
fd:fb:6f:a8:47:c3:ae:07:30:0e:c0:80:ad:e5:62:7a:34:a0:
53:52:ff:5f:fd:dc:89:87:5d:4d:a3:b6:98:35:9b:0f:12:37:
cf:8a:8e:23
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXlVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE1MTU1ODExWhcNMjUwNzE3MTU1ODExWjAYMRYw
FAYDVQQDEw02N2ZlODIxOC1hMjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA06laAZkz2nzVg+9Oe9fNl6rukBX0BwA8KulU0O6ZbfGNM3EfbLhyyQqV
ghzPCCXi4Ei9BdTqbtmm8NoKHcIjwkPzGMP5zO+Q3iKQMnLJenlU2l9dFA9aysQr
ZAZTc/Qpca0yPEn3Yp2qd0mqh7lVVn6+s/gMuCgTNBpwe7AiyGiDqiU+b1XALskl
GNhX3E5szybDpR58cySR9C1mWC7943EvhDScqvzeyh8Fc3v/LzNx305DRLpkWxTa
9x/7OBuOyzg9WoDNh5KC3jV8+2Pl88KJCzMrSBu3D7yD9Wf8JZS+pXTzlqHahfUA
koG/sxCQh5GiC/r4PtgmiUCXDX1NwwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBl1
As6FbpS7NIqEhdJKgsXlAsopMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MEZDNDdBMDFBMTIxMUYwOUExNTA2MDg2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaykEDBACaykQwDQYJ
KoZIhvcNAQELBQADggEBAGIE4ZOhwX6YMKJ5gko3mq9pMEEvTP+WpJ5rVBiO/Xhn
B9A5WAo+1g7NRWy/f8dm7H4wKhPklfeWGMyTE+BdSAcavjjVJ/fFF00PR49q9hCM
FwIEWSPbhX9wCkiBHBFCw323/kaYHjmOl7UNsheEMVHwJ4VLNaZ84wwHw7Q+pd7q
cCbREpYDKT5OveYUOS0vYT50P/gHvVGR0IU4gfmd7ABuiCcoq5mHtUw+GBmoPoGc
hj8ttlojUbXTMhEdKI6tJLsq9Yiyqg5/qMhU+LlxITfxoixVyGwYO/37b6hHw64H
MA7AgK3lYno0oFNS/1/93ImHXU2jtpg1mw8SN8+KjiM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:11:37 2025 by rpki-client