Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4EA9FFEC3BA211F0B738159CDAE4EC9C.roa
File: 4EA9FFEC3BA211F0B738159CDAE4EC9C.roa (raw, json)
Hash identifier: WXquBL7dsGEoiWMhXRbGQRHRLKLi2Z1D+Mzc1WRhp6c=
Subject key identifier: 67:01:4B:8D:71:E2:BB:7A:72:C1:9C:67:1A:F0:A9:D9:7C:3E:75:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018328
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4EA9FFEC3BA211F0B738159CDAE4EC9C.roa
Signing time: Wed 28 May 2025 09:01:14 +0000
ROA not before: Wed 28 May 2025 09:01:09 +0000
ROA not after: Sat 07 Jun 2025 09:01:09 +0000
asID: 9009
IP address blocks: 154.216.192.0/24 maxlen: 24
154.216.200.0/24 maxlen: 24
154.216.216.0/24 maxlen: 24
154.216.221.0/24 maxlen: 24
154.216.225.0/24 maxlen: 24
154.216.226.0/24 maxlen: 24
154.216.230.0/24 maxlen: 24
154.216.235.0/24 maxlen: 24
154.216.251.0/24 maxlen: 24
154.216.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99112 (0x18328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 09:01:09 2025 GMT
Not After : Jun 7 09:01:09 2025 GMT
Subject: CN=6836d0da-aef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3c:a7:2b:45:e6:be:38:30:68:62:99:65:74:
db:91:39:dc:4c:71:da:80:73:ca:eb:42:9a:63:a9:
f2:23:6d:80:66:21:2a:f6:39:65:57:16:da:6c:41:
77:01:86:0b:81:a1:d0:2f:25:fe:cf:f4:dc:30:ea:
3b:1a:50:ec:3d:3a:ab:40:a3:77:38:c3:13:a1:fc:
90:77:6b:1f:8d:64:cf:e9:02:ae:a4:a4:83:76:18:
49:4a:9e:6c:17:1e:e7:3e:27:33:84:71:9e:22:7a:
85:b4:15:62:d1:27:b6:84:7f:9f:bf:71:e2:fd:fb:
e8:c7:d6:9a:ef:dc:66:f7:34:d5:ae:89:33:d2:d0:
cb:2e:b2:eb:6a:6b:33:e5:d9:45:81:f9:14:df:e8:
a0:6d:02:97:97:f3:0e:c1:25:e8:b8:a8:04:fa:33:
fe:cf:4d:1b:9b:4b:1a:04:d8:20:e3:ea:30:c7:ef:
9a:97:9f:4b:c0:db:ba:6b:3d:df:21:c6:db:6f:f0:
b6:26:8f:2e:e4:96:37:ce:bd:90:f4:16:4d:d1:b2:
c2:9e:85:36:77:2e:4c:ba:35:22:a4:77:76:4d:e0:
7c:29:ae:02:7a:82:bb:c2:7b:f8:2c:8b:c2:ac:5b:
d3:5c:80:a4:16:c3:a4:17:15:ef:7c:df:5b:3a:dd:
64:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:01:4B:8D:71:E2:BB:7A:72:C1:9C:67:1A:F0:A9:D9:7C:3E:75:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4EA9FFEC3BA211F0B738159CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.192.0/24
154.216.200.0/24
154.216.216.0/24
154.216.221.0/24
154.216.225.0-154.216.226.255
154.216.230.0/24
154.216.235.0/24
154.216.251.0/24
154.216.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:29:31:a1:ca:bb:52:a1:c7:3b:47:80:2a:fe:46:08:32:1a:
6e:56:c1:f9:24:d3:67:e2:88:95:d6:52:11:2c:cf:69:72:02:
92:2f:b8:ee:21:20:13:b6:33:41:85:77:e3:3e:cb:88:60:0e:
55:7f:41:a0:dd:ad:c1:99:59:9d:6e:ba:d4:23:32:5a:ec:69:
ea:0d:c9:10:d2:78:bb:24:ee:00:de:ab:3c:e8:5b:cd:e8:24:
68:a1:5b:2e:cb:58:53:a8:ea:33:60:81:13:59:cd:e7:75:9f:
6e:a8:06:5c:f0:35:79:8a:9f:6a:87:95:ae:a9:f5:8e:da:13:
fc:c3:74:cd:ff:1b:8d:d6:55:b1:3b:d5:04:9d:c8:ee:83:cc:
a3:5b:83:c9:fa:b0:2f:22:5e:a2:4e:37:0b:29:88:9d:1c:ff:
36:7e:74:e3:b9:41:c9:63:30:a5:4f:8d:0a:b8:c7:70:49:aa:
21:27:46:74:b1:37:c1:08:ee:3c:65:cf:d4:f6:1f:0e:d0:42:
c8:e9:12:bd:ac:4e:97:cd:2e:d3:f8:c5:bf:0f:60:0a:6c:26:
48:4d:3f:bf:1b:0b:eb:70:c2:bf:77:8c:83:93:a4:bf:ae:0b:
49:28:1e:e7:90:87:c6:ec:db:20:82:c4:48:9a:86:91:ee:b9:
73:63:25:8d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAYMoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MDkwMTA5WhcNMjUwNjA3MDkwMTA5WjAYMRYw
FAYDVQQDEw02ODM2ZDBkYS1hZWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtzynK0XmvjgwaGKZZXTbkTncTHHagHPK60KaY6nyI22AZiEq9jllVxba
bEF3AYYLgaHQLyX+z/TcMOo7GlDsPTqrQKN3OMMTofyQd2sfjWTP6QKupKSDdhhJ
Sp5sFx7nPiczhHGeInqFtBVi0Se2hH+fv3Hi/fvox9aa79xm9zTVrokz0tDLLrLr
amsz5dlFgfkU3+igbQKXl/MOwSXouKgE+jP+z00bm0saBNgg4+owx++al59LwNu6
az3fIcbbb/C2Jo8u5JY3zr2Q9BZN0bLCnoU2dy5MujUipHd2TeB8Ka4CeoK7wnv4
LIvCrFvTXICkFsOkFxXvfN9bOt1kNwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFGcB
S41x4rt6csGcZxrwqdl8PnV5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RUE5RkZFQzNCQTIxMUYwQjczODE1OUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmtjAAwQAmtjIAwQAmtjY
AwQAmtjdMAwDBACa2OEDBACa2OIDBACa2OYDBACa2OsDBACa2PsDBACa2P8wDQYJ
KoZIhvcNAQELBQADggEBAA0pMaHKu1KhxztHgCr+RggyGm5Wwfkk02fiiJXWUhEs
z2lyApIvuO4hIBO2M0GFd+M+y4hgDlV/QaDdrcGZWZ1uutQjMlrsaeoNyRDSeLsk
7gDeqzzoW83oJGihWy7LWFOo6jNggRNZzed1n26oBlzwNXmKn2qHla6p9Y7aE/zD
dM3/G43WVbE71QSdyO6DzKNbg8n6sC8iXqJONwspiJ0c/zZ+dOO5QcljMKVPjQq4
x3BJqiEnRnSxN8EI7jxlz9T2Hw7QQsjpEr2sTpfNLtP4xb8PYApsJkhNP78bC+tw
wr93jIOTpL+uC0koHueQh8bs2yCCxEiahpHuuXNjJY0=
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:14:35 2025 by rpki-client