Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/495CE6B6F66611EF95DA699A762E951A.roa
File: 495CE6B6F66611EF95DA699A762E951A.roa (raw, json)
Hash identifier: h0yk1VE3Zmi9ZwAzYX6fWpkuzsO1rAXu009aJCklcQk=
Subject key identifier: 79:E5:4D:7C:DE:E6:73:F1:53:30:16:F1:C1:9E:E5:A6:37:F8:A5:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D38
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/495CE6B6F66611EF95DA699A762E951A.roa
Signing time: Sat 01 Mar 2025 06:27:45 +0000
ROA not before: Sat 01 Mar 2025 06:27:41 +0000
ROA not after: Sat 19 Feb 2028 06:27:41 +0000
asID: 17561
IP address blocks: 154.82.17.0/24 maxlen: 24
154.82.21.0/24 maxlen: 24
154.82.23.0/24 maxlen: 24
154.82.25.0/24 maxlen: 24
154.82.137.0/24 maxlen: 24
154.82.169.0/24 maxlen: 24
154.82.172.0/24 maxlen: 24
154.82.180.0/24 maxlen: 24
154.82.200.0/24 maxlen: 24
154.82.212.0/24 maxlen: 24
154.82.218.0/24 maxlen: 24
154.82.228.0/24 maxlen: 24
154.82.231.0/24 maxlen: 24
154.82.241.0/24 maxlen: 24
154.82.246.0/24 maxlen: 24
154.85.4.0/24 maxlen: 24
154.85.6.0/24 maxlen: 24
154.85.22.0/24 maxlen: 24
154.85.23.0/24 maxlen: 24
154.85.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93496 (0x16d38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 06:27:41 2025 GMT
Not After : Feb 19 06:27:41 2028 GMT
Subject: CN=67c2a8e1-9be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:08:75:90:94:5b:45:fa:8c:78:95:f6:c6:c6:
b1:e2:46:e2:d7:f4:2a:8e:5f:ff:83:97:3b:ba:7a:
c5:39:f6:64:44:13:3a:83:a7:63:67:e2:5c:1f:77:
6b:8c:41:ba:a2:19:de:7a:2c:77:ca:0f:75:c3:81:
54:06:1e:d9:11:07:65:e2:70:88:12:91:03:0e:62:
18:57:ca:7b:b5:a6:12:4f:6f:1e:82:ea:a0:56:b9:
a2:41:12:73:23:49:fb:bc:c7:da:18:da:40:45:b2:
b4:7a:60:3d:3c:8c:ff:2d:5b:8b:13:13:f0:4c:44:
54:ff:5d:a0:88:2a:c3:a8:80:af:7c:2f:11:97:68:
c1:06:b9:bc:6d:82:b4:f5:69:d5:09:56:2b:d0:dc:
54:fc:15:51:84:b9:06:a0:23:09:99:94:cb:8b:6d:
c8:cd:6c:a8:f3:0b:d1:08:1c:7a:e1:c8:21:bf:9b:
8f:78:44:b7:5c:53:bd:27:00:2f:b3:37:10:cd:42:
e9:2d:23:e8:27:7d:65:62:a5:7e:e0:df:68:9a:b4:
c7:c7:7e:40:a9:5e:fa:1b:68:7d:e9:c2:d0:fc:b3:
f7:24:5f:35:31:3c:df:51:91:c7:64:8c:bc:c9:36:
25:cd:49:84:73:77:d1:0b:3a:e9:72:e7:ed:4d:b1:
c5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E5:4D:7C:DE:E6:73:F1:53:30:16:F1:C1:9E:E5:A6:37:F8:A5:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/495CE6B6F66611EF95DA699A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.17.0/24
154.82.21.0/24
154.82.23.0/24
154.82.25.0/24
