Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BD60B740CB811F0BC24407C762E951A.roa
File: 1BD60B740CB811F0BC24407C762E951A.roa (raw, json)
Hash identifier: lqAWEp2hIiIN9eVo1Qyh2TE8pm5NaimdQf4PElq2TzE=
Subject key identifier: 2C:36:41:4E:E1:5B:D6:7C:39:56:5D:17:C9:B2:AF:3D:65:7C:2E:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176C0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BD60B740CB811F0BC24407C762E951A.roa
Signing time: Sat 29 Mar 2025 16:08:53 +0000
ROA not before: Sat 29 Mar 2025 16:08:49 +0000
ROA not after: Sun 04 May 2025 16:08:49 +0000
asID: 203020
IP address blocks: 154.200.110.0/24 maxlen: 24
154.200.188.0/24 maxlen: 24
154.200.213.0/24 maxlen: 24
154.200.220.0/24 maxlen: 24
154.200.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95936 (0x176c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 16:08:49 2025 GMT
Not After : May 4 16:08:49 2025 GMT
Subject: CN=67e81b15-d956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e8:4e:f4:60:c4:32:e6:68:ef:35:c5:16:a2:
6d:cb:30:ac:d5:00:be:89:6d:88:09:f1:d5:69:a3:
e3:ad:a1:c1:5e:db:5d:9c:1d:95:e6:8a:e2:e1:bc:
57:f8:ee:e8:23:f4:6d:88:b9:3c:73:d9:6f:06:38:
a0:45:03:9c:36:d5:17:be:23:cf:ed:c1:2e:60:e7:
dd:2e:4f:10:77:05:d3:59:de:b1:ff:03:9d:d2:de:
9e:bd:51:25:cd:bf:b9:d2:6e:64:8e:a8:c7:cd:b9:
d3:99:f1:88:55:88:0d:6f:08:6e:37:00:a3:03:06:
5d:32:cc:0a:6e:b8:c8:c9:4f:0e:5a:45:0b:80:fa:
a9:52:22:3a:5a:fc:dc:a4:3e:2a:c3:6e:1a:cd:c7:
99:af:89:b9:73:8c:82:2f:da:41:fb:33:5d:6e:07:
55:dd:15:42:68:d8:0c:08:1b:b3:f7:43:03:7e:f6:
f9:73:89:cf:c1:e0:65:b5:16:24:32:24:fc:20:26:
b6:d7:6e:d6:c1:a0:37:8c:8c:ad:84:3e:16:a7:43:
f7:f5:77:a0:65:f8:89:b5:b7:30:f3:2f:83:2f:f8:
e5:47:69:23:20:5d:e4:f9:b3:70:4b:e2:1b:37:f9:
00:e1:39:ec:01:60:2c:e0:bd:b6:a0:93:35:8f:3f:
49:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:36:41:4E:E1:5B:D6:7C:39:56:5D:17:C9:B2:AF:3D:65:7C:2E:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BD60B740CB811F0BC24407C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.110.0/24
154.200.188.0/24
154.200.213.0/24
154.200.220.0/24
154.200.245.0/24
Signature Algorithm: sha256WithRSAEncryption
39:f5:a3:be:67:a4:cc:91:87:1d:04:93:d9:b6:68:38:5f:d2:
a1:a8:e0:01:cb:fe:52:10:8e:2a:8d:14:a5:16:57:8c:22:2e:
28:a4:19:2e:5e:d4:69:32:df:b0:75:dc:ed:a7:0d:d1:03:f6:
5d:63:ac:47:a5:9f:18:60:94:6f:77:02:86:6c:44:48:65:02:
d1:6f:4b:17:23:b1:f9:e1:78:ef:08:1c:03:60:f6:66:c1:16:
b1:a4:fa:78:2f:14:7f:39:c5:95:4d:77:b6:86:d1:72:5a:45:
8e:ce:a2:0a:ae:b0:d0:22:bd:27:19:83:0c:8d:4a:38:95:b6:
b7:14:29:68:33:ec:9e:85:6b:a6:86:50:69:8b:10:7e:b3:64:
2c:1b:1f:1a:ac:1c:62:a9:6c:91:76:e7:ad:f2:12:06:db:bb:
f0:b5:3f:e4:7a:63:23:ee:ce:90:83:ca:49:3a:23:79:c7:89:
4a:f1:52:b8:fb:2b:8d:80:d9:4f:c9:17:aa:ae:41:ac:f3:cb:
43:e8:e3:7b:88:78:15:49:7d:33:c2:f9:d0:9b:ed:32:75:f4:
98:b8:f3:55:98:b7:c6:9c:96:03:43:22:8d:3d:66:33:62:2a:
6a:ca:7f:03:d0:53:a5:e6:65:41:94:7d:c6:21:7a:c3:23:94:
87:ae:62:91
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDAXbAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTYwODQ5WhcNMjUwNTA0MTYwODQ5WjAYMRYw
FAYDVQQDEw02N2U4MWIxNS1kOTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+hO9GDEMuZo7zXFFqJtyzCs1QC+iW2ICfHVaaPjraHBXttdnB2V5ori
4bxX+O7oI/RtiLk8c9lvBjigRQOcNtUXviPP7cEuYOfdLk8QdwXTWd6x/wOd0t6e
vVElzb+50m5kjqjHzbnTmfGIVYgNbwhuNwCjAwZdMswKbrjIyU8OWkULgPqpUiI6
WvzcpD4qw24azceZr4m5c4yCL9pB+zNdbgdV3RVCaNgMCBuz90MDfvb5c4nPweBl
tRYkMiT8ICa2127WwaA3jIythD4Wp0P39XegZfiJtbcw8y+DL/jlR2kjIF3k+bNw
S+IbN/kA4TnsAWAs4L22oJM1jz9JbwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFCw2
QU7hW9Z8OVZdF8myrz1lfC7aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkQ2MEI3NDBDQjgxMUYwQkMyNDQwN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAmshuAwQAmsi8AwQAmsjV
AwQAmsjcAwQAmsj1MA0GCSqGSIb3DQEBCwUAA4IBAQA59aO+Z6TMkYcdBJPZtmg4
X9KhqOABy/5SEI4qjRSlFleMIi4opBkuXtRpMt+wddztpw3RA/ZdY6xHpZ8YYJRv
dwKGbERIZQLRb0sXI7H54XjvCBwDYPZmwRaxpPp4LxR/OcWVTXe2htFyWkWOzqIK
rrDQIr0nGYMMjUo4lba3FCloM+yehWumhlBpixB+s2QsGx8arBxiqWyRduet8hIG
27vwtT/kemMj7s6Qg8pJOiN5x4lK8VK4+yuNgNlPyReqrkGs88tD6ON7iHgVSX0z
wvnQm+0ydfSYuPNVmLfGnJYDQyKNPWYzYipqyn8D0FOl5mVBlH3GIXrDI5SHrmKR
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:48 2025 by rpki-client