Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F07FDBAF58511EFB93ABE95762E951A.roa
File: 6F07FDBAF58511EFB93ABE95762E951A.roa (raw, json)
Hash identifier: KwKgpfrGIu+S9g7Z1pYLFwVsSRF+cX3zFCJpiWrb7V4=
Subject key identifier: 34:14:BD:D0:32:74:26:E7:E0:CE:D2:24:E6:44:7D:04:7E:E5:F1:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0169B7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F07FDBAF58511EFB93ABE95762E951A.roa
Signing time: Fri 28 Feb 2025 03:38:11 +0000
ROA not before: Fri 28 Feb 2025 03:38:07 +0000
ROA not after: Thu 19 Feb 2026 03:38:07 +0000
asID: 984
IP address blocks: 154.204.95.0/24 maxlen: 24
154.204.107.0/24 maxlen: 24
154.204.114.0/24 maxlen: 24
154.204.119.0/24 maxlen: 24
154.205.114.0/24 maxlen: 24
154.205.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92599 (0x169b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 03:38:07 2025 GMT
Not After : Feb 19 03:38:07 2026 GMT
Subject: CN=67c12fa3-e422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:32:ba:91:2f:f7:f7:b2:31:f9:2d:5e:b2:09:
b3:b6:9b:b1:b8:fd:4c:f8:ef:01:d8:22:09:67:3a:
07:39:70:97:4a:8d:00:bc:86:ae:1b:47:03:2b:0c:
26:2a:75:3d:1c:ce:f1:89:2a:e0:d5:1d:0f:27:d0:
41:d7:68:73:77:fb:e3:d0:4e:2d:d7:55:c7:13:4e:
c0:db:14:29:9c:2f:e0:22:84:01:81:e4:b6:26:26:
5e:54:5b:d5:52:eb:c4:79:bf:1f:0e:e6:e3:64:05:
9b:17:c0:81:cb:11:d6:a6:7c:80:4c:f5:c9:3d:47:
a2:c6:32:5b:5d:2f:a7:b9:40:1f:53:7f:bf:ea:86:
4b:2f:5b:81:b7:fe:6d:bc:d9:ee:f9:45:67:7a:e9:
43:53:a5:12:e4:fd:73:be:3f:01:16:fd:6d:d4:5f:
54:61:9b:12:1d:1d:57:5c:2f:0c:da:3c:b6:ec:75:
ba:53:cb:13:36:11:d1:37:e7:c6:05:58:d5:cb:c5:
83:85:8f:0a:72:a7:5b:bc:54:93:27:3b:d1:de:7e:
c8:ee:d6:b0:b5:48:ee:ee:a8:cf:e5:03:08:4f:cd:
8f:fd:9d:17:72:09:a7:6e:9a:2a:32:7e:e0:c0:4b:
0a:ac:13:23:f4:4e:53:2c:b7:11:9f:7d:1a:05:2c:
e1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:14:BD:D0:32:74:26:E7:E0:CE:D2:24:E6:44:7D:04:7E:E5:F1:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6F07FDBAF58511EFB93ABE95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.95.0/24
154.204.107.0/24
154.204.114.0/24
154.204.119.0/24
154.205.114.0/24
154.205.119.0/24
Signature Algorithm: sha256WithRSAEncryption
37:8b:2d:5b:2b:96:af:95:31:8a:bc:e4:a0:9c:5e:60:f3:61:
09:62:2c:77:8c:18:e9:87:de:63:55:4f:42:b5:86:53:d5:38:
f8:c6:67:6f:53:27:1d:f1:88:bb:e9:cb:a5:40:0b:c0:e5:fe:
12:72:8f:2a:aa:72:e0:7d:d7:f0:ca:2c:2d:ac:cd:16:41:f1:
06:c4:a6:e7:70:76:75:86:7f:b8:b8:ee:8a:e4:68:5f:de:ea:
f8:1a:8d:e8:24:1c:16:ee:66:99:a5:12:62:74:57:7f:00:88:
43:88:c7:a9:97:bc:6f:2d:dd:19:40:3b:7b:0a:e1:38:6e:37:
24:96:76:51:15:b6:58:7b:f0:c8:17:11:17:fa:0a:30:86:41:
73:af:7d:29:9d:74:2d:1b:45:bf:f8:75:16:9f:a1:e4:7b:f7:
04:3f:49:18:22:42:90:e3:bb:35:3b:cc:01:b3:f5:42:8a:a9:
ac:33:41:cf:48:c4:97:1e:1a:27:e0:1f:d7:cc:cf:05:ee:70:
de:97:b4:93:6e:9e:b3:15:77:c4:e2:e6:5a:8c:ec:dd:db:f3:
87:cc:54:1d:97:35:ed:e4:94:6a:cd:8d:94:80:2a:5a:47:5c:
f6:36:66:e6:ac:5b:6d:d6:7d:ec:e8:a1:8a:14:b9:94:0e:f0:
59:aa:91:5d
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAWm3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDMzODA3WhcNMjYwMjE5MDMzODA3WjAYMRYw
FAYDVQQDEw02N2MxMmZhMy1lNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvzK6kS/397Ix+S1esgmztpuxuP1M+O8B2CIJZzoHOXCXSo0AvIauG0cD
KwwmKnU9HM7xiSrg1R0PJ9BB12hzd/vj0E4t11XHE07A2xQpnC/gIoQBgeS2JiZe
VFvVUuvEeb8fDubjZAWbF8CByxHWpnyATPXJPUeixjJbXS+nuUAfU3+/6oZLL1uB
t/5tvNnu+UVneulDU6US5P1zvj8BFv1t1F9UYZsSHR1XXC8M2jy27HW6U8sTNhHR
N+fGBVjVy8WDhY8KcqdbvFSTJzvR3n7I7tawtUju7qjP5QMIT82P/Z0Xcgmnbpoq
Mn7gwEsKrBMj9E5TLLcRn30aBSzhSQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFDQU
vdAydCbn4M7SJOZEfQR+5fGgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RjA3RkRCQUY1ODUxMUVGQjkzQUJFOTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAmsxfAwQAmsxrAwQAmsxy
AwQAmsx3AwQAms1yAwQAms13MA0GCSqGSIb3DQEBCwUAA4IBAQA3iy1bK5avlTGK
vOSgnF5g82EJYix3jBjph95jVU9CtYZT1Tj4xmdvUycd8Yi76culQAvA5f4Sco8q
qnLgfdfwyiwtrM0WQfEGxKbncHZ1hn+4uO6K5Ghf3ur4Go3oJBwW7maZpRJidFd/
AIhDiMepl7xvLd0ZQDt7CuE4bjcklnZRFbZYe/DIFxEX+gowhkFzr30pnXQtG0W/
+HUWn6Hke/cEP0kYIkKQ47s1O8wBs/VCiqmsM0HPSMSXHhon4B/XzM8F7nDel7ST
bp6zFXfE4uZajOzd2/OHzFQdlzXt5JRqzY2UgCpaR1z2NmbmrFtt1n3s6KGKFLmU
DvBZqpFd
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:29:07 2025 by rpki-client