Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E68CFBC0CCF11F097B7D189762E951A.roa
File: 7E68CFBC0CCF11F097B7D189762E951A.roa (raw, json)
Hash identifier: CuwFysW+hgcdGUNlcj0h0pbZJiLo4nl4h6JeNDD+Pf4=
Subject key identifier: EA:11:52:EE:3D:B8:DF:C5:25:A3:0A:33:56:15:85:A6:D2:05:D3:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176E2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E68CFBC0CCF11F097B7D189762E951A.roa
Signing time: Sat 29 Mar 2025 18:56:17 +0000
ROA not before: Sat 29 Mar 2025 18:56:12 +0000
ROA not after: Mon 07 Apr 2025 18:56:12 +0000
asID: 7018
IP address blocks: 154.195.8.0/21 maxlen: 24
154.195.32.0/23 maxlen: 24
154.195.36.0/22 maxlen: 24
154.195.40.0/23 maxlen: 24
154.195.43.0/24 maxlen: 24
154.195.47.0/24 maxlen: 24
154.195.48.0/20 maxlen: 24
154.198.16.0/20 maxlen: 24
154.201.0.0/24 maxlen: 24
154.201.2.0/23 maxlen: 24
154.202.12.0/22 maxlen: 24
154.205.48.0/20 maxlen: 24
154.208.0.0/24 maxlen: 24
154.212.8.0/21 maxlen: 24
154.214.16.0/21 maxlen: 24
154.214.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95970 (0x176e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 18:56:12 2025 GMT
Not After : Apr 7 18:56:12 2025 GMT
Subject: CN=67e84251-9082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:37:19:e0:84:4a:92:cd:22:34:a4:45:c9:
2c:83:1a:fc:50:bc:71:b9:c9:db:14:dd:1e:c1:05:
eb:29:f8:7c:fb:b5:0d:9e:13:88:b8:59:ee:60:85:
d2:19:f7:b3:e4:4d:f9:83:ee:b2:04:32:93:cb:70:
d7:02:78:63:16:b7:57:24:95:27:ac:ec:7b:c6:98:
a5:76:2b:9e:ea:a0:fd:29:de:b2:df:de:1d:aa:7a:
aa:1b:5e:e5:0a:95:f7:0b:4c:ef:69:59:20:d6:7d:
19:2a:49:d3:0d:0a:56:cb:4e:13:1e:d1:87:0d:1d:
54:9b:e1:a2:b9:1a:32:1b:ab:a8:56:d0:26:b3:24:
9b:a5:00:14:3c:49:30:b2:17:bc:0c:4a:cc:07:d6:
86:43:63:f9:44:63:46:a1:90:b8:1f:ee:39:84:5e:
20:9d:b0:21:75:ae:c2:af:47:98:00:08:af:6b:1d:
75:ec:1f:90:95:7a:29:53:4f:8d:22:15:6a:8a:ef:
eb:4c:9f:a3:3e:65:ad:67:f8:86:13:a9:4b:63:13:
df:d9:fd:19:a9:c5:32:d0:b9:6b:53:49:56:48:ed:
e7:cf:02:c4:f6:fd:b3:7b:05:ea:b9:b1:f7:f9:40:
08:5e:ea:4c:4e:fb:3b:d0:95:38:46:67:f2:7c:14:
20:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:11:52:EE:3D:B8:DF:C5:25:A3:0A:33:56:15:85:A6:D2:05:D3:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E68CFBC0CCF11F097B7D189762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.8.0/21
154.195.32.0/23
154.195.36.0-154.195.41.255
154.195.43.0/24
