Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E957687CFB2911EFAE8DB662762E951A.roa
File: E957687CFB2911EFAE8DB662762E951A.roa (raw, json)
Hash identifier: TeGkANtfHuFi6mBFAreSG19RcpZkSpnWzTuUPoBw2As=
Subject key identifier: 80:6A:BC:98:1D:02:89:E7:40:80:BA:0A:87:34:FF:41:48:D9:27:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E957687CFB2911EFAE8DB662762E951A.roa
Signing time: Fri 07 Mar 2025 07:58:10 +0000
ROA not before: Fri 07 Mar 2025 07:58:06 +0000
ROA not after: Wed 16 Apr 2025 07:58:06 +0000
asID: 203020
IP address blocks: 154.201.37.0/24 maxlen: 24
154.201.38.0/24 maxlen: 24
154.202.91.0/24 maxlen: 24
154.202.101.0/24 maxlen: 24
154.202.103.0/24 maxlen: 24
154.202.104.0/24 maxlen: 24
154.202.106.0/24 maxlen: 24
154.203.44.0/22 maxlen: 24
154.203.48.0/23 maxlen: 24
154.207.32.0/20 maxlen: 24
154.207.48.0/22 maxlen: 24
154.207.52.0/23 maxlen: 24
154.207.54.0/24 maxlen: 24
154.207.56.0/23 maxlen: 24
154.207.59.0/24 maxlen: 24
154.207.60.0/22 maxlen: 24
154.209.224.0/20 maxlen: 24
154.209.240.0/21 maxlen: 24
154.209.248.0/23 maxlen: 24
154.209.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94910 (0x172be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 07:58:06 2025 GMT
Not After : Apr 16 07:58:06 2025 GMT
Subject: CN=67caa712-979b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a8:61:ab:56:06:6a:79:ae:04:90:8e:0f:b2:
d2:be:df:44:4f:ab:43:ac:76:89:ac:c8:5a:88:79:
17:77:be:99:12:98:de:5f:fb:18:01:77:90:ff:b5:
48:ef:3e:c9:86:8d:b1:ab:26:d3:4d:2f:70:6b:4b:
73:b2:7c:91:c8:c0:e2:f7:d8:1b:c5:40:b8:c4:34:
3a:54:27:e2:cd:01:b7:42:01:0c:73:5c:e7:0f:ff:
93:fc:66:0c:82:e4:c5:f4:3b:86:24:01:10:0a:1c:
71:2d:92:17:e6:7b:7f:7c:05:c6:96:78:14:a0:5a:
52:3a:84:9d:f6:0e:20:40:85:40:d0:cc:36:9f:7f:
c4:65:68:50:6c:21:cc:ee:6c:16:ee:ff:0e:ea:ac:
ce:7e:47:42:96:c9:12:f6:f9:93:01:af:68:ef:54:
de:52:83:fa:ff:2d:ae:3e:0c:95:45:c2:e4:6a:e8:
9b:85:3f:53:80:d4:cc:e4:86:4e:f9:b7:0d:0e:58:
34:42:3c:cd:01:a5:0b:9f:04:5d:ba:f8:c0:f2:b3:
7f:f2:87:7e:d2:b5:47:ac:0d:33:30:a5:f9:9c:c6:
8a:27:40:3a:84:fe:65:fc:66:18:44:ad:46:c8:4c:
85:53:a5:29:4d:2d:71:da:28:96:83:4e:8f:19:17:
18:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:6A:BC:98:1D:02:89:E7:40:80:BA:0A:87:34:FF:41:48:D9:27:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E957687CFB2911EFAE8DB662762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.37.0-154.201.38.255
154.202.91.0/24
