Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE4D7E08F65711EF943F1EB9762E951A.roa
File: CE4D7E08F65711EF943F1EB9762E951A.roa (raw, json)
Hash identifier: EX9lkt02mQ+Lt2lXpS3kU8jiJpRdCExBFdGGniXTUdg=
Subject key identifier: 57:D1:27:91:E6:08:EB:92:92:A3:05:69:A8:AF:98:4D:87:46:10:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE4D7E08F65711EF943F1EB9762E951A.roa
Signing time: Sat 01 Mar 2025 04:44:06 +0000
ROA not before: Sat 01 Mar 2025 04:44:02 +0000
ROA not after: Fri 20 Feb 2026 04:44:02 +0000
asID: 984
IP address blocks: 154.195.5.0/24 maxlen: 24
154.195.34.0/24 maxlen: 24
154.195.44.0/24 maxlen: 24
154.195.45.0/24 maxlen: 24
154.195.64.0/24 maxlen: 24
154.195.65.0/24 maxlen: 24
154.195.66.0/24 maxlen: 24
154.195.67.0/24 maxlen: 24
154.195.68.0/24 maxlen: 24
154.195.69.0/24 maxlen: 24
154.195.70.0/24 maxlen: 24
154.195.71.0/24 maxlen: 24
154.195.72.0/24 maxlen: 24
154.195.73.0/24 maxlen: 24
154.195.74.0/24 maxlen: 24
154.195.75.0/24 maxlen: 24
154.195.76.0/24 maxlen: 24
154.223.253.0/24 maxlen: 24
154.223.254.0/24 maxlen: 24
154.223.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93456 (0x16d10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 04:44:02 2025 GMT
Not After : Feb 20 04:44:02 2026 GMT
Subject: CN=67c29095-ca4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:40:0e:05:69:bc:0a:b6:0e:ed:74:ec:ae:83:
37:15:79:3c:d5:95:19:a9:a9:24:5c:c0:ad:f3:46:
b4:f8:c7:04:b9:74:c1:8c:91:8b:76:54:c7:8a:31:
c8:40:9b:8e:bb:f6:1d:bd:01:74:2e:90:a2:d4:dc:
8b:8c:75:1f:60:6b:5d:ec:81:3c:cc:dd:f5:a7:05:
3b:74:ea:b0:73:95:20:95:d8:20:d1:69:4b:9f:d3:
e4:c4:29:3c:8c:a4:32:9b:e0:2e:e0:b4:cb:22:8f:
3a:32:81:63:89:1a:87:92:71:64:8a:8c:88:c7:1c:
98:0b:85:54:80:a2:d8:d4:22:e6:95:7a:0f:ff:5a:
43:fe:42:78:9f:46:80:22:1c:39:38:35:f3:39:33:
c5:c0:a5:f8:02:f2:59:a5:47:57:a8:d9:b9:17:4d:
3d:14:ed:67:fe:bb:5b:ca:8d:b1:f0:6a:89:7f:fa:
1a:82:1f:8f:ab:ac:0b:46:b1:cd:42:c0:d2:97:53:
dc:0a:ff:78:97:ba:ef:38:7d:2c:90:42:64:1a:0a:
3d:32:08:68:a3:e6:74:45:17:76:57:99:75:8a:e2:
ef:16:da:38:30:53:0c:86:d6:9a:6b:68:be:02:51:
61:06:08:b4:51:9a:17:a7:91:ef:bb:78:ea:3e:80:
ab:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D1:27:91:E6:08:EB:92:92:A3:05:69:A8:AF:98:4D:87:46:10:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE4D7E08F65711EF943F1EB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.5.0/24
