Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88F31ED221BB11F088D1A1A3DAE4EC9C.roa
File: 88F31ED221BB11F088D1A1A3DAE4EC9C.roa (raw, json)
Hash identifier: Kh/GB5agoA38I/MCUJ24sV3SYMVF8zV7KDVh/wuKOuQ=
Subject key identifier: 29:B6:86:C1:87:5F:CB:ED:06:33:AC:77:62:C4:2E:B9:A1:11:2A:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B13
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88F31ED221BB11F088D1A1A3DAE4EC9C.roa
Signing time: Fri 25 Apr 2025 09:56:19 +0000
ROA not before: Fri 25 Apr 2025 09:56:14 +0000
ROA not after: Fri 02 May 2025 09:56:14 +0000
asID: 135097
IP address blocks: 154.212.164.0/22 maxlen: 24
154.212.168.0/21 maxlen: 24
154.212.176.0/20 maxlen: 24
154.212.192.0/18 maxlen: 24
154.213.8.0/21 maxlen: 24
154.213.8.0/23 maxlen: 24
154.213.10.0/24 maxlen: 24
154.213.11.0/24 maxlen: 24
154.213.12.0/22 maxlen: 24
154.213.80.0/20 maxlen: 24
154.216.4.0/22 maxlen: 24
154.216.8.0/21 maxlen: 24
154.220.4.0/22 maxlen: 24
154.220.8.0/21 maxlen: 24
154.220.16.0/20 maxlen: 24
154.220.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97043 (0x17b13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 09:56:14 2025 GMT
Not After : May 2 09:56:14 2025 GMT
Subject: CN=680b5c43-e109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a0:98:72:cf:28:65:91:aa:53:a5:b8:90:40:
de:44:03:9e:f3:1a:bc:5f:2a:07:f3:00:ba:c6:4d:
ce:6c:a6:c3:eb:d0:26:09:b7:a8:f0:9d:45:a4:b3:
1c:46:c3:41:d0:ee:41:85:0c:88:56:d1:05:af:4c:
f1:54:2c:28:9b:5f:80:16:2c:a5:54:b9:c7:b3:bd:
70:20:25:ef:47:90:cc:ad:fb:ec:4d:c7:f2:68:45:
4b:0f:c9:a4:55:7b:58:95:4c:fb:62:22:30:80:3e:
c6:43:69:1b:81:bd:83:b8:df:4b:7d:2e:2d:35:de:
70:85:4a:20:a7:d0:f3:90:9c:da:e1:3e:39:35:80:
9c:5e:ed:0e:78:61:b9:54:0b:f0:cd:ac:67:2f:ed:
df:09:b4:67:5c:0f:77:68:51:14:a0:20:2d:18:ae:
a8:60:bb:22:6c:38:1b:d3:5e:a1:4b:7b:b9:ec:3e:
a7:28:5b:67:29:6f:0a:73:9f:e9:08:9c:22:03:01:
59:5c:dd:c5:3c:48:08:9f:5b:56:2c:ce:16:9a:45:
43:e3:b0:74:ff:fe:1d:4b:1b:ce:31:e2:ad:e4:88:
ed:ad:c8:45:37:85:5a:6b:51:e4:9d:2e:50:18:ed:
95:8a:ab:c5:da:2a:8a:d2:b5:ae:eb:7e:40:a0:a1:
3f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B6:86:C1:87:5F:CB:ED:06:33:AC:77:62:C4:2E:B9:A1:11:2A:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88F31ED221BB11F088D1A1A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.164.0-154.212.255.255
