Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E751A82C211111F088265CB1DAE4EC9C.roa
File: E751A82C211111F088265CB1DAE4EC9C.roa (raw, json)
Hash identifier: bJvw9K3e9BTyLRyuSzZSabaVlfR/3GKYih5A4bM755c=
Subject key identifier: B0:11:AE:AC:71:D1:31:55:E4:08:9E:39:83:3B:36:31:30:3D:F8:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AD5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E751A82C211111F088265CB1DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 13:42:03 +0000
ROA not before: Thu 24 Apr 2025 13:41:58 +0000
ROA not after: Fri 30 May 2025 13:41:58 +0000
asID: 57043
IP address blocks: 154.193.166.0/23 maxlen: 24
154.222.66.0/23 maxlen: 24
154.222.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96981 (0x17ad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 13:41:58 2025 GMT
Not After : May 30 13:41:58 2025 GMT
Subject: CN=680a3fab-4587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:48:1f:67:f8:c4:e0:bb:0a:9f:62:7b:79:43:
19:4f:71:f7:0b:6a:c6:7a:b3:30:73:a1:78:95:7b:
e3:de:4d:10:6c:8e:89:db:cb:fc:83:7c:fc:86:5e:
0c:e5:8d:7a:59:a3:e7:12:80:69:4d:17:bc:65:74:
d5:a6:e9:3c:29:ad:77:04:4d:5b:62:85:fe:73:05:
3e:bb:e7:5e:0f:ec:30:96:06:4b:b5:01:12:5b:a9:
94:42:31:f1:87:cd:c9:9c:24:63:39:76:0e:ec:51:
87:72:1d:c0:67:00:b1:a3:72:73:69:1f:4e:e9:7d:
ed:ba:c7:3e:ba:79:ce:7e:c8:2d:8f:82:12:93:5a:
4f:cc:db:51:b0:b0:45:0e:e8:02:22:5f:28:2d:df:
ca:34:1b:d3:61:6c:8d:7e:e9:46:c0:00:f6:15:84:
dd:22:de:95:9f:52:58:98:78:da:15:ec:e0:0e:cc:
5f:b0:1e:f2:4a:cd:c3:af:1c:cd:a7:55:92:df:2a:
12:8b:18:f3:74:7a:a1:96:84:0d:4b:01:ca:fb:d9:
9e:aa:ce:4b:89:50:5f:03:92:d7:fa:bd:b3:e3:0b:
75:1f:c0:37:ac:0c:58:30:26:f6:39:7d:54:ae:6a:
6d:e1:42:e6:a6:d2:e0:ab:04:90:39:20:c3:c4:78:
4f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:11:AE:AC:71:D1:31:55:E4:08:9E:39:83:3B:36:31:30:3D:F8:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E751A82C211111F088265CB1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.166.0/23
154.222.66.0/23
154.222.134.0/23
Signature Algorithm: sha256WithRSAEncryption
be:cc:7a:27:38:bb:0e:df:ad:33:81:be:3c:41:cd:b2:a8:63:
ad:e4:9c:59:de:38:86:76:c3:05:51:81:fd:94:09:3d:2e:0b:
aa:94:47:e3:5e:e3:97:c6:e0:e0:64:18:32:d7:12:97:ff:c9:
c8:a4:2e:e9:29:ee:6a:3f:ea:76:a6:bd:1a:40:ed:95:6f:c5:
36:a1:c4:a0:2b:69:7a:c0:6f:25:fa:58:50:33:d9:d1:e5:f3:
af:08:b3:f7:ef:31:df:d0:e4:78:c7:b3:dc:a1:19:46:51:c8:
fc:a3:1c:97:4f:1d:27:a8:e3:90:10:72:c4:dc:bd:d1:bf:f7:
fe:da:5e:47:2f:3e:c0:8d:d6:ed:1a:e2:62:0f:17:74:14:11:
69:be:d0:49:2f:84:cb:10:e9:6d:12:9c:bc:8d:35:9b:c7:40:
d7:0c:18:bc:f8:64:3e:79:9d:cd:23:43:22:2e:96:87:b6:3e:
fb:74:04:b8:49:9e:9c:bc:7d:95:aa:f2:d8:0f:3c:75:6f:20:
ba:c2:8c:13:1f:42:ce:1e:b8:cb:e1:dc:88:59:fa:08:c7:1d:
f9:b6:1f:9c:5b:38:a9:b9:74:67:a8:f1:b3:ef:ea:98:ef:70:
f5:11:83:b4:59:1e:bd:7a:67:9d:c6:e7:c2:b8:07:9c:31:00:
65:3c:7b:f0
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXrVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI0MTM0MTU4WhcNMjUwNTMwMTM0MTU4WjAYMRYw
FAYDVQQDEw02ODBhM2ZhYi00NTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArEgfZ/jE4LsKn2J7eUMZT3H3C2rGerMwc6F4lXvj3k0QbI6J28v8g3z8
hl4M5Y16WaPnEoBpTRe8ZXTVpuk8Ka13BE1bYoX+cwU+u+deD+wwlgZLtQESW6mU
QjHxh83JnCRjOXYO7FGHch3AZwCxo3JzaR9O6X3tusc+unnOfsgtj4ISk1pPzNtR
sLBFDugCIl8oLd/KNBvTYWyNfulGwAD2FYTdIt6Vn1JYmHjaFezgDsxfsB7ySs3D
rxzNp1WS3yoSixjzdHqhloQNSwHK+9meqs5LiVBfA5LX+r2z4wt1H8A3rAxYMCb2
OX1Urmpt4ULmptLgqwSQOSDDxHhPdwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFLAR
rqxx0TFV5AieOYM7NjEwPfjCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNzUxQTgyQzIxMTExMUYwODgyNjVDQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmsGmAwQBmt5CAwQBmt6G
MA0GCSqGSIb3DQEBCwUAA4IBAQC+zHonOLsO360zgb48Qc2yqGOt5JxZ3jiGdsMF
UYH9lAk9LguqlEfjXuOXxuDgZBgy1xKX/8nIpC7pKe5qP+p2pr0aQO2Vb8U2ocSg
K2l6wG8l+lhQM9nR5fOvCLP37zHf0OR4x7PcoRlGUcj8oxyXTx0nqOOQEHLE3L3R
v/f+2l5HLz7AjdbtGuJiDxd0FBFpvtBJL4TLEOltEpy8jTWbx0DXDBi8+GQ+eZ3N
I0MiLpaHtj77dAS4SZ6cvH2VqvLYDzx1byC6wowTH0LOHrjL4dyIWfoIxx35th+c
WzipuXRnqPGz7+qY73D1EYO0WR69emedxufCuAecMQBlPHvw
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:24:03 2025 by rpki-client