Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C57E0E60F9811F0B039AA7E762E951A.roa
File: 9C57E0E60F9811F0B039AA7E762E951A.roa (raw, json)
Hash identifier: 1Gi0mSj9e40kmiXRUphTKpSmDAnSqY71woPvjmdpCfE=
Subject key identifier: CB:B3:8A:E0:BE:05:03:0C:7C:06:FB:47:E0:23:C6:B5:B9:13:46:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017738
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C57E0E60F9811F0B039AA7E762E951A.roa
Signing time: Wed 02 Apr 2025 08:00:58 +0000
ROA not before: Wed 02 Apr 2025 08:00:54 +0000
ROA not after: Fri 09 May 2025 08:00:54 +0000
asID: 203020
IP address blocks: 154.201.46.0/24 maxlen: 24
154.201.58.0/24 maxlen: 24
154.204.40.0/24 maxlen: 24
154.205.168.0/22 maxlen: 24
154.206.0.0/22 maxlen: 24
154.207.84.0/22 maxlen: 24
154.207.114.0/23 maxlen: 24
154.207.116.0/22 maxlen: 24
154.207.120.0/22 maxlen: 24
154.207.124.0/23 maxlen: 24
154.207.136.0/22 maxlen: 24
154.207.140.0/23 maxlen: 24
154.207.184.0/22 maxlen: 24
154.207.192.0/20 maxlen: 24
154.207.224.0/23 maxlen: 24
154.207.240.0/21 maxlen: 24
154.207.254.0/23 maxlen: 24
154.208.132.0/22 maxlen: 24
154.209.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96056 (0x17738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Apr 2 08:00:54 2025 GMT
Not After : May 9 08:00:54 2025 GMT
Subject: CN=67eceeba-0b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:2a:71:af:b3:d4:ae:f9:11:b4:a9:99:57:
78:31:fe:51:e2:0b:d6:3a:4e:7e:1c:60:94:e9:ce:
5d:ab:84:99:ed:0d:a6:2b:f3:ea:69:81:78:26:49:
42:18:a1:3b:7b:1a:01:18:fb:63:c2:3f:25:99:20:
11:e7:48:b3:c5:80:0b:14:eb:81:7f:37:aa:c0:01:
f0:8e:82:dd:ba:33:dc:f4:db:11:17:9d:9a:6a:34:
aa:0f:0e:ad:3e:f4:20:95:b9:60:9c:bd:bc:42:50:
d5:40:5b:a1:8e:79:5a:02:36:ef:7d:eb:cd:73:00:
f6:a9:dc:ac:89:5d:26:1b:2f:5e:b3:80:69:ef:a8:
06:e8:07:a1:b4:98:f9:40:cf:f4:1f:07:32:b5:5c:
16:b5:b2:2d:05:41:e2:8c:ef:be:55:88:00:75:3f:
f2:4f:95:5e:d2:35:6a:ce:79:5e:3d:7b:64:2b:76:
74:1d:71:da:84:0a:9d:56:6f:3a:0d:2f:4f:bf:79:
fe:35:b7:46:7e:88:50:33:ef:5d:d1:18:a5:a6:6c:
1d:21:1c:56:d7:1d:ab:a8:77:8e:98:2d:6f:42:68:
37:2a:38:76:8a:4b:a1:2e:d7:1c:75:28:bb:17:eb:
f9:31:9f:93:b2:b6:3b:69:3c:ea:c4:a4:2f:23:1c:
6b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B3:8A:E0:BE:05:03:0C:7C:06:FB:47:E0:23:C6:B5:B9:13:46:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C57E0E60F9811F0B039AA7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.46.0/24
154.201.58.0/24
154.204.40.0/24
154.205.168.0/22
