Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D72138E0261711F087029AC8DAE4EC9C.roa
File: D72138E0261711F087029AC8DAE4EC9C.roa (raw, json)
Hash identifier: JbOd+IAZV2CPBwmnJhfOjVsdYYM6YzF6XIWqIY6l82Q=
Subject key identifier: A2:DB:14:5B:35:C8:59:6B:AA:2F:A0:CC:F6:76:C5:8E:4A:96:17:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017D97
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D72138E0261711F087029AC8DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 23:07:09 +0000
ROA not before: Wed 30 Apr 2025 23:07:04 +0000
ROA not after: Fri 14 Apr 2028 23:07:04 +0000
asID: 17561
IP address blocks: 154.84.180.0/24 maxlen: 24
154.85.128.0/24 maxlen: 24
154.85.129.0/24 maxlen: 24
154.85.130.0/24 maxlen: 24
154.85.131.0/24 maxlen: 24
154.85.132.0/24 maxlen: 24
154.85.133.0/24 maxlen: 24
154.85.134.0/24 maxlen: 24
154.91.1.0/24 maxlen: 24
154.95.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97687 (0x17d97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 23:07:04 2025 GMT
Not After : Apr 14 23:07:04 2028 GMT
Subject: CN=6812ad1d-9334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:11:aa:3c:59:34:92:72:ef:42:64:fd:e5:6c:
c0:30:e6:a3:8b:62:bd:78:cf:52:5b:2f:4b:10:71:
37:ef:a0:7d:8c:06:5b:1a:8d:e1:8c:ab:f6:6b:21:
04:5a:93:a1:54:70:03:82:6e:aa:f3:52:c2:16:74:
0c:15:85:4c:33:87:75:53:d6:23:d0:38:cc:98:23:
3e:34:41:0c:cd:92:3a:34:23:ac:b0:b2:89:04:71:
d9:d9:bd:e3:6c:3f:c3:31:f8:94:d9:a7:37:4c:0a:
e5:6a:65:33:3c:bc:bc:08:19:cf:4e:35:97:9f:90:
e7:75:84:9b:c0:af:0c:3c:56:d5:c6:ab:d7:6b:f2:
6d:de:24:4d:cf:a7:3f:ad:53:25:c3:59:0a:e3:21:
f9:59:51:96:69:13:55:2d:61:3d:c3:6b:d8:96:22:
5e:8a:0b:8d:e3:74:d8:ed:ed:e0:ad:7a:e4:b0:ce:
8e:46:fc:24:6c:9f:4b:81:42:76:6f:ff:68:68:2f:
0d:48:9a:f2:92:25:02:a4:a4:74:1a:71:34:30:5c:
8b:c4:6e:f0:d7:4a:8d:c7:2e:f8:f4:7b:cb:ec:de:
e2:77:d8:2a:93:a4:84:e6:92:21:86:bf:a0:09:24:
ca:0a:cb:d7:97:5b:7d:54:75:07:7c:75:05:fd:fb:
ca:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DB:14:5B:35:C8:59:6B:AA:2F:A0:CC:F6:76:C5:8E:4A:96:17:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D72138E0261711F087029AC8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.180.0/24
154.85.128.0-154.85.134.255
154.91.1.0/24
154.95.21.0/24
Signature Algorithm: sha256WithRSAEncryption
76:85:a2:b0:f5:81:42:58:bf:5d:80:c6:a2:4c:d2:0f:97:df:
8a:6a:94:ed:2c:55:83:0c:5f:a9:0a:76:ac:cb:7c:8a:c5:04:
b3:69:12:55:33:21:6a:9d:48:1f:bb:dd:ae:06:2a:b2:fa:37:
88:29:ca:2b:22:82:2b:2d:a4:09:71:33:5f:32:ba:e8:25:b5:
ba:53:2a:6e:22:20:81:8e:d7:70:96:93:01:34:a9:22:d5:8f:
d3:d2:01:19:83:02:e8:ee:ee:32:09:0d:43:b0:dd:d6:71:ed:
98:ca:5b:12:72:ff:24:76:01:f3:c8:cb:8d:6c:4a:b2:d3:55:
98:1d:2e:57:06:65:9b:cf:d9:d6:61:eb:e1:16:2b:91:65:52:
ac:ff:35:f5:c7:e3:0d:92:26:b8:b6:77:87:c0:af:64:07:70:
70:db:c3:4e:7d:9b:be:f0:97:42:71:a1:86:4f:68:27:c3:c5:
36:cb:d1:25:07:d5:84:36:33:37:50:67:56:b5:08:ac:7a:c9:
db:2a:83:37:32:a0:2c:95:37:01:96:8a:fd:69:82:0d:2d:e6:
f3:32:cf:06:a1:9b:16:47:a8:9e:7b:60:0d:22:99:65:be:e5:
74:b3:65:d6:d0:41:2c:40:ed:57:fa:a3:13:cc:3d:82:0f:b4:
f5:2f:83:a1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAX2XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDMwMjMwNzA0WhcNMjgwNDE0MjMwNzA0WjAYMRYw
FAYDVQQDEw02ODEyYWQxZC05MzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxBGqPFk0knLvQmT95WzAMOaji2K9eM9SWy9LEHE376B9jAZbGo3hjKv2
ayEEWpOhVHADgm6q81LCFnQMFYVMM4d1U9Yj0DjMmCM+NEEMzZI6NCOssLKJBHHZ
2b3jbD/DMfiU2ac3TArlamUzPLy8CBnPTjWXn5DndYSbwK8MPFbVxqvXa/Jt3iRN
z6c/rVMlw1kK4yH5WVGWaRNVLWE9w2vYliJeiguN43TY7e3grXrksM6ORvwkbJ9L
gUJ2b/9oaC8NSJrykiUCpKR0GnE0MFyLxG7w10qNxy749HvL7N7id9gqk6SE5pIh
hr+gCSTKCsvXl1t9VHUHfHUF/fvKbwIDAQABo4ICvzCCArswHQYDVR0OBBYEFKLb
FFs1yFlrqi+gzPZ2xY5KlhfUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENzIxMzhFMDI2MTcxMUYwODcwMjlBQzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAmlS0MAwDBAeaVYADBACa
VYYDBACaWwEDBACaXxUwDQYJKoZIhvcNAQELBQADggEBAHaForD1gUJYv12AxqJM
0g+X34pqlO0sVYMMX6kKdqzLfIrFBLNpElUzIWqdSB+73a4GKrL6N4gpyisigist
pAlxM18yuugltbpTKm4iIIGO13CWkwE0qSLVj9PSARmDAuju7jIJDUOw3dZx7ZjK
WxJy/yR2AfPIy41sSrLTVZgdLlcGZZvP2dZh6+EWK5FlUqz/NfXH4w2SJri2d4fA
r2QHcHDbw059m77wl0JxoYZPaCfDxTbL0SUH1YQ2MzdQZ1a1CKx6ydsqgzcyoCyV
NwGWiv1pgg0t5vMyzwahmxZHqJ57YA0imWW+5XSzZdbQQSxA7Vf6oxPMPYIPtPUv
g6E=
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:51:12 2025 by rpki-client