Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36D36504332B11F0A73210CCDAE4EC9C.roa
File: 36D36504332B11F0A73210CCDAE4EC9C.roa (raw, json)
Hash identifier: jDCnW34d7qNPBR/TjFHA3DVTWJ3FgHJ+qbyVD3Rm7j0=
Subject key identifier: 63:69:7E:D3:9D:9D:40:E3:6F:86:6E:46:D4:93:31:3A:29:A4:E7:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018144
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36D36504332B11F0A73210CCDAE4EC9C.roa
Signing time: Sat 17 May 2025 14:28:35 +0000
ROA not before: Sat 17 May 2025 14:28:30 +0000
ROA not after: Tue 16 Jun 2026 14:28:30 +0000
asID: 984
IP address blocks: 154.196.176.0/24 maxlen: 24
154.196.177.0/24 maxlen: 24
154.196.178.0/24 maxlen: 24
154.196.179.0/24 maxlen: 24
154.196.180.0/24 maxlen: 24
154.196.187.0/24 maxlen: 24
154.199.0.0/24 maxlen: 24
154.200.0.0/24 maxlen: 24
154.200.1.0/24 maxlen: 24
154.200.2.0/24 maxlen: 24
154.200.3.0/24 maxlen: 24
154.200.4.0/24 maxlen: 24
154.200.5.0/24 maxlen: 24
154.200.6.0/24 maxlen: 24
154.200.7.0/24 maxlen: 24
154.200.8.0/24 maxlen: 24
154.200.9.0/24 maxlen: 24
154.200.10.0/24 maxlen: 24
154.200.11.0/24 maxlen: 24
154.200.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98628 (0x18144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 17 14:28:30 2025 GMT
Not After : Jun 16 14:28:30 2026 GMT
Subject: CN=68289d13-9291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b1:84:cd:25:6b:a2:08:37:3f:b9:0b:00:e9:
65:7f:72:ec:eb:2e:51:3b:4b:42:dd:fb:b4:36:04:
fd:a0:24:f1:5e:28:41:01:f8:d3:43:1c:53:7e:35:
d5:69:b0:2d:72:05:49:f9:af:ba:93:6c:c6:54:ee:
09:1b:d7:7e:cc:3d:5d:60:22:b6:a0:77:f4:72:01:
65:5b:58:a4:fb:26:d2:27:8b:1b:7a:3b:59:50:cb:
2d:96:cc:c6:20:61:91:04:14:8d:ab:89:1c:ff:98:
33:92:53:44:79:1d:dc:f4:68:51:2e:60:37:a0:a3:
2f:96:85:7b:3f:a1:35:08:7f:61:29:fb:f1:32:a6:
68:c2:52:80:ed:a8:67:74:86:4b:dc:5e:f4:bd:a2:
aa:a4:fa:e3:08:a1:75:0e:e6:5f:22:91:92:0f:aa:
0c:45:f2:e7:3d:58:24:4d:3b:8a:44:2f:87:ff:9d:
32:d0:79:cd:16:77:d7:14:d8:0a:00:81:40:f0:76:
bd:b2:a0:87:29:1c:43:ff:73:a2:eb:17:84:ab:af:
e2:a4:90:1c:68:e1:d9:9f:b2:80:62:4c:ec:87:04:
00:fe:ab:a9:f6:75:62:5b:ff:28:d1:ff:5e:55:28:
94:3d:17:b1:c1:ce:9b:f5:00:aa:91:48:69:82:1d:
89:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:69:7E:D3:9D:9D:40:E3:6F:86:6E:46:D4:93:31:3A:29:A4:E7:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36D36504332B11F0A73210CCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.176.0-154.196.180.255
154.196.187.0/24
154.199.0.0/24
154.200.0.0-154.200.12.255
Signature Algorithm: sha256WithRSAEncryption
a4:8e:1a:fd:dd:80:1e:98:3a:1b:2a:b5:32:8f:2b:07:88:e1:
c3:83:7b:83:01:2a:8e:59:6c:ce:26:90:d7:aa:67:be:fd:c6:
0d:02:7a:52:a3:24:1d:c7:1c:3a:eb:13:06:27:77:a5:a8:2c:
85:3f:4a:11:94:4e:58:a4:b8:9b:27:5d:5c:a7:0d:ec:93:42:
77:d4:05:71:29:ac:ed:e7:9f:1a:53:cb:12:78:4a:fb:0a:8f:
56:29:f6:62:17:d3:d3:4d:bd:1d:3e:c6:b6:78:8d:9a:75:aa:
9b:df:5b:5e:01:f8:25:a6:d6:73:b3:86:92:46:63:ad:f5:e5:
08:3f:98:db:80:f1:fd:a4:4d:39:3b:84:2d:80:49:fa:20:61:
64:11:05:ad:0f:35:67:21:85:d1:f8:57:84:eb:c8:b5:8c:55:
3d:be:3d:46:f4:9a:3e:28:04:5b:f0:2a:26:f4:6b:ff:56:f6:
b6:aa:38:4d:2f:4e:c0:2f:97:47:f6:7b:e2:15:31:f5:81:7b:
a0:fc:71:3e:da:f9:f1:d9:c2:a5:be:b4:d0:9b:04:72:de:b9:
f2:c8:59:14:0d:54:c3:ec:53:d4:60:85:26:6c:a7:30:92:dc:
d6:5b:ce:ea:07:8f:93:ce:06:4e:0e:b0:87:59:a2:12:55:90:
a7:42:f8:dc
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAYFEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE3MTQyODMwWhcNMjYwNjE2MTQyODMwWjAYMRYw
FAYDVQQDEw02ODI4OWQxMy05MjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqLGEzSVrogg3P7kLAOllf3Ls6y5RO0tC3fu0NgT9oCTxXihBAfjTQxxT
fjXVabAtcgVJ+a+6k2zGVO4JG9d+zD1dYCK2oHf0cgFlW1ik+ybSJ4sbejtZUMst
lszGIGGRBBSNq4kc/5gzklNEeR3c9GhRLmA3oKMvloV7P6E1CH9hKfvxMqZowlKA
7ahndIZL3F70vaKqpPrjCKF1DuZfIpGSD6oMRfLnPVgkTTuKRC+H/50y0HnNFnfX
FNgKAIFA8Ha9sqCHKRxD/3Oi6xeEq6/ipJAcaOHZn7KAYkzshwQA/qup9nViW/8o
0f9eVSiUPRexwc6b9QCqkUhpgh2JDQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFGNp
ftOdnUDjb4ZuRtSTMToppOflMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkQzNjUwNDMzMkIxMUYwQTczMjEwQ0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnMAwDBASaxLADBACaxLQDBACa
xLsDBACaxwAwCwMDA5rIAwQAmsgMMA0GCSqGSIb3DQEBCwUAA4IBAQCkjhr93YAe
mDobKrUyjysHiOHDg3uDASqOWWzOJpDXqme+/cYNAnpSoyQdxxw66xMGJ3elqCyF
P0oRlE5YpLibJ11cpw3sk0J31AVxKazt558aU8sSeEr7Co9WKfZiF9PTTb0dPsa2
eI2adaqb31teAfglptZzs4aSRmOt9eUIP5jbgPH9pE05O4QtgEn6IGFkEQWtDzVn
IYXR+FeE68i1jFU9vj1G9Jo+KARb8Com9Gv/Vva2qjhNL07AL5dH9nviFTH1gXug
/HE+2vnx2cKlvrTQmwRy3rnyyFkUDVTD7FPUYIUmbKcwktzWW87qB4+TzgZODrCH
WaISVZCnQvjc
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:11:15 2025 by rpki-client