Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFA7D7C0F65D11EF9E778763762E951A.roa
File: CFA7D7C0F65D11EF9E778763762E951A.roa (raw, json)
Hash identifier: hi/WrmD8xqpNXKtyAP2n5G4rtTbKK0D3giHJOAtN6Sw=
Subject key identifier: F6:81:EC:37:C4:5E:84:BF:CA:27:77:81:E7:40:E0:DD:A9:70:5D:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D24
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFA7D7C0F65D11EF9E778763762E951A.roa
Signing time: Sat 01 Mar 2025 05:27:05 +0000
ROA not before: Sat 01 Mar 2025 05:27:01 +0000
ROA not after: Sat 19 Feb 2028 05:27:01 +0000
asID: 17561
IP address blocks: 154.196.170.0/24 maxlen: 24
154.196.171.0/24 maxlen: 24
154.196.172.0/24 maxlen: 24
154.196.181.0/24 maxlen: 24
154.196.182.0/24 maxlen: 24
154.196.183.0/24 maxlen: 24
154.196.184.0/24 maxlen: 24
154.196.185.0/24 maxlen: 24
154.196.186.0/24 maxlen: 24
154.196.188.0/24 maxlen: 24
154.196.189.0/24 maxlen: 24
154.196.190.0/24 maxlen: 24
154.196.222.0/24 maxlen: 24
154.196.223.0/24 maxlen: 24
154.196.224.0/24 maxlen: 24
154.196.225.0/24 maxlen: 24
154.196.226.0/24 maxlen: 24
154.196.227.0/24 maxlen: 24
154.196.228.0/24 maxlen: 24
154.196.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93476 (0x16d24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 05:27:01 2025 GMT
Not After : Feb 19 05:27:01 2028 GMT
Subject: CN=67c29aa9-2789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f7:21:4d:c1:e2:20:a4:48:32:9d:b8:69:88:
3a:28:60:31:b4:d4:5a:23:e4:fc:ee:db:bc:22:87:
1b:c2:99:2e:98:3f:00:57:05:33:74:ae:0d:8e:62:
76:d7:34:3d:92:a9:33:90:13:e5:4b:3c:e4:10:4c:
67:c3:2e:23:52:c1:27:d5:8e:76:fb:29:8d:91:a6:
7e:35:4d:b4:2a:c6:6e:4e:5d:64:98:e6:1a:e2:07:
bd:a0:ae:d7:79:ae:30:47:f9:e1:42:3c:36:e7:72:
f1:e4:98:ec:7c:bc:c3:3e:b3:80:ff:f3:3e:46:f3:
f4:32:c2:f6:7f:ec:f4:f4:00:9f:8c:c6:ea:98:c8:
95:a2:39:9c:77:19:7a:0f:ac:42:c2:63:3e:b4:52:
ae:37:11:a0:96:33:f5:80:d3:7a:48:39:91:ef:fd:
58:ba:33:b5:33:f3:d5:b7:c0:92:d7:ca:c6:0f:5c:
c6:44:f7:6b:32:ea:04:cc:e4:7a:f2:b7:57:1e:1a:
59:55:10:42:f0:dd:d2:62:3d:52:c4:1e:cd:29:58:
ea:31:94:93:1f:47:8c:6b:33:59:5b:94:bf:a0:20:
db:ea:39:0a:a1:e0:b7:1f:44:bc:6d:45:7e:1c:b8:
ff:7f:32:35:dc:80:a3:01:3e:28:31:e2:53:c4:fe:
33:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:81:EC:37:C4:5E:84:BF:CA:27:77:81:E7:40:E0:DD:A9:70:5D:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFA7D7C0F65D11EF9E778763762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.170.0-154.196.172.255
