Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB5AA400FE4911EFBDCE6A71762E951A.roa
File: DB5AA400FE4911EFBDCE6A71762E951A.roa (raw, json)
Hash identifier: BZayU2jSS9uDpkbHzjTo1O8ew4Hy6CgR/IaiMh1EBSY=
Subject key identifier: 2F:A0:0C:8B:FF:31:96:D2:53:6D:46:C6:85:99:B5:C0:B9:B5:EC:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017360
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB5AA400FE4911EFBDCE6A71762E951A.roa
Signing time: Tue 11 Mar 2025 07:24:24 +0000
ROA not before: Tue 11 Mar 2025 07:24:20 +0000
ROA not after: Sun 13 Apr 2025 07:24:20 +0000
asID: 141883
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.214.32.0/19 maxlen: 24
154.215.0.0/24 maxlen: 24
154.216.128.0/18 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95072 (0x17360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 11 07:24:20 2025 GMT
Not After : Apr 13 07:24:20 2025 GMT
Subject: CN=67cfe528-4bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:3f:69:5f:09:5e:d7:16:76:dd:50:e6:e7:
d7:a5:24:54:c0:8c:02:ab:ac:3b:1e:e8:69:da:0a:
77:6a:d6:63:d0:25:81:5d:ce:75:71:85:e7:2a:29:
6f:f5:ae:31:ed:68:73:1c:f4:b1:4f:fc:af:fe:14:
c0:b8:ea:ef:fb:d9:fc:8f:b3:03:26:8a:c6:c2:76:
f3:a6:35:85:00:7c:ed:c4:51:06:91:07:7a:da:ac:
25:25:9e:42:97:cc:21:ac:39:8c:ef:7f:01:ca:95:
4d:81:42:ae:12:06:28:18:f1:dd:e4:a0:18:1e:8c:
b9:d6:12:0f:41:50:cc:fe:51:76:97:31:8e:db:e6:
c7:be:0f:18:7d:48:10:db:bc:3f:dd:ef:6a:a7:db:
62:70:9d:df:0f:90:e1:63:12:27:d8:9e:76:34:42:
c7:53:aa:1e:e7:b9:76:9e:55:5e:2e:79:4d:0c:13:
ae:ac:0f:dc:3b:e1:09:b9:ee:e2:7d:ff:89:4a:1c:
5b:09:24:e5:37:5b:d8:12:5b:ca:c1:27:c8:66:b6:
ae:2b:fb:68:18:17:89:c8:ec:5a:58:0a:42:c9:dc:
eb:c2:4e:de:11:da:85:52:51:60:b0:2c:34:cf:23:
76:3f:ea:a7:00:d7:4d:24:43:74:38:57:d7:1e:a7:
85:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A0:0C:8B:FF:31:96:D2:53:6D:46:C6:85:99:B5:C0:B9:B5:EC:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB5AA400FE4911EFBDCE6A71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.214.32.0/19
154.215.0.0/24
154.216.128.0/18
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
99:49:9d:5f:b9:8e:ab:06:a9:4c:35:66:85:90:7c:34:25:df:
e1:63:44:21:67:e8:ea:20:1a:ce:f3:0b:9c:e3:16:08:dd:f5:
b3:35:f1:9b:c5:82:2d:f6:97:53:cb:f5:42:2c:32:d2:48:bd:
56:6e:95:2d:78:36:02:af:0c:67:05:c0:bd:16:7e:29:6c:29:
a9:8c:03:45:9e:d1:db:72:ac:c7:3d:3e:34:9f:4b:f6:27:7b:
1b:b3:52:b5:0b:3c:9e:de:22:1d:9b:3d:70:a5:49:e0:62:84:
5c:3d:5f:51:18:a3:44:3a:5d:74:c9:35:a8:e9:5e:fe:a6:97:
dc:89:00:d6:b5:30:f5:61:2a:cc:da:56:0e:7c:a4:2d:34:ae:
67:dd:e3:8a:e7:d8:cc:74:e1:14:fe:05:aa:32:d3:b9:5c:17:
66:69:1a:a1:f6:ab:f6:bf:d1:15:2a:d8:ea:38:e1:f5:cb:be:
16:89:1e:2b:55:7e:70:1c:61:34:2a:01:43:e8:5e:d5:02:75:
dd:45:0d:8a:98:f2:d2:52:4f:72:98:aa:3e:73:47:56:4c:71:
e6:85:fa:83:77:23:81:68:dd:92:ad:5e:21:7b:46:19:f4:27:
6c:bd:c6:b7:90:b6:e2:16:2e:0e:41:d8:7f:5f:bc:f2:f1:9b:
dc:a5:0c:8b
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAXNgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzExMDcyNDIwWhcNMjUwNDEzMDcyNDIwWjAYMRYw
FAYDVQQDEw02N2NmZTUyOC00YmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwZE/aV8JXtcWdt1Q5ufXpSRUwIwCq6w7Huhp2gp3atZj0CWBXc51cYXn
Kilv9a4x7WhzHPSxT/yv/hTAuOrv+9n8j7MDJorGwnbzpjWFAHztxFEGkQd62qwl
JZ5Cl8whrDmM738BypVNgUKuEgYoGPHd5KAYHoy51hIPQVDM/lF2lzGO2+bHvg8Y
fUgQ27w/3e9qp9ticJ3fD5DhYxIn2J52NELHU6oe57l2nlVeLnlNDBOurA/cO+EJ
ue7iff+JShxbCSTlN1vYElvKwSfIZrauK/toGBeJyOxaWApCydzrwk7eEdqFUlFg
sCw0zyN2P+qnANdNJEN0OFfXHqeFeQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFC+g
DIv/MZbSU21GxoWZtcC5teziMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjVBQTQwMEZFNDkxMUVGQkRDRTZBNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBAWa1iADBACa1wADBAaa2IADBACa2gADBACa3QAwDQYJKoZIhvcN
AQELBQADggEBAJlJnV+5jqsGqUw1ZoWQfDQl3+FjRCFn6OogGs7zC5zjFgjd9bM1
8ZvFgi32l1PL9UIsMtJIvVZulS14NgKvDGcFwL0WfilsKamMA0We0dtyrMc9PjSf
S/YnexuzUrULPJ7eIh2bPXClSeBihFw9X1EYo0Q6XXTJNajpXv6ml9yJANa1MPVh
KszaVg58pC00rmfd44rn2Mx04RT+Baoy07lcF2ZpGqH2q/a/0RUq2Oo44fXLvhaJ
HitVfnAcYTQqAUPoXtUCdd1FDYqY8tJST3KYqj5zR1ZMceaF+oN3I4Fo3ZKtXiF7
Rhn0J2y9xreQtuIWLg5B2H9fvPLxm9ylDIs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:19:18 2025 by rpki-client