Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/853116B6107511F08681D8B1762E951A.roa
File: 853116B6107511F08681D8B1762E951A.roa (raw, json)
Hash identifier: u2OrQnIGwe+Z4++GVTDTR/KCInJBh/h+wLQBTqDotC8=
Subject key identifier: 09:77:BD:92:10:0B:F6:2C:3D:E0:6A:B4:B4:AE:89:AF:64:91:03:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017765
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/853116B6107511F08681D8B1762E951A.roa
Signing time: Thu 03 Apr 2025 10:22:18 +0000
ROA not before: Thu 03 Apr 2025 10:22:14 +0000
ROA not after: Tue 03 Jun 2025 10:22:14 +0000
asID: 142403
IP address blocks: 154.209.4.0/24 maxlen: 24
154.211.12.0/24 maxlen: 24
154.211.13.0/24 maxlen: 24
154.211.14.0/24 maxlen: 24
154.221.16.0/24 maxlen: 24
154.221.17.0/24 maxlen: 24
154.221.18.0/24 maxlen: 24
154.221.19.0/24 maxlen: 24
154.221.20.0/24 maxlen: 24
154.221.21.0/24 maxlen: 24
154.221.22.0/24 maxlen: 24
154.221.23.0/24 maxlen: 24
154.221.24.0/24 maxlen: 24
154.221.25.0/24 maxlen: 24
154.221.26.0/24 maxlen: 24
154.221.27.0/24 maxlen: 24
154.221.28.0/24 maxlen: 24
154.221.29.0/24 maxlen: 24
154.221.30.0/24 maxlen: 24
154.221.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96101 (0x17765)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 10:22:14 2025 GMT
Not After : Jun 3 10:22:14 2025 GMT
Subject: CN=67ee615a-1296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e0:af:86:6b:28:dd:b7:ef:eb:3c:37:45:af:
44:83:dc:67:b2:8d:b8:cd:35:ac:bf:9b:9d:d7:93:
d1:74:ce:36:2a:63:59:d3:cb:43:26:bd:41:1b:d7:
9e:2c:0f:44:a7:18:08:46:c4:b0:c1:7c:b1:69:24:
59:d9:e3:c5:50:bb:52:a4:cc:0e:01:1a:2d:f2:a4:
00:24:4d:c0:b5:9f:8c:ea:0e:c9:f1:c5:85:cf:02:
0b:89:c2:c0:6e:bd:31:d3:ff:b9:8f:a6:8d:61:37:
c2:1c:b0:20:60:15:f7:5b:4d:b9:5f:c1:e9:93:05:
f4:5c:5c:5c:57:fc:1d:ca:2a:e0:51:b7:11:6b:c9:
69:f5:92:ae:0a:72:03:2b:f5:0d:4e:ac:6e:27:1f:
f5:b2:37:b2:91:14:67:f6:29:68:c5:9c:4e:2e:4c:
30:a8:d6:84:ff:9b:20:ce:40:4b:be:c6:8d:44:a7:
e4:6e:36:c0:1d:ff:6e:8e:66:bf:25:6e:60:6a:c1:
45:12:1a:2b:de:88:33:5b:c7:33:7e:bf:0a:81:28:
4a:c4:9c:10:30:62:92:a2:99:3b:eb:9c:dd:e8:52:
d6:0c:f3:53:eb:05:64:c1:50:ea:bd:39:b5:3d:85:
2f:43:70:71:f1:cf:f8:0f:e3:42:d1:e4:5c:18:ba:
48:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:77:BD:92:10:0B:F6:2C:3D:E0:6A:B4:B4:AE:89:AF:64:91:03:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/853116B6107511F08681D8B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.4.0/24
154.211.12.0-154.211.14.255
154.221.16.0/20
Signature Algorithm: sha256WithRSAEncryption
94:c9:28:20:be:67:2e:d5:16:e6:8f:2e:10:8d:65:6b:9f:c6:
c0:17:2d:eb:07:93:3f:ee:46:31:0f:9b:ae:ef:6b:12:78:f6:
31:6a:f0:b1:d4:46:20:61:0a:93:53:02:f4:2a:e8:db:e3:7a:
e1:01:41:b6:02:cc:2e:85:95:e0:bc:0e:7f:c1:e6:ac:dc:59:
f6:55:90:df:de:7c:88:e6:d3:1b:8f:cf:fb:e8:d4:d0:d4:07:
5b:da:1f:43:0a:10:f1:61:13:1f:5d:9a:7b:5a:b0:53:66:a8:
c3:c4:96:1e:f2:7f:8d:00:ca:8b:83:d6:36:07:00:74:a7:43:
fd:45:c3:76:42:3a:84:f2:62:bf:ea:bd:ac:25:f7:8d:51:6e:
50:fe:82:ff:85:c2:5c:07:e6:21:70:2f:ef:d0:d6:5d:27:a5:
97:7b:a7:a8:7a:61:5c:6f:6f:b2:5e:15:7e:f0:bc:b4:3f:d5:
a9:ac:64:14:8f:fb:49:91:41:54:72:92:b1:65:3f:56:55:08:
aa:2c:e1:4a:6b:bd:8d:7b:98:e5:5d:be:af:5d:34:36:8a:2f:
8f:d7:2a:85:f2:b7:db:bf:b7:65:9e:dc:09:71:16:6b:58:89:
3b:8b:97:ba:09:08:1a:5e:92:a8:d3:4d:13:b6:a6:f2:b0:a0:
c2:47:e8:c3
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAXdlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAzMTAyMjE0WhcNMjUwNjAzMTAyMjE0WjAYMRYw
FAYDVQQDEw02N2VlNjE1YS0xMjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApeCvhmso3bfv6zw3Ra9Eg9xnso24zTWsv5ud15PRdM42KmNZ08tDJr1B
G9eeLA9EpxgIRsSwwXyxaSRZ2ePFULtSpMwOARot8qQAJE3AtZ+M6g7J8cWFzwIL
icLAbr0x0/+5j6aNYTfCHLAgYBX3W025X8HpkwX0XFxcV/wdyirgUbcRa8lp9ZKu
CnIDK/UNTqxuJx/1sjeykRRn9iloxZxOLkwwqNaE/5sgzkBLvsaNRKfkbjbAHf9u
jma/JW5gasFFEhor3ogzW8czfr8KgShKxJwQMGKSopk765zd6FLWDPNT6wVkwVDq
vTm1PYUvQ3Bx8c/4D+NC0eRcGLpIEQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFAl3
vZIQC/YsPeBqtLSuia9kkQPhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTMxMTZCNjEwNzUxMUYwODY4MUQ4QjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAmtEEMAwDBAKa0wwDBACa
0w4DBASa3RAwDQYJKoZIhvcNAQELBQADggEBAJTJKCC+Zy7VFuaPLhCNZWufxsAX
LesHkz/uRjEPm67vaxJ49jFq8LHURiBhCpNTAvQq6NvjeuEBQbYCzC6FleC8Dn/B
5qzcWfZVkN/efIjm0xuPz/vo1NDUB1vaH0MKEPFhEx9dmntasFNmqMPElh7yf40A
youD1jYHAHSnQ/1Fw3ZCOoTyYr/qvawl941RblD+gv+FwlwH5iFwL+/Q1l0npZd7
p6h6YVxvb7JeFX7wvLQ/1amsZBSP+0mRQVRykrFlP1ZVCKos4UprvY17mOVdvq9d
NDaKL4/XKoXyt9u/t2We3AlxFmtYiTuLl7oJCBpekqjTTRO2pvKwoMJH6MM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:38:33 2025 by rpki-client