154.213.8.0/21
154.213.80.0/20
154.216.4.0-154.216.15.255
154.220.4.0-154.220.31.255
154.220.64.0/18
Signature Algorithm: sha256WithRSAEncryption
d7:72:78:9c:08:47:61:73:87:4a:8c:62:f0:4b:b4:36:47:d4:
32:8b:dc:01:69:5b:52:5e:7d:0f:8d:f3:d4:21:48:6d:b5:a3:
dd:46:f3:fc:cb:2c:51:61:a5:f1:f4:4d:5a:9f:a0:6c:b8:b8:
3f:92:67:f0:2f:82:c5:37:7a:97:6a:cf:30:9c:90:0a:2c:d4:
26:e3:bb:9a:0d:8a:ee:22:40:df:75:bb:7c:17:3b:f9:4b:49:
3f:3b:1e:a5:f5:c3:5a:28:aa:15:3d:ef:00:0b:23:46:0d:24:
0f:21:76:28:ca:09:72:bc:41:44:0f:a9:13:ef:8c:1d:08:3a:
55:fc:76:79:c9:f0:da:f0:fb:f2:7f:79:8c:e8:a0:31:16:86:
ea:09:1d:a2:0e:15:00:8e:4c:ad:02:ac:0f:e6:e4:f8:0c:71:
bf:ab:cf:1d:34:a1:b6:b4:40:f0:69:67:79:08:be:06:de:c4:
26:d7:de:c2:3d:bb:41:1c:bf:ca:bc:b1:30:ad:dd:a4:a1:3e:
2f:d0:01:d4:c8:95:61:80:5b:fb:7c:b7:eb:a8:11:e0:78:b0:
b6:f9:77:37:8d:ce:41:5b:ad:67:41:02:13:bd:87:21:b7:09:
b6:0e:ba:bc:04:c4:f5:79:5e:d4:4d:2f:6a:51:22:69:6b:f7:
6b:25:59:0a
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAXsTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDk1NjE0WhcNMjUwNTAyMDk1NjE0WjAYMRYw
FAYDVQQDEw02ODBiNWM0My1lMTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5aCYcs8oZZGqU6W4kEDeRAOe8xq8XyoH8wC6xk3ObKbD69AmCbeo8J1F
pLMcRsNB0O5BhQyIVtEFr0zxVCwom1+AFiylVLnHs71wICXvR5DMrfvsTcfyaEVL
D8mkVXtYlUz7YiIwgD7GQ2kbgb2DuN9LfS4tNd5whUogp9DzkJza4T45NYCcXu0O
eGG5VAvwzaxnL+3fCbRnXA93aFEUoCAtGK6oYLsibDgb016hS3u57D6nKFtnKW8K
c5/pCJwiAwFZXN3FPEgIn1tWLM4WmkVD47B0//4dSxvOMeKt5IjtrchFN4Vaa1Hk
nS5QGO2ViqvF2iqK0rWu635AoKE/cwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFCm2
hsGHX8vtBjOsd2LELrmhESr6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OEYzMUVEMjIxQkIxMUYwODhEMUExQTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7MAsDBAKa1KQDAwCa1AMEA5rV
CAMEBJrVUDAMAwQCmtgEAwQEmtgAMAwDBAKa3AQDBAWa3AADBAaa3EAwDQYJKoZI
hvcNAQELBQADggEBANdyeJwIR2Fzh0qMYvBLtDZH1DKL3AFpW1JefQ+N89QhSG21
o91G8/zLLFFhpfH0TVqfoGy4uD+SZ/AvgsU3epdqzzCckAos1Cbju5oNiu4iQN91
u3wXO/lLST87HqX1w1ooqhU97wALI0YNJA8hdijKCXK8QUQPqRPvjB0IOlX8dnnJ
8Nrw+/J/eYzooDEWhuoJHaIOFQCOTK0CrA/m5PgMcb+rzx00oba0QPBpZ3kIvgbe
xCbX3sI9u0Ecv8q8sTCt3aShPi/QAdTIlWGAW/t8t+uoEeB4sLb5dzeNzkFbrWdB
AhO9hyG3CbYOurwExPV5XtRNL2pRImlr92slWQo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:26:37 2025 by rpki-client