Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF3953E804CB11F09179368E762E951A.roa
File: AF3953E804CB11F09179368E762E951A.roa (raw, json)
Hash identifier: vfR6WZ0rkkO6JjG9/bAHzPTeGq2G09bU6aUJzPGLyZM=
Subject key identifier: A9:44:C2:8A:C7:63:3A:5A:5F:B6:99:86:56:01:7E:1D:23:13:D1:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01752A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF3953E804CB11F09179368E762E951A.roa
Signing time: Wed 19 Mar 2025 14:08:51 +0000
ROA not before: Wed 19 Mar 2025 14:08:47 +0000
ROA not after: Wed 30 Apr 2025 14:08:47 +0000
asID: 62240
IP address blocks: 154.194.72.0/24 maxlen: 24
154.194.73.0/24 maxlen: 24
154.194.74.0/24 maxlen: 24
154.194.89.0/24 maxlen: 24
154.194.92.0/24 maxlen: 24
154.194.93.0/24 maxlen: 24
154.194.98.0/24 maxlen: 24
154.196.18.0/24 maxlen: 24
154.196.22.0/24 maxlen: 24
154.196.50.0/24 maxlen: 24
154.196.63.0/24 maxlen: 24
154.196.67.0/24 maxlen: 24
154.196.71.0/24 maxlen: 24
154.196.72.0/24 maxlen: 24
154.196.73.0/24 maxlen: 24
154.196.74.0/24 maxlen: 24
154.196.75.0/24 maxlen: 24
154.196.76.0/24 maxlen: 24
154.196.77.0/24 maxlen: 24
154.196.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 00:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95530 (0x1752a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 19 14:08:47 2025 GMT
Not After : Apr 30 14:08:47 2025 GMT
Subject: CN=67dacff3-b27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:5a:e3:87:9d:71:e4:e4:d9:69:43:bf:af:6f:
39:bb:50:28:4f:b0:52:2e:19:32:5e:90:c2:b3:88:
94:d9:81:2d:58:ae:bd:66:a6:56:f4:ed:3e:a4:0e:
63:cc:f1:9f:66:99:41:be:2f:46:51:52:c7:99:c1:
f7:8a:dd:6b:b9:7a:99:8c:47:60:79:3e:29:ae:88:
13:03:33:30:6f:5e:4d:c5:da:b8:b3:07:0b:a3:d4:
a7:a2:78:81:d0:1a:81:b8:7e:50:70:ce:73:ae:66:
a8:16:69:2e:df:b8:98:4a:32:4b:7d:7d:68:35:1b:
b8:17:69:e3:b2:66:1b:d2:d6:3e:06:80:ed:f6:cf:
f0:af:b3:20:05:6f:fb:32:3d:44:2d:91:62:d2:85:
92:69:fd:99:bb:22:76:d4:a5:80:a9:eb:0d:e6:19:
4a:21:d6:13:5e:f3:6e:2c:f9:00:10:6a:8e:17:0d:
73:7e:b3:be:78:c4:b5:27:43:e2:af:44:a3:fa:6b:
2f:84:2a:c2:55:c7:c5:ef:f0:92:fd:3c:5d:ef:f6:
0a:4e:93:88:77:44:d7:c8:de:e8:e5:d3:23:f6:81:
29:45:45:c2:9f:c0:32:b5:b2:be:18:81:4c:01:84:
69:b2:96:97:64:99:c0:32:fa:1c:1a:05:d1:17:f8:
fd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:44:C2:8A:C7:63:3A:5A:5F:B6:99:86:56:01:7E:1D:23:13:D1:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF3953E804CB11F09179368E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.72.0-154.194.74.255
