Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/637774D2040611F0A3EA8DBD762E951A.roa
File: 637774D2040611F0A3EA8DBD762E951A.roa (raw, json)
Hash identifier: r18conNiR5yOXI7Cm81lpIcEklbFZYgO1TC+K5VjGNU=
Subject key identifier: 23:73:52:AA:29:E2:E3:86:98:0F:01:23:F2:16:C7:96:98:9A:EF:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0174A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/637774D2040611F0A3EA8DBD762E951A.roa
Signing time: Tue 18 Mar 2025 14:36:33 +0000
ROA not before: Tue 18 Mar 2025 14:36:29 +0000
ROA not after: Mon 05 May 2025 14:36:29 +0000
asID: 49505
IP address blocks: 154.209.208.0/24 maxlen: 24
154.209.214.0/24 maxlen: 24
154.209.223.0/24 maxlen: 24
154.211.9.0/24 maxlen: 24
154.211.11.0/24 maxlen: 24
154.211.16.0/24 maxlen: 24
154.211.17.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95400 (0x174a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 18 14:36:29 2025 GMT
Not After : May 5 14:36:29 2025 GMT
Subject: CN=67d984f1-e375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:31:17:1b:53:a8:e3:c1:1a:d4:df:36:1d:4e:
6c:7a:3a:5c:78:64:ef:dc:3e:31:3c:98:7f:68:fc:
55:4b:51:b9:1b:df:81:7a:2b:3c:6b:d1:67:0b:8c:
1d:cb:6b:07:76:dd:f2:2f:76:7e:2d:5b:f1:ea:89:
a6:f5:ea:95:93:fb:e2:3c:98:29:ee:2e:15:b7:73:
87:53:23:3c:63:67:24:78:5b:01:60:39:0a:60:30:
e1:d0:18:61:9e:8c:cd:b7:28:ca:1f:61:4f:b6:90:
31:a8:ec:29:88:f4:3e:2c:5d:ee:b7:fb:12:d1:6b:
d6:97:0d:ff:09:92:22:ba:be:d4:a1:c6:17:c1:87:
9a:a8:61:b7:ad:9c:52:00:64:db:30:97:e4:59:d7:
e2:a7:c9:48:4a:d1:fe:4c:95:1c:a2:47:b0:80:39:
0b:02:fa:94:5d:6e:76:06:f9:e5:55:32:d1:84:45:
a0:d8:d2:6a:0e:e8:b3:34:10:74:c3:83:f1:e7:a4:
0b:37:1e:cd:46:87:98:41:b8:8d:90:73:b2:ef:a0:
41:3f:50:b3:5a:11:26:2b:25:86:f9:d6:66:c4:c0:
29:98:33:67:dc:54:bb:ce:95:20:e5:23:2b:1d:13:
67:10:36:97:ac:12:09:d4:12:43:8c:78:bc:a1:99:
6a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:73:52:AA:29:E2:E3:86:98:0F:01:23:F2:16:C7:96:98:9A:EF:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/637774D2040611F0A3EA8DBD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.208.0/24
154.209.214.0/24
154.209.223.0/24
154.211.9.0/24
154.211.11.0/24
154.211.16.0/23
154.211.19.0/24
154.212.28.0/23
Signature Algorithm: sha256WithRSAEncryption
68:36:67:ff:fd:5b:09:56:d1:9a:29:a0:5d:ce:b5:88:a9:97:
21:c5:e3:22:50:f3:b0:9b:d2:31:eb:10:cb:5f:15:dd:11:e0:
e7:67:82:c0:8e:83:d2:da:01:90:1d:60:b2:c6:ce:0c:ad:ac:
6a:02:bb:82:76:ab:00:6a:5c:af:31:1f:c1:df:0c:c6:6d:1f:
ad:ed:54:49:3b:2f:b1:9d:22:74:de:a5:e9:8e:06:0c:c3:b9:
cd:83:e0:04:df:50:cb:38:00:1d:61:fb:5d:67:de:f7:a5:0d:
32:f8:65:13:62:c5:2d:2a:81:5b:71:14:3f:54:a9:b0:0a:93:
70:ea:dc:52:ff:dd:ed:94:0a:b9:7e:db:3e:a3:fa:7b:dc:c8:
98:8f:51:f4:5d:4c:0d:9c:40:ed:8a:08:02:10:97:8b:c2:e1:
29:04:a4:a3:72:46:de:5a:6c:65:be:06:46:28:fb:d0:df:07:
a5:21:67:ce:9b:c3:34:73:22:7f:34:22:58:b2:ef:17:0c:6a:
4b:59:e7:f8:a8:3a:07:72:ed:7d:65:9f:de:a0:0c:5c:d4:c4:
6b:b7:58:a5:45:f7:a4:4b:be:41:fb:3a:f9:da:51:b1:e6:63:
92:a4:62:57:ce:4c:9a:e5:47:8c:ee:b4:4f:43:54:f8:61:d7:
e1:0f:f3:3c
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDAXSoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MTQzNjI5WhcNMjUwNTA1MTQzNjI5WjAYMRYw
FAYDVQQDEw02N2Q5ODRmMS1lMzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0TEXG1Oo48Ea1N82HU5sejpceGTv3D4xPJh/aPxVS1G5G9+Beis8a9Fn
C4wdy2sHdt3yL3Z+LVvx6omm9eqVk/viPJgp7i4Vt3OHUyM8Y2ckeFsBYDkKYDDh
0BhhnozNtyjKH2FPtpAxqOwpiPQ+LF3ut/sS0WvWlw3/CZIiur7UocYXwYeaqGG3
rZxSAGTbMJfkWdfip8lIStH+TJUcokewgDkLAvqUXW52BvnlVTLRhEWg2NJqDuiz
NBB0w4Px56QLNx7NRoeYQbiNkHOy76BBP1CzWhEmKyWG+dZmxMApmDNn3FS7zpUg
5SMrHRNnEDaXrBIJ1BJDjHi8oZlqSQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFCNz
Uqop4uOGmA8BI/IWx5aYmu8nMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82Mzc3NzREMjA0MDYxMUYwQTNFQThEQkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAmtHQAwQAmtHWAwQAmtHf
AwQAmtMJAwQAmtMLAwQBmtMQAwQAmtMTAwQBmtQcMA0GCSqGSIb3DQEBCwUAA4IB
AQBoNmf//VsJVtGaKaBdzrWIqZchxeMiUPOwm9Ix6xDLXxXdEeDnZ4LAjoPS2gGQ
HWCyxs4MraxqAruCdqsAalyvMR/B3wzGbR+t7VRJOy+xnSJ03qXpjgYMw7nNg+AE
31DLOAAdYftdZ973pQ0y+GUTYsUtKoFbcRQ/VKmwCpNw6txS/93tlAq5fts+o/p7
3MiYj1H0XUwNnEDtiggCEJeLwuEpBKSjckbeWmxlvgZGKPvQ3welIWfOm8M0cyJ/
NCJYsu8XDGpLWef4qDoHcu19ZZ/eoAxc1MRrt1ilRfekS75B+zr52lGx5mOSpGJX
zkya5UeM7rRPQ1T4YdfhD/M8
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:47 2025 by rpki-client