154.82.137.0/24
154.82.169.0/24
154.82.172.0/24
154.82.180.0/24
154.82.200.0/24
154.82.212.0/24
154.82.218.0/24
154.82.228.0/24
154.82.231.0/24
154.82.241.0/24
154.82.246.0/24
154.85.4.0/24
154.85.6.0/24
154.85.22.0/23
154.85.27.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:26:95:b7:e4:0f:48:3a:f1:d6:4f:3f:19:e7:b4:80:52:1a:
c8:1b:15:77:64:e9:61:a6:93:59:c8:3d:b0:c2:cb:8d:27:77:
d0:6c:c3:90:65:24:a7:ad:b5:8a:9a:0c:b2:79:24:a3:91:2b:
b7:69:52:e9:1f:29:e2:57:6d:22:3a:d7:3e:02:df:71:16:ea:
19:09:d3:d6:5b:c9:c6:bd:01:aa:0a:8f:28:ca:80:f0:83:6e:
0d:a6:4d:0a:33:e8:60:13:73:d2:86:11:52:75:e4:88:09:2b:
ae:2a:b6:60:98:da:98:ff:a0:ff:d7:22:65:d9:47:5f:85:00:
7d:84:d2:89:6f:5b:36:51:d0:04:79:fc:74:1c:68:ce:3b:10:
7d:fb:24:1c:56:a2:9f:30:bc:c4:ed:ca:4c:41:3a:a0:34:9c:
b3:b4:b6:22:84:46:96:78:dd:bd:86:d6:ea:98:fb:6f:12:ad:
da:a9:e6:ad:3f:2a:59:31:45:c0:db:38:b1:1b:d3:99:60:da:
0a:82:a8:c2:e1:50:1c:03:28:63:10:9b:21:4d:10:e8:4a:52:
3d:86:e3:4d:00:35:4e:1c:ff:17:7b:e5:2d:4f:79:29:ca:c6:
66:06:34:f5:d2:9a:eb:4e:1d:25:d4:ed:9c:b6:8b:31:a9:a3:
30:fe:10:76
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIDAW04MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDYyNzQxWhcNMjgwMjE5MDYyNzQxWjAYMRYw
FAYDVQQDEw02N2MyYThlMS05YmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Ah1kJRbRfqMeJX2xsax4kbi1/Qqjl//g5c7unrFOfZkRBM6g6djZ+Jc
H3drjEG6ohneeix3yg91w4FUBh7ZEQdl4nCIEpEDDmIYV8p7taYST28eguqgVrmi
QRJzI0n7vMfaGNpARbK0emA9PIz/LVuLExPwTERU/12giCrDqICvfC8Rl2jBBrm8
bYK09WnVCVYr0NxU/BVRhLkGoCMJmZTLi23IzWyo8wvRCBx64cghv5uPeES3XFO9
JwAvszcQzULpLSPoJ31lYqV+4N9omrTHx35AqV76G2h96cLQ/LP3JF81MTzfUZHH
ZIy8yTYlzUmEc3fRCzrpcuftTbHFcQIDAQABo4IDEjCCAw4wHQYDVR0OBBYEFHnl
TXze5nPxUzAW8cGe5aY3+KWaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTVDRTZCNkY2NjYxMUVGOTVEQTY5OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAJpSEQMEAJpSFQMEAJpS
FwMEAJpSGQMEAJpSiQMEAJpSqQMEAJpSrAMEAJpStAMEAJpSyAMEAJpS1AMEAJpS
2gMEAJpS5AMEAJpS5wMEAJpS8QMEAJpS9gMEAJpVBAMEAJpVBgMEAZpVFgMEAJpV
GzANBgkqhkiG9w0BAQsFAAOCAQEAzCaVt+QPSDrx1k8/Gee0gFIayBsVd2TpYaaT
Wcg9sMLLjSd30GzDkGUkp621ipoMsnkko5Ert2lS6R8p4ldtIjrXPgLfcRbqGQnT
1lvJxr0BqgqPKMqA8INuDaZNCjPoYBNz0oYRUnXkiAkrriq2YJjamP+g/9ciZdlH
X4UAfYTSiW9bNlHQBHn8dBxozjsQffskHFainzC8xO3KTEE6oDScs7S2IoRGlnjd
vYbW6pj7bxKt2qnmrT8qWTFFwNs4sRvTmWDaCoKowuFQHAMoYxCbIU0Q6EpSPYbj
TQA1Thz/F3vlLU95KcrGZgY09dKa604dJdTtnLaLMamjMP4Qdg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:34:31 2025 by rpki-client