154.195.34.0/24
154.195.44.0/23
154.195.64.0-154.195.76.255
154.223.253.0-154.223.255.255
Signature Algorithm: sha256WithRSAEncryption
1b:fa:b1:9f:4d:61:08:b5:52:5a:98:af:f4:4b:d0:e3:f9:3a:
fb:70:17:3c:4c:cf:bf:7a:73:95:1f:90:ae:f9:15:26:3c:cf:
9e:44:04:6c:42:f2:13:1e:9e:b3:06:04:1b:63:29:04:1d:a8:
c5:af:b3:dc:7a:29:32:44:28:00:a2:ac:3d:8d:d0:f0:ef:b1:
56:b4:48:1d:74:d9:69:d3:07:e4:51:13:bd:36:72:59:aa:3c:
36:ee:7a:27:95:ed:6d:1a:95:69:df:a0:d5:43:79:f7:95:bc:
e3:83:f0:cd:dd:06:94:9a:15:08:8f:1a:a5:cb:9c:6a:8e:6a:
96:48:a1:03:8a:01:00:3b:fa:ea:e1:5d:c3:e2:29:5f:43:bf:
86:79:45:15:32:18:df:7a:e6:08:51:f8:4a:c0:3c:52:bc:d1:
84:d3:b0:99:74:96:77:37:cb:24:26:cd:c0:80:73:53:52:24:
90:62:43:ad:40:e5:bf:ef:45:02:53:1f:d2:c2:f9:34:e0:67:
97:ee:19:e0:37:35:60:ac:60:49:60:d6:7c:4c:13:e8:99:80:
52:95:51:41:8f:5f:ab:34:51:78:bb:79:bb:8e:09:99:f1:29:
64:16:a0:37:6b:40:33:10:21:ee:ba:e4:50:39:7b:e6:75:2d:
dc:8c:32:0b
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIDAW0QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDQ0NDAyWhcNMjYwMjIwMDQ0NDAyWjAYMRYw
FAYDVQQDEw02N2MyOTA5NS1jYTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA30AOBWm8CrYO7XTsroM3FXk81ZUZqakkXMCt80a0+McEuXTBjJGLdlTH
ijHIQJuOu/YdvQF0LpCi1NyLjHUfYGtd7IE8zN31pwU7dOqwc5Ugldgg0WlLn9Pk
xCk8jKQym+Au4LTLIo86MoFjiRqHknFkioyIxxyYC4VUgKLY1CLmlXoP/1pD/kJ4
n0aAIhw5ODXzOTPFwKX4AvJZpUdXqNm5F009FO1n/rtbyo2x8GqJf/oagh+Pq6wL
RrHNQsDSl1PcCv94l7rvOH0skEJkGgo9Mghoo+Z0RRd2V5l1iuLvFto4MFMMhtaa
a2i+AlFhBgi0UZoXp5Hvu3jqPoCr4QIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFFfR
J5HmCOuSkqMFaaivmE2HRhB7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTREN0UwOEY2NTcxMUVGOTQzRjFFQjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQAmsMFAwQAmsMiAwQBmsMs
MAwDBAaaw0ADBACaw0wwCwMEAJrf/QMDBZrAMA0GCSqGSIb3DQEBCwUAA4IBAQAb
+rGfTWEItVJamK/0S9Dj+Tr7cBc8TM+/enOVH5Cu+RUmPM+eRARsQvITHp6zBgQb
YykEHajFr7PceikyRCgAoqw9jdDw77FWtEgddNlp0wfkURO9NnJZqjw27nonle1t
GpVp36DVQ3n3lbzjg/DN3QaUmhUIjxqly5xqjmqWSKEDigEAO/rq4V3D4ilfQ7+G
eUUVMhjfeuYIUfhKwDxSvNGE07CZdJZ3N8skJs3AgHNTUiSQYkOtQOW/70UCUx/S
wvk04GeX7hngNzVgrGBJYNZ8TBPomYBSlVFBj1+rNFF4u3m7jgmZ8SlkFqA3a0Az
ECHuuuRQOXvmdS3cjDIL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:35:44 2025 by rpki-client