Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/039B6D8204BC11F0BD50C0AE762E951A.roa
File: 039B6D8204BC11F0BD50C0AE762E951A.roa (raw, json)
Hash identifier: SqaRSUvmFNzTF7tGTjnUmHYS6RdFrxt9VwgildEUinE=
Subject key identifier: CB:00:54:9B:69:36:64:8B:0D:DC:03:B9:FA:2C:A4:A8:85:13:7C:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017508
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/039B6D8204BC11F0BD50C0AE762E951A.roa
Signing time: Wed 19 Mar 2025 12:16:41 +0000
ROA not before: Wed 19 Mar 2025 12:16:37 +0000
ROA not after: Fri 25 Apr 2025 12:16:37 +0000
asID: 54801
IP address blocks: 154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.200.241.0/24 maxlen: 24
154.200.242.0/24 maxlen: 24
154.200.248.0/23 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/22 maxlen: 24
154.201.40.0/23 maxlen: 24
154.213.176.0/20 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.78.0/24 maxlen: 24
154.222.136.0/23 maxlen: 24
154.222.146.0/23 maxlen: 24
154.223.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95496 (0x17508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 19 12:16:37 2025 GMT
Not After : Apr 25 12:16:37 2025 GMT
Subject: CN=67dab5a9-644b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:54:64:59:98:72:98:90:49:ea:6c:71:ed:
5c:1a:85:bd:6d:78:c2:74:f4:f3:ea:1e:f8:13:f7:
b6:c8:12:47:c1:48:84:66:6e:88:94:f7:6d:4a:1e:
8e:7e:03:96:59:7d:3e:74:8b:a4:f3:be:8e:f9:8b:
d8:10:68:65:ca:8c:3c:76:e6:8f:9d:ae:93:ea:cb:
0e:30:af:d2:a2:c3:c9:00:b5:49:83:40:ad:d6:dd:
5c:fb:53:1e:f3:aa:ac:5d:43:7e:91:4e:1f:c7:37:
49:59:0a:5a:e4:98:f3:b6:27:b7:0c:ce:cc:79:e9:
af:2f:af:7a:4e:43:f1:ca:ea:e0:3c:2f:1a:50:68:
09:07:93:2a:40:75:a9:d3:6c:cd:ba:4e:55:8d:67:
59:36:80:f1:3d:4f:57:87:0a:e9:12:bf:5c:87:d4:
a5:2b:3d:95:7b:91:4a:13:61:7c:3a:b8:10:c8:a5:
ec:cc:bf:bc:ad:35:cb:96:aa:d1:58:9f:e8:c2:93:
4c:35:aa:b9:13:50:26:b0:5a:71:3d:e6:2d:38:67:
d2:a3:75:f5:1e:bf:a7:4b:66:09:db:79:43:c5:df:
28:9a:23:c1:39:2e:52:8c:43:ec:76:5c:3d:cf:f7:
98:0a:39:4f:1f:83:78:0b:1d:d2:48:51:fe:bf:42:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:00:54:9B:69:36:64:8B:0D:DC:03:B9:FA:2C:A4:A8:85:13:7C:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/039B6D8204BC11F0BD50C0AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.9.0-154.198.10.255
154.200.241.0-154.200.242.255
154.200.248.0/23
154.201.7.0-154.201.11.255
154.201.40.0/23
154.213.176.0/20
154.213.211.0-154.213.212.255
154.222.77.0-154.222.78.255
154.222.136.0/23
154.222.146.0/23
154.223.230.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:b2:3b:26:f9:c2:a0:5e:e8:07:b1:fe:f3:d3:c3:78:4c:1d:
26:5e:a0:1c:1a:b5:c2:13:35:93:16:f5:e7:36:bb:37:79:5f:
e4:ac:14:f4:78:08:4a:31:da:00:c7:ba:bc:5c:ff:0b:ef:1a:
9c:ee:02:31:10:06:23:c7:16:ed:c2:39:46:b2:b4:f6:71:44:
9c:74:88:c8:66:aa:95:9e:aa:45:4a:72:c6:1b:79:5b:d2:5c:
a4:cd:9e:4d:1a:3b:9d:2e:c3:e4:cf:ba:44:26:70:1b:7b:0d:
55:7f:e9:4a:65:2d:c4:5b:80:98:25:59:60:b5:70:e3:57:33:
c3:62:87:7e:c9:60:0d:65:82:a2:13:c5:73:ca:2d:63:8a:b1:
30:54:6f:c6:9b:24:e5:34:5a:6d:b8:14:ce:9a:3c:38:39:1f:
8b:be:38:5a:c4:6e:1e:29:a9:0b:d6:c3:01:4f:a9:3c:d5:94:
36:d5:b7:10:f9:0d:92:00:4b:e9:7e:95:5a:b7:20:7f:ca:ee:
2a:c0:8f:a3:a8:5d:80:c8:f7:52:4c:d0:e9:20:1e:72:42:e4:
06:c0:85:a2:ed:fc:c2:ee:a8:47:74:f7:20:b1:13:62:96:4a:
69:e4:e2:b4:00:4b:54:7b:5a:9c:69:28:41:a9:6d:60:46:07:
d8:b3:27:94
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgIDAXUIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTIxNjM3WhcNMjUwNDI1MTIxNjM3WjAYMRYw
FAYDVQQDEw02N2RhYjVhOS02NDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwO1UZFmYcpiQSepsce1cGoW9bXjCdPTz6h74E/e2yBJHwUiEZm6IlPdt
Sh6OfgOWWX0+dIuk876O+YvYEGhlyow8duaPna6T6ssOMK/SosPJALVJg0Ct1t1c
+1Me86qsXUN+kU4fxzdJWQpa5Jjztie3DM7MeemvL696TkPxyurgPC8aUGgJB5Mq
QHWp02zNuk5VjWdZNoDxPU9XhwrpEr9ch9SlKz2Ve5FKE2F8OrgQyKXszL+8rTXL
lqrRWJ/owpNMNaq5E1AmsFpxPeYtOGfSo3X1Hr+nS2YJ23lDxd8omiPBOS5SjEPs
dlw9z/eYCjlPH4N4Cx3SSFH+v0IKlwIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFMsA
VJtpNmSLDdwDufospKiFE3z1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzlCNkQ4MjA0QkMxMUYwQkQ1MEMwQUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQAmsYJAwQAmsYKMAwD
BACayPEDBACayPIDBAGayPgwDAMEAJrJBwMEAprJCAMEAZrJKAMEBJrVsDAMAwQA
mtXTAwQAmtXUMAwDBACa3k0DBACa3k4DBAGa3ogDBAGa3pIDBAGa3+YwDQYJKoZI
hvcNAQELBQADggEBAByyOyb5wqBe6Aex/vPTw3hMHSZeoBwatcITNZMW9ec2uzd5
X+SsFPR4CEox2gDHurxc/wvvGpzuAjEQBiPHFu3COUaytPZxRJx0iMhmqpWeqkVK
csYbeVvSXKTNnk0aO50uw+TPukQmcBt7DVV/6UplLcRbgJglWWC1cONXM8Nih37J
YA1lgqITxXPKLWOKsTBUb8abJOU0Wm24FM6aPDg5H4u+OFrEbh4pqQvWwwFPqTzV
lDbVtxD5DZIAS+l+lVq3IH/K7irAj6OoXYDI91JM0OkgHnJC5AbAhaLt/MLuqEd0
9yCxE2KWSmnk4rQAS1R7WpxpKEGpbWBGB9izJ5Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:24 2025 by rpki-client