154.194.89.0/24
154.194.92.0/23
154.194.98.0/24
154.196.18.0/24
154.196.22.0/24
154.196.50.0/24
154.196.63.0/24
154.196.67.0/24
154.196.71.0-154.196.78.255
Signature Algorithm: sha256WithRSAEncryption
46:cb:7e:73:b8:74:ab:22:90:bc:1a:09:a2:2a:95:61:67:5a:
d8:75:6f:b1:5e:5e:ee:d9:b8:00:74:47:57:52:a2:26:4e:04:
10:d6:15:b1:4a:8c:46:f2:aa:e8:58:5b:3c:f8:6b:ec:1e:13:
31:b9:82:c1:53:19:76:df:9a:67:1d:42:ce:aa:e2:e8:62:41:
6d:fd:5b:b5:96:77:ce:92:87:3e:62:45:b5:0a:8f:f7:74:47:
0e:9b:d1:a8:c5:2d:94:af:5b:1b:af:2f:69:27:b5:41:d2:ec:
a1:5a:5f:2c:b7:4a:71:8b:46:2b:62:3a:81:ac:6c:9c:cb:78:
ef:f2:8b:24:f9:3d:55:fd:aa:13:a5:4f:0e:45:1a:2e:ce:c1:
da:65:5d:bf:54:1e:3e:8c:f0:e4:65:e1:31:e6:77:c9:59:60:
42:ce:c7:64:2f:92:9d:2d:23:8d:02:14:54:bf:c6:ca:dc:f5:
aa:be:1f:9b:ef:f1:10:9c:2a:e5:f4:c8:ca:02:6c:22:c4:3c:
b9:14:aa:e3:56:ac:36:96:0b:18:6a:2c:64:82:7d:a4:22:ef:
b2:e7:0f:a2:33:ba:4e:cb:04:e7:fa:5d:de:e5:75:f6:66:aa:
34:85:34:af:d6:84:6e:2a:b3:c6:07:7b:ee:c6:7c:d8:6f:51:
90:3f:91:4f
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIDAXUqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTQwODQ3WhcNMjUwNDMwMTQwODQ3WjAYMRYw
FAYDVQQDEw02N2RhY2ZmMy1iMjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9lrjh51x5OTZaUO/r285u1AoT7BSLhkyXpDCs4iU2YEtWK69ZqZW9O0+
pA5jzPGfZplBvi9GUVLHmcH3it1ruXqZjEdgeT4progTAzMwb15Nxdq4swcLo9Sn
oniB0BqBuH5QcM5zrmaoFmku37iYSjJLfX1oNRu4F2njsmYb0tY+BoDt9s/wr7Mg
BW/7Mj1ELZFi0oWSaf2ZuyJ21KWAqesN5hlKIdYTXvNuLPkAEGqOFw1zfrO+eMS1
J0Pir0Sj+msvhCrCVcfF7/CS/Txd7/YKTpOId0TXyN7o5dMj9oEpRUXCn8AytbK+
GIFMAYRpspaXZJnAMvocGgXRF/j9QQIDAQABo4IC6zCCAucwHQYDVR0OBBYEFKlE
worHYzpaX7aZhlYBfh0jE9EbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjM5NTNFODA0Q0IxMUYwOTE3OTM2OEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAOawkgDBACawkoDBACa
wlkDBAGawlwDBACawmIDBACaxBIDBACaxBYDBACaxDIDBACaxD8DBACaxEMwDAME
AJrERwMEAJrETjANBgkqhkiG9w0BAQsFAAOCAQEARst+c7h0qyKQvBoJoiqVYWda
2HVvsV5e7tm4AHRHV1KiJk4EENYVsUqMRvKq6FhbPPhr7B4TMbmCwVMZdt+aZx1C
zqri6GJBbf1btZZ3zpKHPmJFtQqP93RHDpvRqMUtlK9bG68vaSe1QdLsoVpfLLdK
cYtGK2I6gaxsnMt47/KLJPk9Vf2qE6VPDkUaLs7B2mVdv1QePozw5GXhMeZ3yVlg
Qs7HZC+SnS0jjQIUVL/Gytz1qr4fm+/xEJwq5fTIygJsIsQ8uRSq41asNpYLGGos
ZIJ9pCLvsucPojO6TssE5/pd3uV19maqNIU0r9aEbiqzxgd77sZ82G9RkD+RTw==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:34:22 2025 by rpki-client