154.195.47.0-154.195.63.255
154.198.16.0/20
154.201.0.0/24
154.201.2.0/23
154.202.12.0/22
154.205.48.0/20
154.208.0.0/24
154.212.8.0/21
154.214.16.0-154.214.27.255
Signature Algorithm: sha256WithRSAEncryption
8e:f5:25:b7:bf:8c:43:e7:99:14:bc:5b:ff:e8:fd:cc:3f:3a:
be:10:6d:47:00:8e:65:7f:57:23:62:12:74:3b:2c:21:06:b0:
84:05:12:b1:9f:1f:99:ae:a7:e2:f1:b9:a8:61:fb:3c:8f:49:
51:51:b7:60:f7:f3:0b:57:5d:25:ea:0d:b5:33:c1:08:57:f8:
e5:f6:c0:88:42:db:29:b5:69:50:1e:ef:e1:9b:2b:18:79:97:
9b:55:92:1c:d2:dc:c1:ca:97:57:77:57:d8:e2:1b:b3:71:5a:
7e:fc:40:f3:e9:d4:26:2b:ca:b6:25:45:ea:3d:fc:3b:71:19:
3f:95:51:df:df:51:cf:4e:77:fc:17:e4:01:47:a5:82:aa:1c:
99:60:a4:b2:42:89:4b:26:13:88:79:59:63:4d:5c:58:37:b5:
81:6d:50:fb:9c:bc:10:12:64:4f:73:ab:32:b9:d4:4e:45:fd:
00:ed:43:8f:55:fe:ed:31:17:94:77:3c:6c:3b:90:6a:fe:29:
15:65:2f:91:a5:7c:47:58:62:8f:1b:dd:32:cd:b5:c7:65:12:
1b:22:3b:26:03:9c:7c:39:18:5c:e3:79:65:6c:04:31:83:f3:
2b:53:92:ee:b7:b7:2a:96:89:bf:6b:a2:97:e3:93:8a:78:8a:
62:5a:3a:84
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgIDAXbiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTg1NjEyWhcNMjUwNDA3MTg1NjEyWjAYMRYw
FAYDVQQDEw02N2U4NDI1MS05MDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvjo3GeCESpLNIjSkRcksgxr8ULxxucnbFN0ewQXrKfh8+7UNnhOIuFnu
YIXSGfez5E35g+6yBDKTy3DXAnhjFrdXJJUnrOx7xpildiue6qD9Kd6y394dqnqq
G17lCpX3C0zvaVkg1n0ZKknTDQpWy04THtGHDR1Um+GiuRoyG6uoVtAmsySbpQAU
PEkwshe8DErMB9aGQ2P5RGNGoZC4H+45hF4gnbAhda7Cr0eYAAivax117B+QlXop
U0+NIhVqiu/rTJ+jPmWtZ/iGE6lLYxPf2f0ZqcUy0LlrU0lWSO3nzwLE9v2zewXq
ubH3+UAIXupMTvs70JU4RmfyfBQgmQIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFOoR
Uu49uN/FJaMKM1YVhabSBdNWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RTY4Q0ZCQzBDQ0YxMUYwOTdCN0QxODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDmsMIAwQBmsMgMAwDBAKa
wyQDBAGawygDBACawyswDAMEAJrDLwMEBprDAAMEBJrGEAMEAJrJAAMEAZrJAgME
AprKDAMEBJrNMAMEAJrQAAMEA5rUCDAMAwQEmtYQAwQCmtYYMA0GCSqGSIb3DQEB
CwUAA4IBAQCO9SW3v4xD55kUvFv/6P3MPzq+EG1HAI5lf1cjYhJ0OywhBrCEBRKx
nx+Zrqfi8bmoYfs8j0lRUbdg9/MLV10l6g21M8EIV/jl9sCIQtsptWlQHu/hmysY
eZebVZIc0tzBypdXd1fY4huzcVp+/EDz6dQmK8q2JUXqPfw7cRk/lVHf31HPTnf8
F+QBR6WCqhyZYKSyQolLJhOIeVljTVxYN7WBbVD7nLwQEmRPc6syudRORf0A7UOP
Vf7tMReUdzxsO5Bq/ikVZS+RpXxHWGKPG90yzbXHZRIbIjsmA5x8ORhc43llbAQx
g/MrU5Lut7cqlom/a6KX45OKeIpiWjqE
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:49:10 2025 by rpki-client