Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76849FDC11F811F09DF4B25E762E951A.roa
File: 76849FDC11F811F09DF4B25E762E951A.roa (raw, json)
Hash identifier: H9rBze9F+rDyXZcFdkw1VzrYeJvZmUKVBHOfJ1iYKIQ=
Subject key identifier: FA:B8:1C:D5:C8:72:F0:80:BD:D2:B7:F6:DC:66:B0:1C:25:69:66:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76849FDC11F811F09DF4B25E762E951A.roa
Signing time: Sat 05 Apr 2025 08:32:09 +0000
ROA not before: Sat 05 Apr 2025 08:32:03 +0000
ROA not after: Sat 10 May 2025 08:32:03 +0000
asID: 203020
IP address blocks: 154.217.5.0/24 maxlen: 24
154.217.6.0/24 maxlen: 24
154.217.7.0/24 maxlen: 24
154.217.8.0/24 maxlen: 24
154.217.9.0/24 maxlen: 24
154.217.10.0/24 maxlen: 24
154.217.11.0/24 maxlen: 24
154.217.12.0/24 maxlen: 24
154.217.13.0/24 maxlen: 24
154.217.14.0/24 maxlen: 24
154.217.15.0/24 maxlen: 24
154.217.21.0/24 maxlen: 24
154.217.22.0/24 maxlen: 24
154.217.23.0/24 maxlen: 24
154.217.24.0/23 maxlen: 24
154.217.26.0/23 maxlen: 24
154.217.28.0/24 maxlen: 24
154.217.29.0/24 maxlen: 24
154.217.30.0/24 maxlen: 24
154.217.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96216 (0x177d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 5 08:32:03 2025 GMT
Not After : May 10 08:32:03 2025 GMT
Subject: CN=67f0ea89-39b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:20:99:02:fa:da:02:e9:aa:4a:95:6f:44:
ae:15:04:fa:e7:b2:37:4d:b5:8b:68:24:0a:e4:dd:
03:b7:bc:1c:86:54:e1:0f:d9:a9:33:03:9b:3b:66:
6c:70:c7:92:45:a2:ad:76:47:ab:bf:51:a8:57:26:
4f:42:55:7c:70:b0:6a:5d:fa:23:ba:75:c2:f3:27:
ec:72:11:b6:2d:48:78:b7:e6:8c:d5:40:e9:86:0f:
43:a5:d9:d1:a8:c6:d9:ce:56:0c:cd:da:9b:49:4c:
fd:d7:9d:36:96:65:10:bb:87:cc:30:2e:8f:4a:0a:
17:a8:a7:a4:d5:ae:01:e3:59:4b:40:cb:3e:ba:f9:
fb:38:46:71:fd:db:93:9f:54:72:0f:4f:ee:19:63:
a1:1a:63:6b:f2:ef:14:6a:7d:93:17:3c:7e:73:f9:
bb:20:9b:f1:ee:ac:0f:ec:6f:cf:05:c4:e0:13:c8:
52:92:e7:63:7b:72:e7:c3:ec:79:89:2e:2e:12:76:
b2:ca:3e:81:59:e5:83:d7:a3:a6:cf:5e:fc:e1:60:
4f:e9:e6:8a:c5:06:2f:a6:fa:b6:9c:35:b1:96:f7:
54:9b:b1:0c:48:f3:51:bd:2f:8c:8a:7b:92:e1:25:
4c:e3:ad:43:fe:4c:9d:2f:ab:03:81:da:32:54:e5:
d9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B8:1C:D5:C8:72:F0:80:BD:D2:B7:F6:DC:66:B0:1C:25:69:66:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76849FDC11F811F09DF4B25E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.5.0-154.217.15.255
154.217.21.0-154.217.31.255
Signature Algorithm: sha256WithRSAEncryption
d4:c4:5c:7c:76:e5:b3:22:fa:d6:f0:bf:bc:5e:70:16:4d:91:
f7:7e:d5:0f:d3:3e:d4:4d:1d:96:d4:ca:75:ab:00:c6:92:1b:
ac:15:c5:e9:19:be:1d:ed:79:f1:7e:0f:a7:a1:35:f3:7d:e1:
db:91:af:9f:fd:68:a0:c3:f6:8b:b5:19:66:7e:45:79:60:88:
9c:77:26:7c:44:4e:e4:a3:fb:21:6e:d2:55:1a:3f:fd:90:6e:
6f:dc:66:68:de:17:95:9a:91:2a:4c:21:d0:39:77:27:4f:74:
a9:5a:a1:1c:e1:d2:6e:c9:6e:67:3e:54:8a:8b:49:f9:74:01:
7f:e4:e9:4a:cc:6a:10:91:5f:17:ec:32:b2:2b:0c:3a:fc:cb:
33:51:a4:d6:a9:59:a6:d7:49:fa:74:91:7d:60:61:19:18:ce:
44:36:38:77:23:92:bf:33:0c:5c:06:ae:82:a1:73:47:c1:b0:
03:8e:f6:c2:21:43:83:69:e4:bb:5f:f5:d1:3c:be:9a:1b:db:
e4:06:cd:00:f3:b2:8d:c6:7d:be:dc:44:f5:7c:bb:d6:35:dc:
9a:9a:9b:50:fe:34:27:98:76:26:bc:55:a4:27:42:f5:42:97:
9e:3f:02:31:97:ef:d9:99:e6:10:bc:05:71:8b:7a:59:36:ef:
90:2c:dc:15
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAXfYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA1MDgzMjAzWhcNMjUwNTEwMDgzMjAzWjAYMRYw
FAYDVQQDEw02N2YwZWE4OS0zOWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlIEgmQL62gLpqkqVb0SuFQT657I3TbWLaCQK5N0Dt7wchlThD9mpMwOb
O2ZscMeSRaKtdkerv1GoVyZPQlV8cLBqXfojunXC8yfschG2LUh4t+aM1UDphg9D
pdnRqMbZzlYMzdqbSUz91502lmUQu4fMMC6PSgoXqKek1a4B41lLQMs+uvn7OEZx
/duTn1RyD0/uGWOhGmNr8u8Uan2TFzx+c/m7IJvx7qwP7G/PBcTgE8hSkudje3Ln
w+x5iS4uEnayyj6BWeWD16Omz1784WBP6eaKxQYvpvq2nDWxlvdUm7EMSPNRvS+M
inuS4SVM461D/kydL6sDgdoyVOXZZQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFPq4
HNXIcvCAvdK39txmsBwlaWaoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83Njg0OUZEQzExRjgxMUYwOURGNEIyNUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBACa2QUDBASa2QAwDAME
AJrZFQMEBZrZADANBgkqhkiG9w0BAQsFAAOCAQEA1MRcfHblsyL61vC/vF5wFk2R
937VD9M+1E0dltTKdasAxpIbrBXF6Rm+He158X4Pp6E1833h25Gvn/1ooMP2i7UZ
Zn5FeWCInHcmfERO5KP7IW7SVRo//ZBub9xmaN4XlZqRKkwh0Dl3J090qVqhHOHS
bsluZz5UiotJ+XQBf+TpSsxqEJFfF+wysisMOvzLM1Gk1qlZptdJ+nSRfWBhGRjO
RDY4dyOSvzMMXAaugqFzR8GwA472wiFDg2nku1/10Ty+mhvb5AbNAPOyjcZ9vtxE
9Xy71jXcmpqbUP40J5h2JrxVpCdC9UKXnj8CMZfv2ZnmELwFcYt6WTbvkCzcFQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:42 2025 by rpki-client