Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19D4671A040E11F0907A5C6D762E951A.roa
File: 19D4671A040E11F0907A5C6D762E951A.roa (raw, json)
Hash identifier: iZd4WMUEiKV+bP3GRFvO9vCVOyOsraOY3dTTsBULCgw=
Subject key identifier: 36:86:79:74:39:E2:4C:7E:95:5F:E8:DB:13:CB:A8:59:DD:EA:E3:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0174B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19D4671A040E11F0907A5C6D762E951A.roa
Signing time: Tue 18 Mar 2025 15:31:46 +0000
ROA not before: Tue 18 Mar 2025 15:31:42 +0000
ROA not after: Mon 05 May 2025 15:31:42 +0000
asID: 44559
IP address blocks: 154.209.19.0/24 maxlen: 24
154.209.95.0/24 maxlen: 24
154.209.132.0/24 maxlen: 24
154.209.149.0/24 maxlen: 24
154.209.156.0/24 maxlen: 24
154.209.192.0/24 maxlen: 24
154.209.193.0/24 maxlen: 24
154.209.198.0/24 maxlen: 24
154.209.204.0/24 maxlen: 24
154.209.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95416 (0x174b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 18 15:31:42 2025 GMT
Not After : May 5 15:31:42 2025 GMT
Subject: CN=67d991e2-a859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9b:8b:31:04:84:b9:5e:c5:65:c9:0a:d5:2f:
43:ff:68:39:b0:7a:57:3f:aa:2a:86:1d:08:fd:a6:
03:90:26:81:5a:06:d1:90:2a:41:eb:fd:6b:83:11:
81:6f:c4:68:e3:95:2e:a1:9d:84:19:07:4e:88:43:
5f:2f:1f:e9:0a:c7:1c:d2:8a:eb:f6:3f:92:0d:0d:
fb:0f:00:be:29:92:04:ca:e8:64:6a:6b:72:5d:c4:
c3:9c:5f:95:d1:54:89:8f:29:54:e6:d5:3a:fc:3b:
af:71:18:9a:d9:24:47:1a:c4:cd:72:32:b4:5f:18:
ae:02:7a:ac:0a:b2:7e:39:43:bd:0d:00:f2:3a:8f:
94:19:c4:eb:9b:82:09:c0:25:3f:0a:cf:ad:56:64:
f4:db:4e:7c:1c:d8:cc:68:5a:02:91:4a:b0:ce:2a:
38:cf:9b:ef:8a:c6:ca:ee:bb:8e:bf:ce:cd:bb:02:
9d:86:31:6d:08:69:d2:d8:c0:c7:d6:e7:f3:34:89:
28:1c:2b:11:99:c0:6e:73:f2:29:1e:72:2a:aa:c9:
3c:cd:e8:57:6a:ca:d2:7c:06:66:3e:93:66:fa:00:
21:cf:67:04:53:2f:f9:40:16:9d:4f:59:c1:e9:9f:
52:c6:cc:b9:74:61:f8:91:ee:7b:9f:8a:d2:3f:db:
dd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:86:79:74:39:E2:4C:7E:95:5F:E8:DB:13:CB:A8:59:DD:EA:E3:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19D4671A040E11F0907A5C6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.19.0/24
154.209.95.0/24
154.209.132.0/24
154.209.149.0/24
154.209.156.0/24
154.209.192.0/23
154.209.198.0/24
154.209.204.0/24
154.209.207.0/24
Signature Algorithm: sha256WithRSAEncryption
78:63:ed:1b:b4:fc:23:65:21:6f:8e:21:11:05:be:90:fc:13:
0b:70:0c:b9:6d:3d:4b:f0:0d:40:ee:0c:86:bc:74:31:fd:f8:
6a:56:aa:d5:f8:06:b2:a7:1c:4a:35:5a:ea:9a:69:89:4e:5e:
a5:d6:65:b0:15:74:18:0c:d2:3b:99:a4:5a:c3:3b:d7:27:59:
af:94:75:5f:68:f8:25:93:c5:2f:db:18:46:9c:d5:81:1c:a4:
ab:2a:52:86:fa:8d:15:de:6c:03:0a:2d:b6:75:fb:3e:00:15:
18:7a:75:89:60:a3:68:36:35:50:e8:b9:48:7c:82:db:69:79:
2c:52:53:b4:3d:56:f3:93:2a:31:c1:d9:ea:87:f9:1f:d5:58:
f2:a6:84:a5:df:c8:8c:d3:45:f1:2d:eb:1b:6d:8e:da:11:3c:
df:00:eb:f6:01:22:60:03:0a:07:53:2d:ef:66:a6:b5:73:50:
d6:2b:86:2f:eb:66:9b:d7:3b:2f:0b:67:d2:3a:cd:cb:af:ac:
f1:50:f8:f5:0a:35:f7:52:36:b2:b5:96:c2:9d:84:81:53:2b:
0b:89:2e:fb:26:ed:b2:1d:ef:63:55:df:5d:51:b5:4e:fc:29:
28:a7:40:89:f8:98:fc:b3:45:99:63:2f:48:05:a8:ef:0c:ed:
5a:b5:3a:9f
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAXS4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MTUzMTQyWhcNMjUwNTA1MTUzMTQyWjAYMRYw
FAYDVQQDEw02N2Q5OTFlMi1hODU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAypuLMQSEuV7FZckK1S9D/2g5sHpXP6oqhh0I/aYDkCaBWgbRkCpB6/1r
gxGBb8Ro45UuoZ2EGQdOiENfLx/pCscc0orr9j+SDQ37DwC+KZIEyuhkamtyXcTD
nF+V0VSJjylU5tU6/DuvcRia2SRHGsTNcjK0XxiuAnqsCrJ+OUO9DQDyOo+UGcTr
m4IJwCU/Cs+tVmT02058HNjMaFoCkUqwzio4z5vvisbK7ruOv87NuwKdhjFtCGnS
2MDH1ufzNIkoHCsRmcBuc/IpHnIqqsk8zehXasrSfAZmPpNm+gAhz2cEUy/5QBad
T1nB6Z9Sxsy5dGH4ke57n4rSP9vd3QIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFDaG
eXQ54kx+lV/o2xPLqFnd6uNWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOUQ0NjcxQTA0MEUxMUYwOTA3QTVDNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAmtETAwQAmtFfAwQAmtGE
AwQAmtGVAwQAmtGcAwQBmtHAAwQAmtHGAwQAmtHMAwQAmtHPMA0GCSqGSIb3DQEB
CwUAA4IBAQB4Y+0btPwjZSFvjiERBb6Q/BMLcAy5bT1L8A1A7gyGvHQx/fhqVqrV
+AaypxxKNVrqmmmJTl6l1mWwFXQYDNI7maRawzvXJ1mvlHVfaPglk8Uv2xhGnNWB
HKSrKlKG+o0V3mwDCi22dfs+ABUYenWJYKNoNjVQ6LlIfILbaXksUlO0PVbzkyox
wdnqh/kf1VjypoSl38iM00XxLesbbY7aETzfAOv2ASJgAwoHUy3vZqa1c1DWK4Yv
62ab1zsvC2fSOs3Lr6zxUPj1CjX3UjaytZbCnYSBUysLiS77Ju2yHe9jVd9dUbVO
/Ckop0CJ+Jj8s0WZYy9IBajvDO1atTqf
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:30 2025 by rpki-client