Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25830A4A042611F09D25DD80762E951A.roa
File: 25830A4A042611F09D25DD80762E951A.roa (raw, json)
Hash identifier: Jr9dFy4IGH4KwGt6cNJIcRPfuZrZt5UDt2kz9q6zNcg=
Subject key identifier: E0:12:9E:B0:B0:16:F0:F2:68:87:1E:73:0E:0D:45:38:64:D3:92:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0174EA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25830A4A042611F09D25DD80762E951A.roa
Signing time: Tue 18 Mar 2025 18:23:53 +0000
ROA not before: Tue 18 Mar 2025 18:23:49 +0000
ROA not after: Mon 05 May 2025 18:23:49 +0000
asID: 48031
IP address blocks: 154.218.20.0/24 maxlen: 24
154.218.21.0/24 maxlen: 24
154.218.23.0/24 maxlen: 24
154.218.24.0/24 maxlen: 24
154.222.208.0/24 maxlen: 24
154.222.209.0/24 maxlen: 24
154.222.210.0/24 maxlen: 24
154.222.211.0/24 maxlen: 24
154.222.223.0/24 maxlen: 24
154.222.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95466 (0x174ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 18 18:23:49 2025 GMT
Not After : May 5 18:23:49 2025 GMT
Subject: CN=67d9ba39-f254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a2:a0:47:a5:e7:88:fa:ac:3e:40:a4:97:86:
21:92:68:e5:a6:45:8c:a5:2b:e1:b5:7a:04:49:59:
35:b3:62:3f:87:4d:d3:e4:dd:cb:b9:bd:88:e2:dd:
4d:fe:3e:f6:17:b7:5b:ce:09:52:17:ff:bd:70:0d:
a3:58:95:f3:7b:ef:25:af:36:46:1c:ed:f2:ad:13:
17:68:15:98:92:a8:d0:ba:50:be:19:d3:c0:d0:d5:
ea:32:5e:95:61:59:0a:2d:30:84:95:69:d0:70:9f:
ab:f8:85:1b:c0:a9:69:8f:da:15:52:58:e5:9c:75:
78:b4:c0:d0:00:bd:95:b4:bc:5d:8c:e4:b6:e4:7f:
e4:04:3d:ba:5a:69:65:db:52:ee:50:a1:ef:c9:6f:
57:39:d4:4d:8d:9d:93:14:d8:29:10:91:9b:4e:2e:
63:cf:46:9e:1c:d1:d9:c5:11:64:38:c8:b9:ee:26:
a1:70:4b:5d:51:8b:27:45:28:b0:c0:3c:ea:02:71:
b2:1d:2a:33:50:0d:a5:bb:e6:25:c4:79:99:71:6f:
24:d4:b2:30:e1:f1:66:cd:c1:74:ae:fd:62:0c:6a:
ff:ac:74:51:ae:77:b0:41:6d:a0:f7:88:2c:34:a6:
5a:15:8f:68:83:47:ca:ee:e5:0a:3c:7f:c2:29:2c:
74:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:12:9E:B0:B0:16:F0:F2:68:87:1E:73:0E:0D:45:38:64:D3:92:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25830A4A042611F09D25DD80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.20.0/23
154.218.23.0-154.218.24.255
154.222.208.0/22
154.222.223.0/24
154.222.247.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:17:60:2f:b6:bb:6e:a1:fb:50:0c:51:eb:99:18:a2:32:fa:
d0:46:26:f7:8a:db:05:18:b5:43:fd:17:ca:d4:28:f7:7a:d1:
1f:5d:b6:4f:0f:ed:69:e0:22:df:de:15:bc:3a:bd:78:d7:08:
09:c9:de:71:9a:db:a8:c1:b6:41:34:ad:dc:46:40:2d:6d:0a:
7b:63:5d:01:12:cb:a7:15:c5:07:8a:9c:dd:21:14:5c:dc:4a:
26:03:30:12:27:77:9d:5f:4e:59:d0:c4:6b:26:8d:22:7a:1d:
1e:c8:21:46:65:3d:3b:5f:4a:66:e3:6e:0d:ed:77:45:a0:c0:
ef:b6:c2:12:52:f5:a4:ab:32:cd:03:67:99:42:7d:2f:38:ce:
e4:49:86:b1:2e:49:6e:fb:65:fa:53:39:74:e1:7b:e0:ae:7a:
6b:fd:04:cb:7d:e5:6c:72:9d:00:b9:8f:a0:ca:74:4c:1f:a6:
15:ad:65:92:96:18:8e:a2:b6:01:fc:4e:d9:e5:bb:3a:98:39:
47:54:ee:bc:7a:8c:c6:f9:04:82:01:1d:f4:31:a6:fa:f9:7f:
0f:81:62:fb:93:8d:71:d2:3d:26:91:bd:ff:a6:58:ea:50:c7:
f3:36:41:58:25:99:c7:49:d8:4f:cc:19:7e:35:3d:1a:85:23:
14:01:c6:fe
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAXTqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MTgyMzQ5WhcNMjUwNTA1MTgyMzQ5WjAYMRYw
FAYDVQQDEw02N2Q5YmEzOS1mMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzaKgR6XniPqsPkCkl4YhkmjlpkWMpSvhtXoESVk1s2I/h03T5N3Lub2I
4t1N/j72F7dbzglSF/+9cA2jWJXze+8lrzZGHO3yrRMXaBWYkqjQulC+GdPA0NXq
Ml6VYVkKLTCElWnQcJ+r+IUbwKlpj9oVUljlnHV4tMDQAL2VtLxdjOS25H/kBD26
Wmll21LuUKHvyW9XOdRNjZ2TFNgpEJGbTi5jz0aeHNHZxRFkOMi57iahcEtdUYsn
RSiwwDzqAnGyHSozUA2lu+YlxHmZcW8k1LIw4fFmzcF0rv1iDGr/rHRRrnewQW2g
94gsNKZaFY9og0fK7uUKPH/CKSx06wIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFOAS
nrCwFvDyaIcecw4NRThk05LZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNTgzMEE0QTA0MjYxMUYwOUQyNUREODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBmtoUMAwDBACa2hcDBACa
2hgDBAKa3tADBACa3t8DBACa3vcwDQYJKoZIhvcNAQELBQADggEBAE8XYC+2u26h
+1AMUeuZGKIy+tBGJveK2wUYtUP9F8rUKPd60R9dtk8P7WngIt/eFbw6vXjXCAnJ
3nGa26jBtkE0rdxGQC1tCntjXQESy6cVxQeKnN0hFFzcSiYDMBInd51fTlnQxGsm
jSJ6HR7IIUZlPTtfSmbjbg3td0WgwO+2whJS9aSrMs0DZ5lCfS84zuRJhrEuSW77
ZfpTOXThe+Cuemv9BMt95WxynQC5j6DKdEwfphWtZZKWGI6itgH8TtnluzqYOUdU
7rx6jMb5BIIBHfQxpvr5fw+BYvuTjXHSPSaRvf+mWOpQx/M2QVglmcdJ2E/MGX41
PRqFIxQBxv4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:52 2025 by rpki-client