Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C40073FAFE4B11EF9D822F7E762E951A.roa
File: C40073FAFE4B11EF9D822F7E762E951A.roa (raw, json)
Hash identifier: rjGZgR3R3mVUcd4uFgp31I1m0J1a41qZUBB4i6yUf5s=
Subject key identifier: ED:06:3A:CA:53:DC:1C:0E:0E:F5:39:23:A9:F0:18:4C:10:E1:26:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017368
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C40073FAFE4B11EF9D822F7E762E951A.roa
Signing time: Tue 11 Mar 2025 07:38:04 +0000
ROA not before: Tue 11 Mar 2025 07:37:59 +0000
ROA not after: Sun 13 Apr 2025 07:37:59 +0000
asID: 139646
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.214.32.0/19 maxlen: 24
154.215.0.0/24 maxlen: 24
154.216.128.0/18 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95080 (0x17368)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 11 07:37:59 2025 GMT
Not After : Apr 13 07:37:59 2025 GMT
Subject: CN=67cfe85c-d32f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d7:43:c4:85:77:39:2a:a2:f3:6a:9c:27:22:
87:cd:dd:85:f6:88:85:30:02:4e:b0:6b:a3:19:a2:
e0:f0:04:34:41:36:eb:e0:b3:b2:f9:f9:4a:bd:67:
8c:99:6b:f2:5c:22:52:c0:8b:30:52:15:07:a0:0e:
32:02:86:83:84:f4:ca:11:de:e7:ce:b4:b4:53:32:
34:17:74:59:68:68:9c:fc:27:f2:4c:07:eb:ce:92:
80:7f:9f:15:fc:42:4f:d8:cf:17:f5:20:8e:7c:88:
d3:55:e4:25:9a:e3:76:8b:b7:fa:98:6c:74:0a:28:
3d:2e:8a:bb:57:42:e0:05:3b:71:ff:ac:c2:05:c0:
31:cd:35:58:c7:64:e1:44:0b:6d:fd:9c:7e:1a:0b:
1e:b0:22:d8:a5:0e:07:76:f8:52:28:97:18:37:3f:
28:4d:c1:10:0b:92:6a:6f:7f:5f:cd:55:67:88:d3:
50:bf:04:cf:be:a2:4f:04:c6:d3:05:cd:d9:de:55:
0e:60:c3:4f:4a:7a:85:48:77:43:74:5f:91:b5:c0:
16:33:1c:9c:0e:a1:f4:a4:2b:d0:60:6b:c7:07:fe:
f6:65:1e:67:dc:55:96:59:fb:74:dd:34:f3:6d:c5:
d1:0c:3f:16:07:b1:36:a0:6c:12:5b:e5:42:00:21:
bc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:06:3A:CA:53:DC:1C:0E:0E:F5:39:23:A9:F0:18:4C:10:E1:26:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C40073FAFE4B11EF9D822F7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.214.32.0/19
154.215.0.0/24
154.216.128.0/18
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:d8:db:bb:2c:d9:c0:2e:6f:6b:1e:21:21:74:32:4e:ff:d9:
99:68:5b:dc:a3:eb:c3:ee:27:ba:96:fc:65:6e:68:74:78:e0:
9d:8a:e5:04:b5:62:e5:f1:41:10:aa:a8:e9:e7:75:d3:4b:9d:
df:67:dc:a2:dd:89:63:22:ff:9b:c8:c8:84:e0:ab:1a:fc:d7:
d3:e3:e2:6c:e3:59:dd:cf:9d:85:3e:1b:c0:51:6e:e0:a6:d0:
a4:7c:c9:75:55:4b:29:6e:53:7f:f0:6c:0e:78:ab:3d:a1:dd:
01:f2:b5:75:60:8a:d5:8f:a8:28:3a:8d:bd:ce:23:ff:34:38:
06:8a:3d:9f:7e:3d:1a:22:31:27:1f:fd:a7:37:69:84:f3:ba:
aa:11:99:91:b1:c6:7b:5f:38:ee:e6:64:e1:ea:e1:55:75:28:
fb:52:f6:b8:fd:0f:d8:4d:0b:64:ff:92:64:a0:73:5f:df:80:
c4:d3:be:f6:a2:a0:f3:95:4b:4b:c0:19:52:3c:6e:21:3c:32:
11:e7:8e:8b:ed:ba:27:6f:4f:78:40:7e:f3:a8:3d:28:c3:1c:
ed:3f:2b:3b:17:c1:20:29:d6:dc:45:25:68:55:e9:61:fa:bc:
a7:73:e0:b0:90:10:54:ff:f5:ea:a8:d5:fb:7d:ee:eb:48:50:
14:e2:ff:86
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAXNoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzExMDczNzU5WhcNMjUwNDEzMDczNzU5WjAYMRYw
FAYDVQQDEw02N2NmZTg1Yy1kMzJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ddDxIV3OSqi82qcJyKHzd2F9oiFMAJOsGujGaLg8AQ0QTbr4LOy+flK
vWeMmWvyXCJSwIswUhUHoA4yAoaDhPTKEd7nzrS0UzI0F3RZaGic/CfyTAfrzpKA
f58V/EJP2M8X9SCOfIjTVeQlmuN2i7f6mGx0Cig9Loq7V0LgBTtx/6zCBcAxzTVY
x2ThRAtt/Zx+GgsesCLYpQ4HdvhSKJcYNz8oTcEQC5Jqb39fzVVniNNQvwTPvqJP
BMbTBc3Z3lUOYMNPSnqFSHdDdF+RtcAWMxycDqH0pCvQYGvHB/72ZR5n3FWWWft0
3TTzbcXRDD8WB7E2oGwSW+VCACG8gwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFO0G
OspT3BwODvU5I6nwGEwQ4SYrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDAwNzNGQUZFNEIxMUVGOUQ4MjJGN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBAWa1iADBACa1wADBAaa2IADBACa2gADBACa3QAwDQYJKoZIhvcN
AQELBQADggEBAMzY27ss2cAub2seISF0Mk7/2ZloW9yj68PuJ7qW/GVuaHR44J2K
5QS1YuXxQRCqqOnnddNLnd9n3KLdiWMi/5vIyITgqxr819Pj4mzjWd3PnYU+G8BR
buCm0KR8yXVVSyluU3/wbA54qz2h3QHytXVgitWPqCg6jb3OI/80OAaKPZ9+PRoi
MScf/ac3aYTzuqoRmZGxxntfOO7mZOHq4VV1KPtS9rj9D9hNC2T/kmSgc1/fgMTT
vvaioPOVS0vAGVI8biE8MhHnjovtuidvT3hAfvOoPSjDHO0/KzsXwSAp1txFJWhV
6WH6vKdz4LCQEFT/9eqo1ft97utIUBTi/4Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:11 2025 by rpki-client