154.206.0.0/22
154.207.84.0/22
154.207.114.0-154.207.125.255
154.207.136.0-154.207.141.255
154.207.184.0/22
154.207.192.0/20
154.207.224.0/23
154.207.240.0/21
154.207.254.0/23
154.208.132.0/22
154.209.16.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:15:8a:61:e8:95:4e:a1:0f:34:f4:84:a9:60:c5:98:e7:ab:
b8:d8:73:37:45:99:70:19:31:f6:7e:da:aa:c0:83:f5:e0:76:
81:e8:65:55:2d:4c:77:f9:ce:fd:92:27:b7:c9:7b:88:e1:41:
c4:cd:89:ca:68:84:77:a8:83:14:85:ca:26:2f:fd:9f:f8:9c:
5d:4c:2f:07:91:75:d0:4b:b1:4c:63:1d:b6:15:2a:67:3b:45:
53:4c:04:9c:56:b2:f9:16:8d:07:3a:00:ab:1a:1f:6d:69:60:
83:5a:7d:66:97:cf:76:89:e2:73:60:7e:ce:80:50:47:2f:16:
a3:5d:ad:0b:54:92:ab:14:1d:b9:c1:e1:ec:ea:cf:97:01:22:
42:13:76:93:a6:e0:f2:3b:a5:52:86:fb:f4:29:8c:64:4b:5d:
68:b3:27:63:5a:e2:13:4a:bd:9f:e3:3a:5b:22:a6:a1:c7:5e:
06:c0:4d:ca:9a:17:f3:f4:36:d3:be:cb:42:0b:df:78:9a:a1:
f2:7f:a8:43:13:5c:ca:dd:d4:29:e4:c3:70:42:b2:7e:ff:0d:
e3:3f:64:71:70:fa:a5:e9:b6:d7:31:d9:ef:f2:f6:da:81:91:
5b:dc:16:c9:44:30:ba:47:8d:53:f5:18:6d:c9:1a:21:95:16:
c2:00:09:c8
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgIDAXc4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAyMDgwMDU0WhcNMjUwNTA5MDgwMDU0WjAYMRYw
FAYDVQQDEw02N2VjZWViYS0wYjk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvecqca+z1K75EbSpmVd4Mf5R4gvWOk5+HGCU6c5dq4SZ7Q2mK/PqaYF4
JklCGKE7exoBGPtjwj8lmSAR50izxYALFOuBfzeqwAHwjoLdujPc9NsRF52aajSq
Dw6tPvQglblgnL28QlDVQFuhjnlaAjbvfevNcwD2qdysiV0mGy9es4Bp76gG6Aeh
tJj5QM/0HwcytVwWtbItBUHijO++VYgAdT/yT5Ve0jVqznlePXtkK3Z0HXHahAqd
Vm86DS9Pv3n+NbdGfohQM+9d0RilpmwdIRxW1x2rqHeOmC1vQmg3Kjh2ikuhLtcc
dSi7F+v5MZ+TsrY7aTzqxKQvIxxrUQIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFMuz
iuC+BQMMfAb7R+AjxrW5E0aVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QzU3RTBFNjBGOTgxMUYwQjAzOUFBN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAJrJLgMEAJrJOgMEAJrM
KAMEAprNqAMEAprOAAMEAprPVDAMAwQBms9yAwQBms98MAwDBAOaz4gDBAGaz4wD
BAKaz7gDBASaz8ADBAGaz+ADBAOaz/ADBAGaz/4DBAKa0IQDBAGa0RAwDQYJKoZI
hvcNAQELBQADggEBAIsVimHolU6hDzT0hKlgxZjnq7jYczdFmXAZMfZ+2qrAg/Xg
doHoZVUtTHf5zv2SJ7fJe4jhQcTNicpohHeogxSFyiYv/Z/4nF1MLweRddBLsUxj
HbYVKmc7RVNMBJxWsvkWjQc6AKsaH21pYINafWaXz3aJ4nNgfs6AUEcvFqNdrQtU
kqsUHbnB4ezqz5cBIkITdpOm4PI7pVKG+/QpjGRLXWizJ2Na4hNKvZ/jOlsipqHH
XgbATcqaF/P0NtO+y0IL33iaofJ/qEMTXMrd1Cnkw3BCsn7/DeM/ZHFw+qXpttcx
2e/y9tqBkVvcFslEMLpHjVP1GG3JGiGVFsIACcg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:36:52 2025 by rpki-client