154.196.181.0-154.196.186.255
154.196.188.0-154.196.190.255
154.196.222.0-154.196.229.255
Signature Algorithm: sha256WithRSAEncryption
77:bf:e5:05:1c:c3:80:04:8f:d2:18:d9:e3:8e:c9:5c:3c:f1:
f9:16:b0:3d:19:68:7a:94:ff:e7:21:f5:e5:79:3c:24:de:25:
b0:5e:d1:57:23:13:71:87:b6:92:84:96:4a:98:2e:4f:49:2f:
fa:12:5e:a6:d3:4c:9f:85:4f:5c:c3:7a:4b:9a:30:3c:66:8f:
ff:2a:98:6c:32:63:e0:a1:f0:95:44:65:fe:e6:b6:91:22:eb:
43:1f:72:92:3b:f8:c8:e5:e6:c8:2d:64:c2:ca:4b:6d:dd:fc:
0d:56:a8:7a:7e:3e:48:ee:a7:0b:d6:52:9a:f4:83:c2:8f:be:
c0:6a:4f:68:b9:cb:0c:ac:b0:13:b4:fd:01:ad:87:9a:6e:6c:
2c:30:32:8d:16:cb:66:d9:a0:fd:a5:72:53:61:86:bd:a5:31:
c5:19:09:0a:57:36:84:10:18:47:27:16:75:c5:9d:c0:7e:25:
4d:a6:aa:3f:50:95:a5:a6:c7:26:0c:6b:02:f4:24:ea:ad:17:
1c:92:40:41:42:f3:93:49:31:dd:3f:2f:a8:85:1e:af:63:80:
e0:ba:6e:e7:8d:d0:8e:c0:9f:b8:e7:64:a7:af:57:8e:ff:b9:
03:2a:55:db:4d:4f:d1:33:cd:2f:a1:e2:f2:ce:72:67:15:c6:
e8:84:c7:35
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAW0kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDUyNzAxWhcNMjgwMjE5MDUyNzAxWjAYMRYw
FAYDVQQDEw02N2MyOWFhOS0yNzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwfchTcHiIKRIMp24aYg6KGAxtNRaI+T87tu8IocbwpkumD8AVwUzdK4N
jmJ21zQ9kqkzkBPlSzzkEExnwy4jUsEn1Y52+ymNkaZ+NU20KsZuTl1kmOYa4ge9
oK7Xea4wR/nhQjw253Lx5JjsfLzDPrOA//M+RvP0MsL2f+z09ACfjMbqmMiVojmc
dxl6D6xCwmM+tFKuNxGgljP1gNN6SDmR7/1YujO1M/PVt8CS18rGD1zGRPdrMuoE
zOR68rdXHhpZVRBC8N3SYj1SxB7NKVjqMZSTH0eMazNZW5S/oCDb6jkKoeC3H0S8
bUV+HLj/fzI13ICjAT4oMeJTxP4zIwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFPaB
7DfEXoS/yid3gedA4N2pcF3vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRkE3RDdDMEY2NUQxMUVGOUU3Nzg3NjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAGaxKoDBACaxKwwDAME
AJrEtQMEAJrEujAMAwQCmsS8AwQAmsS+MAwDBAGaxN4DBAGaxOQwDQYJKoZIhvcN
AQELBQADggEBAHe/5QUcw4AEj9IY2eOOyVw88fkWsD0ZaHqU/+ch9eV5PCTeJbBe
0VcjE3GHtpKElkqYLk9JL/oSXqbTTJ+FT1zDekuaMDxmj/8qmGwyY+Ch8JVEZf7m
tpEi60MfcpI7+Mjl5sgtZMLKS23d/A1WqHp+PkjupwvWUpr0g8KPvsBqT2i5ywys
sBO0/QGth5pubCwwMo0Wy2bZoP2lclNhhr2lMcUZCQpXNoQQGEcnFnXFncB+JU2m
qj9QlaWmxyYMawL0JOqtFxySQEFC85NJMd0/L6iFHq9jgOC6bueN0I7An7jnZKev
V47/uQMqVdtNT9EzzS+h4vLOcmcVxuiExzU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:12 2025 by rpki-client