Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AF65A5E3BC511F08CC6AF7BDAE4EC9C.roa
File: 3AF65A5E3BC511F08CC6AF7BDAE4EC9C.roa (raw, json)
Hash identifier: cfg+exOr8KL9TedzG6t5b1LziwlVc++ai6P6XC38Fuk=
Subject key identifier: 60:CD:59:36:57:51:99:51:97:8E:3E:F7:FE:7E:1E:8B:13:1C:1E:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018378
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AF65A5E3BC511F08CC6AF7BDAE4EC9C.roa
Signing time: Wed 28 May 2025 13:11:14 +0000
ROA not before: Wed 28 May 2025 13:11:09 +0000
ROA not after: Sun 06 Jul 2025 13:11:09 +0000
asID: 48031
IP address blocks: 154.218.20.0/24 maxlen: 24
154.218.21.0/24 maxlen: 24
154.218.23.0/24 maxlen: 24
154.218.24.0/24 maxlen: 24
154.222.207.0/24 maxlen: 24
154.222.208.0/24 maxlen: 24
154.222.209.0/24 maxlen: 24
154.222.210.0/24 maxlen: 24
154.222.211.0/24 maxlen: 24
154.222.212.0/24 maxlen: 24
154.222.213.0/24 maxlen: 24
154.222.214.0/24 maxlen: 24
154.222.223.0/24 maxlen: 24
154.222.240.0/24 maxlen: 24
154.222.241.0/24 maxlen: 24
154.222.243.0/24 maxlen: 24
154.222.244.0/24 maxlen: 24
154.222.245.0/24 maxlen: 24
154.222.246.0/24 maxlen: 24
154.222.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99192 (0x18378)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 13:11:09 2025 GMT
Not After : Jul 6 13:11:09 2025 GMT
Subject: CN=68370b71-826a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9e:0f:ff:18:9e:32:12:57:13:1d:02:8f:3b:
61:67:95:88:dd:b4:ec:12:d2:17:9d:1d:af:b4:bb:
49:b2:78:a8:30:ca:dd:d4:3a:b1:be:0a:05:c6:17:
ed:dd:40:3b:2e:2b:16:e4:a8:a8:8e:c9:db:b3:02:
b2:3a:e7:44:c1:dc:bb:64:23:a0:b7:5c:39:43:12:
8f:af:df:4e:00:0d:d1:1c:eb:6f:29:0a:8a:2b:2b:
f8:1f:a4:c3:8c:7c:de:6d:ec:64:ff:b6:a5:d1:09:
72:59:d6:35:60:7e:e8:f9:7a:09:b6:c7:f2:95:24:
a7:dc:8f:9f:23:d0:e4:bf:21:6d:d7:91:90:b3:83:
21:5b:f5:89:fd:75:ea:c9:b8:ba:9c:4a:3b:f5:de:
74:3d:cf:40:45:b2:e4:3c:16:a5:68:ea:93:9b:1f:
ce:fb:95:51:3e:99:37:65:c0:17:36:3d:d7:3f:14:
ba:32:f8:70:b3:61:d9:7b:e2:e6:36:d2:45:09:c4:
af:b4:a9:83:76:3d:b4:35:02:90:ab:25:7d:74:70:
73:58:08:97:9f:62:03:f0:13:fc:da:3c:45:6c:fb:
37:37:54:13:c2:e9:9b:f9:91:9f:58:e6:9b:76:13:
62:d7:14:4a:ed:c0:98:89:ff:2a:ea:f4:b5:6e:03:
40:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CD:59:36:57:51:99:51:97:8E:3E:F7:FE:7E:1E:8B:13:1C:1E:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AF65A5E3BC511F08CC6AF7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.20.0/23