154.202.101.0/24
154.202.103.0-154.202.104.255
154.202.106.0/24
154.203.44.0-154.203.49.255
154.207.32.0-154.207.54.255
154.207.56.0/23
154.207.59.0-154.207.63.255
154.209.224.0-154.209.250.255
Signature Algorithm: sha256WithRSAEncryption
aa:be:61:3d:1a:b2:a2:18:fc:f8:e5:a0:45:eb:63:2e:f0:32:
93:5b:ab:fb:42:79:64:92:eb:0c:44:c3:0e:89:d3:cd:aa:8d:
da:d9:c9:bc:1d:10:49:ff:4f:e3:06:0f:7a:a7:66:41:ef:9a:
01:c4:9b:d2:c3:2f:a1:0a:46:f8:1a:76:30:72:5e:05:8d:34:
df:7f:56:ae:b3:bf:d7:56:a9:72:7c:44:22:d5:a8:29:77:e5:
34:c3:5f:52:ba:0e:39:96:7f:a8:c2:fe:f4:e9:5d:15:04:2f:
8e:6b:e2:57:57:87:47:43:77:1d:76:b1:4e:65:01:fb:8e:7e:
0c:a4:e2:03:8b:3c:b9:2b:2d:ec:35:e3:00:54:49:4a:4f:92:
8e:17:de:d0:de:3c:ca:fa:5f:ad:f7:54:c1:f7:bf:46:82:28:
26:68:90:83:1c:06:6f:17:8d:31:f9:b8:c4:ad:46:d6:73:b4:
1a:bf:9a:e4:dc:bf:3c:35:04:5c:cd:43:00:3c:8c:68:23:54:
9e:15:9d:a5:6b:8f:05:d6:5f:ed:c4:fd:e7:1e:ad:80:48:81:
d4:eb:6a:c4:7c:11:62:b0:8e:12:23:ca:69:d1:7b:19:cf:e6:
6d:b3:fd:63:35:26:fe:1d:69:53:59:6e:36:e8:98:a5:fd:23:
69:5a:8a:0a
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgIDAXK+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDc1ODA2WhcNMjUwNDE2MDc1ODA2WjAYMRYw
FAYDVQQDEw02N2NhYTcxMi05NzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Khhq1YGanmuBJCOD7LSvt9ET6tDrHaJrMhaiHkXd76ZEpjeX/sYAXeQ
/7VI7z7Jho2xqybTTS9wa0tzsnyRyMDi99gbxUC4xDQ6VCfizQG3QgEMc1znD/+T
/GYMguTF9DuGJAEQChxxLZIX5nt/fAXGlngUoFpSOoSd9g4gQIVA0Mw2n3/EZWhQ
bCHM7mwW7v8O6qzOfkdClskS9vmTAa9o71TeUoP6/y2uPgyVRcLkauibhT9TgNTM
5IZO+bcNDlg0QjzNAaULnwRduvjA8rN/8od+0rVHrA0zMKX5nMaKJ0A6hP5l/GYY
RK1GyEyFU6UpTS1x2iiWg06PGRcYVwIDAQABo4IDDDCCAwgwHQYDVR0OBBYEFIBq
vJgdAonnQIC6Coc0/0FI2SdHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOTU3Njg3Q0ZCMjkxMUVGQUU4REI2NjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbDAMAwQAmsklAwQAmskmAwQA
mspbAwQAmsplMAwDBACaymcDBACaymgDBACaymowDAMEAprLLAMEAZrLMDAMAwQF
ms8gAwQAms82AwQBms84MAwDBACazzsDBAaazwAwDAMEBZrR4AMEAJrR+jANBgkq
hkiG9w0BAQsFAAOCAQEAqr5hPRqyohj8+OWgRetjLvAyk1ur+0J5ZJLrDETDDonT
zaqN2tnJvB0QSf9P4wYPeqdmQe+aAcSb0sMvoQpG+Bp2MHJeBY00339WrrO/11ap
cnxEItWoKXflNMNfUroOOZZ/qML+9OldFQQvjmviV1eHR0N3HXaxTmUB+45+DKTi
A4s8uSst7DXjAFRJSk+Sjhfe0N48yvpfrfdUwfe/RoIoJmiQgxwGbxeNMfm4xK1G
1nO0Gr+a5Ny/PDUEXM1DADyMaCNUnhWdpWuPBdZf7cT95x6tgEiB1OtqxHwRYrCO
EiPKadF7Gc/mbbP9YzUm/h1pU1luNuiYpf0jaVqKCg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:48:28 2025 by rpki-client