Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDB08ADC0A1911F0996AED72762E951A.roa
File: CDB08ADC0A1911F0996AED72762E951A.roa (raw, json)
Hash identifier: lR14OLdmFus6MYZ3Ndx42P68V/y1PwFKcaoAFLxsiXg=
Subject key identifier: 94:13:83:10:F8:92:16:D1:E2:51:C5:71:ED:9B:91:7F:D0:FB:C6:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017663
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDB08ADC0A1911F0996AED72762E951A.roa
Signing time: Wed 26 Mar 2025 08:10:39 +0000
ROA not before: Wed 26 Mar 2025 08:10:35 +0000
ROA not after: Mon 20 Apr 2026 08:10:35 +0000
asID: 984
IP address blocks: 154.200.46.0/24 maxlen: 24
154.200.50.0/24 maxlen: 24
154.200.60.0/24 maxlen: 24
154.200.62.0/24 maxlen: 24
154.202.5.0/24 maxlen: 24
154.207.94.0/24 maxlen: 24
154.207.95.0/24 maxlen: 24
154.207.96.0/24 maxlen: 24
154.222.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95843 (0x17663)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 26 08:10:35 2025 GMT
Not After : Apr 20 08:10:35 2026 GMT
Subject: CN=67e3b67f-45de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:57:46:58:f4:63:ec:50:10:3c:ff:de:23:e3:
45:83:78:09:00:54:ad:ad:41:a7:95:34:b2:6e:49:
f6:e9:e0:ef:c4:5b:6d:e4:2e:48:2a:79:62:a8:d5:
4d:2a:01:b8:b3:54:cf:d7:60:a2:7b:ea:99:26:c8:
16:5a:44:c8:0a:5e:75:54:22:0c:2b:d9:e8:17:17:
ad:1e:5a:9c:f5:96:a5:5d:f9:a4:87:0e:89:e0:5e:
a4:e9:b4:54:58:13:db:83:05:69:01:86:e1:5a:fa:
d5:61:8e:00:81:fe:1b:d7:bb:5b:3f:25:cd:b1:bf:
7c:f7:80:7f:e3:cd:d3:fc:7c:05:8c:28:73:df:4c:
19:a5:29:81:da:f8:fc:8a:0f:cb:69:f8:34:af:7f:
98:4f:f0:ac:35:ae:90:6e:12:ad:dd:7e:09:61:3f:
ef:c4:cb:97:d0:b3:e2:39:39:7d:c2:e7:43:98:cd:
e6:7a:da:44:69:51:c5:f3:72:84:21:f1:04:95:6f:
c4:c1:fb:49:95:71:66:ac:69:8d:bb:5f:e4:74:d0:
a9:fc:1a:5d:4b:3f:61:ae:e8:2b:82:f0:69:31:27:
84:db:20:b4:00:5b:45:0c:5a:98:3c:be:98:02:0d:
4a:68:7e:94:54:7d:f8:57:8c:11:a3:85:7b:bc:6c:
1b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:13:83:10:F8:92:16:D1:E2:51:C5:71:ED:9B:91:7F:D0:FB:C6:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDB08ADC0A1911F0996AED72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.46.0/24
154.200.50.0/24
154.200.60.0/24
154.200.62.0/24
154.202.5.0/24
154.207.94.0-154.207.96.255
154.222.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:51:27:4e:ce:7e:08:b2:56:d4:a3:cb:0e:dd:2e:36:9b:93:
12:43:40:15:f7:ae:02:fb:96:12:e8:54:9a:f2:68:1b:b7:e1:
d7:84:f0:be:de:2c:6d:22:1c:59:5f:49:9f:a6:66:f7:67:b8:
d4:48:b9:c7:18:6e:e3:6d:6a:e3:bc:2f:3f:6a:7f:5a:4f:6d:
c1:2c:90:99:66:25:aa:8d:6f:54:63:b8:61:40:85:c2:c1:94:
80:fb:65:f8:b1:15:9a:7b:8c:1b:9c:3f:97:54:3d:63:dc:46:
1b:12:8a:ed:88:0d:24:ee:1a:09:d1:d3:84:c7:46:24:27:ba:
17:78:ae:64:0c:19:cb:f9:0e:9a:f5:54:08:ca:4e:6f:ca:c8:
35:3c:ab:ad:79:d6:a8:a1:d5:c0:36:84:65:ac:e4:36:57:4f:
e3:78:08:ac:53:0c:3c:ec:8d:94:d3:f8:5a:29:11:c9:ee:b6:
7e:03:38:64:9b:62:a5:22:a1:1a:15:4d:98:a6:ef:0c:6c:50:
96:c9:54:7a:83:d7:42:cc:1b:9c:36:82:f8:bb:4f:0f:03:7a:
b6:0a:4f:51:4f:30:a3:d1:72:2b:86:19:98:c7:f9:12:c8:92:
1f:79:3c:ca:6f:6f:7e:94:b6:f8:de:1d:c9:1f:dc:c7:08:45:
6c:bc:20:a7
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIDAXZjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI2MDgxMDM1WhcNMjYwNDIwMDgxMDM1WjAYMRYw
FAYDVQQDEw02N2UzYjY3Zi00NWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1VdGWPRj7FAQPP/eI+NFg3gJAFStrUGnlTSybkn26eDvxFtt5C5IKnli
qNVNKgG4s1TP12Cie+qZJsgWWkTICl51VCIMK9noFxetHlqc9ZalXfmkhw6J4F6k
6bRUWBPbgwVpAYbhWvrVYY4Agf4b17tbPyXNsb9894B/483T/HwFjChz30wZpSmB
2vj8ig/Lafg0r3+YT/CsNa6QbhKt3X4JYT/vxMuX0LPiOTl9wudDmM3metpEaVHF
83KEIfEElW/EwftJlXFmrGmNu1/kdNCp/BpdSz9hrugrgvBpMSeE2yC0AFtFDFqY
PL6YAg1KaH6UVH34V4wRo4V7vGwbcwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFJQT
gxD4khbR4lHFce2bkX/Q+8YQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DREIwOEFEQzBBMTkxMUYwOTk2QUVENzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAmsguAwQAmsgyAwQAmsg8
AwQAmsg+AwQAmsoFMAwDBAGaz14DBACaz2ADBACa3iAwDQYJKoZIhvcNAQELBQAD
ggEBAI1RJ07OfgiyVtSjyw7dLjabkxJDQBX3rgL7lhLoVJryaBu34deE8L7eLG0i
HFlfSZ+mZvdnuNRIuccYbuNtauO8Lz9qf1pPbcEskJlmJaqNb1RjuGFAhcLBlID7
ZfixFZp7jBucP5dUPWPcRhsSiu2IDSTuGgnR04THRiQnuhd4rmQMGcv5Dpr1VAjK
Tm/KyDU8q6151qih1cA2hGWs5DZXT+N4CKxTDDzsjZTT+FopEcnutn4DOGSbYqUi
oRoVTZim7wxsUJbJVHqD10LMG5w2gvi7Tw8DerYKT1FPMKPRciuGGZjH+RLIkh95
PMpvb36UtvjeHckf3McIRWy8IKc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:40 2025 by rpki-client