154.218.23.0-154.218.24.255
154.222.207.0-154.222.214.255
154.222.223.0/24
154.222.240.0/23
154.222.243.0-154.222.247.255
Signature Algorithm: sha256WithRSAEncryption
0f:08:82:70:36:2b:58:09:d4:37:9c:14:b9:7a:42:34:47:24:
bd:f8:72:f8:b8:4d:9f:20:1f:10:84:1f:c3:7d:5d:23:7c:4f:
ec:0a:3f:33:32:48:e3:af:cb:ea:50:2b:ec:a4:c2:65:55:34:
f1:3c:77:03:a7:0a:20:46:4b:ae:bf:96:36:61:c0:57:ec:61:
cc:f4:71:09:64:0e:93:09:4d:3b:75:ae:35:46:51:fd:9d:82:
d4:ce:e2:0d:76:ec:26:40:e2:d9:27:a0:3b:89:3b:18:4c:6c:
19:e9:ce:ef:09:e0:b7:d3:b0:52:65:2f:b7:ee:29:c7:8f:66:
b1:9f:5d:c3:93:51:f1:8a:76:ad:ae:21:0b:73:df:1f:c2:e3:
2d:d7:3e:8a:6e:e2:a4:1d:30:40:37:f7:1a:29:c1:8b:90:7a:
72:08:1d:bc:6d:11:59:21:b5:12:47:e3:a7:43:e9:27:df:a4:
23:2d:e1:5e:ce:24:2f:6c:04:9a:ad:e8:94:b3:f3:06:77:33:
9e:b3:2e:70:63:c2:f4:56:03:f6:16:b6:5a:37:45:41:72:89:
5f:dc:3c:ec:8b:97:79:a4:71:3c:a3:bf:7c:b2:ea:25:0f:09:
8c:b4:6d:e1:5c:31:f1:21:f8:4a:6a:17:bd:7f:11:3d:5b:de:
06:39:07:ca
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAYN4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTMxMTA5WhcNMjUwNzA2MTMxMTA5WjAYMRYw
FAYDVQQDEw02ODM3MGI3MS04MjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2p4P/xieMhJXEx0CjzthZ5WI3bTsEtIXnR2vtLtJsnioMMrd1DqxvgoF
xhft3UA7LisW5KiojsnbswKyOudEwdy7ZCOgt1w5QxKPr99OAA3RHOtvKQqKKyv4
H6TDjHzebexk/7al0QlyWdY1YH7o+XoJtsfylSSn3I+fI9DkvyFt15GQs4MhW/WJ
/XXqybi6nEo79d50Pc9ARbLkPBalaOqTmx/O+5VRPpk3ZcAXNj3XPxS6Mvhws2HZ
e+LmNtJFCcSvtKmDdj20NQKQqyV9dHBzWAiXn2ID8BP82jxFbPs3N1QTwumb+ZGf
WOabdhNi1xRK7cCYif8q6vS1bgNABQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFGDN
WTZXUZlRl44+9/5+HosTHB59MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQUY2NUE1RTNCQzUxMUYwOENDNkFGN0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBmtoUMAwDBACa2hcDBACa
2hgwDAMEAJrezwMEAJre1gMEAJre3wMEAZre8DAMAwQAmt7zAwQDmt7wMA0GCSqG
SIb3DQEBCwUAA4IBAQAPCIJwNitYCdQ3nBS5ekI0RyS9+HL4uE2fIB8QhB/DfV0j
fE/sCj8zMkjjr8vqUCvspMJlVTTxPHcDpwogRkuuv5Y2YcBX7GHM9HEJZA6TCU07
da41RlH9nYLUzuINduwmQOLZJ6A7iTsYTGwZ6c7vCeC307BSZS+37inHj2axn13D
k1HxinatriELc98fwuMt1z6KbuKkHTBAN/caKcGLkHpyCB28bRFZIbUSR+OnQ+kn
36QjLeFeziQvbASareiUs/MGdzOesy5wY8L0VgP2FrZaN0VBcolf3Dzsi5d5pHE8
o798suolDwmMtG3hXDHxIfhKahe9fxE9W94GOQfK
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:12:10 2025 by rpki-client