Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C972692C37F011F08254BD88DAE4EC9C.roa
File: C972692C37F011F08254BD88DAE4EC9C.roa (raw, json)
Hash identifier: Gm19cYouWXyIU9ENYLP+FnD3kMklAK1GPaWzpvLNMFQ=
Subject key identifier: 05:81:13:09:7A:03:37:E0:40:41:FE:93:72:F8:6A:6F:E0:7E:19:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01822F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C972692C37F011F08254BD88DAE4EC9C.roa
Signing time: Fri 23 May 2025 16:12:56 +0000
ROA not before: Fri 23 May 2025 16:12:52 +0000
ROA not after: Mon 22 Jun 2026 16:12:52 +0000
asID: 984
IP address blocks: 154.196.161.0/24 maxlen: 24
154.199.4.0/24 maxlen: 24
154.200.26.0/24 maxlen: 24
154.200.52.0/24 maxlen: 24
154.200.53.0/24 maxlen: 24
154.200.129.0/24 maxlen: 24
154.200.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98863 (0x1822f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 16:12:52 2025 GMT
Not After : Jun 22 16:12:52 2026 GMT
Subject: CN=68309e88-48e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ca:04:b5:0f:c3:f3:4d:c0:10:88:a3:48:b6:
0e:46:32:0c:22:2f:c0:87:4c:da:98:12:76:cc:75:
ba:64:19:5f:de:82:de:72:12:ca:ba:25:f2:f3:7c:
2b:98:ce:d9:07:bb:27:8b:af:93:09:0c:16:ce:0e:
28:1c:5d:8f:29:2c:bb:9d:b3:2c:67:f8:f0:e1:7c:
f0:52:35:63:22:8f:ef:41:82:aa:f2:ee:69:e6:40:
92:d3:44:5b:c4:08:4a:9e:e3:ca:93:96:06:5c:f3:
a2:20:aa:fa:cf:ef:9f:f8:e6:62:07:60:83:88:31:
4f:4c:b9:16:53:f2:6f:1f:25:79:88:d3:6b:57:d6:
19:e7:29:d2:ed:0b:74:51:22:cd:81:f4:49:23:54:
24:90:c3:d3:4e:d4:e0:3c:59:b5:46:89:13:d2:ab:
35:fa:b8:77:eb:27:78:80:03:b6:09:27:47:00:8c:
80:ff:33:36:e1:00:47:6d:54:aa:f7:25:a7:8b:56:
23:11:f2:50:f5:3a:b1:47:65:f4:20:b0:b9:9d:3e:
43:a3:ba:34:16:0c:8a:49:50:1e:68:1f:9c:fe:53:
d0:f0:24:40:8b:82:b8:a9:12:dc:c8:5b:1e:56:05:
ad:50:37:4e:bf:49:e8:59:28:39:03:af:7d:d0:88:
b0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:81:13:09:7A:03:37:E0:40:41:FE:93:72:F8:6A:6F:E0:7E:19:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C972692C37F011F08254BD88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.161.0/24
154.199.4.0/24
154.200.26.0/24
154.200.52.0/23
154.200.129.0-154.200.130.255
Signature Algorithm: sha256WithRSAEncryption
9b:49:70:5b:1b:63:ff:a7:ee:c9:08:3d:55:25:74:d3:3f:dc:
e1:d0:a8:d5:c6:ff:59:84:27:86:6b:0a:04:6f:20:82:9b:ca:
36:13:37:41:af:00:19:6e:b1:ca:5f:47:d0:77:8c:dc:6d:74:
68:6f:14:d5:0d:ac:f6:ad:48:a5:a8:f0:3f:11:6e:3a:c7:d1:
81:53:7c:f4:92:2b:97:93:e9:b5:a1:13:d4:4c:20:b6:a6:1b:
9b:fa:3d:c5:5c:7f:83:2a:d3:e2:1f:9b:28:9c:54:2a:9e:97:
d9:f0:a2:0c:49:83:a1:0d:6d:0b:b0:ef:a2:40:12:69:36:d8:
94:ef:90:35:ad:4d:be:ff:df:67:94:cb:c6:59:75:61:8a:23:
66:f6:68:8d:93:92:56:0b:44:dc:98:af:01:fd:49:8b:60:65:
be:d6:f6:c8:09:30:dd:80:0e:7e:74:f9:c8:8a:77:02:2a:c5:
e5:c2:9d:35:04:56:6a:b4:8e:d0:87:df:e6:65:b8:82:4f:79:
f6:f0:4b:d0:10:bd:60:b5:b7:68:ef:40:74:15:7d:4c:1f:f2:
54:2d:c6:34:73:fc:d3:2c:b0:fa:17:36:36:79:b0:81:1b:05:
ed:59:e4:e4:03:e0:2b:de:40:91:30:88:89:2b:a1:73:18:dd:
44:a9:53:69
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAYIvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTYxMjUyWhcNMjYwNjIyMTYxMjUyWjAYMRYw
FAYDVQQDEw02ODMwOWU4OC00OGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4MoEtQ/D803AEIijSLYORjIMIi/Ah0zamBJ2zHW6ZBlf3oLechLKuiXy
83wrmM7ZB7sni6+TCQwWzg4oHF2PKSy7nbMsZ/jw4XzwUjVjIo/vQYKq8u5p5kCS
00RbxAhKnuPKk5YGXPOiIKr6z++f+OZiB2CDiDFPTLkWU/JvHyV5iNNrV9YZ5ynS
7Qt0USLNgfRJI1QkkMPTTtTgPFm1RokT0qs1+rh36yd4gAO2CSdHAIyA/zM24QBH
bVSq9yWni1YjEfJQ9TqxR2X0ILC5nT5Do7o0FgyKSVAeaB+c/lPQ8CRAi4K4qRLc
yFseVgWtUDdOv0noWSg5A6990IiwnQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFAWB
Ewl6AzfgQEH+k3L4am/gfhlrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOTcyNjkyQzM3RjAxMUYwODI1NEJEODhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAmsShAwQAmscEAwQAmsga
AwQBmsg0MAwDBACayIEDBACayIIwDQYJKoZIhvcNAQELBQADggEBAJtJcFsbY/+n
7skIPVUldNM/3OHQqNXG/1mEJ4ZrCgRvIIKbyjYTN0GvABluscpfR9B3jNxtdGhv
FNUNrPatSKWo8D8RbjrH0YFTfPSSK5eT6bWhE9RMILamG5v6PcVcf4Mq0+Ifmyic
VCqel9nwogxJg6ENbQuw76JAEmk22JTvkDWtTb7/32eUy8ZZdWGKI2b2aI2TklYL
RNyYrwH9SYtgZb7W9sgJMN2ADn50+ciKdwIqxeXCnTUEVmq0jtCH3+ZluIJPefbw
S9AQvWC1t2jvQHQVfUwf8lQtxjRz/NMssPoXNjZ5sIEbBe1Z5OQD4CveQJEwiIkr
oXMY3USpU2k=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:38:03 2025 by rpki-client