Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06C03A5826A711F08CDB9D8DDAE4EC9C.roa
File: 06C03A5826A711F08CDB9D8DDAE4EC9C.roa (raw, json)
Hash identifier: kNlJ2/LFwcAwgLRbxWZ5VOiaFxRO8/eZuolLR5J778o=
Subject key identifier: 4F:97:1C:1B:76:9E:47:50:DE:A3:E2:FB:C8:2D:E6:0C:66:93:16:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E34
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06C03A5826A711F08CDB9D8DDAE4EC9C.roa
Signing time: Thu 01 May 2025 16:12:07 +0000
ROA not before: Thu 01 May 2025 16:12:01 +0000
ROA not after: Mon 01 May 2028 16:12:01 +0000
asID: 17561
IP address blocks: 154.208.250.0/24 maxlen: 24
154.208.251.0/24 maxlen: 24
154.208.252.0/24 maxlen: 24
154.208.253.0/24 maxlen: 24
154.208.254.0/24 maxlen: 24
154.208.255.0/24 maxlen: 24
154.214.128.0/24 maxlen: 24
154.214.129.0/24 maxlen: 24
154.214.130.0/24 maxlen: 24
154.214.131.0/24 maxlen: 24
154.214.132.0/24 maxlen: 24
154.214.133.0/24 maxlen: 24
154.214.134.0/24 maxlen: 24
154.214.135.0/24 maxlen: 24
154.214.136.0/24 maxlen: 24
154.214.137.0/24 maxlen: 24
154.214.138.0/24 maxlen: 24
154.214.139.0/24 maxlen: 24
154.214.140.0/24 maxlen: 24
154.214.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 10 May 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97844 (0x17e34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 16:12:01 2025 GMT
Not After : May 1 16:12:01 2028 GMT
Subject: CN=68139d57-e88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:86:9f:aa:0c:a4:97:ae:d6:25:63:fd:f5:
d8:df:70:2a:e9:bc:55:af:56:c9:26:0c:2b:a7:17:
d5:d5:7f:3a:d2:ee:6b:8f:08:44:54:5e:04:ae:b6:
78:89:29:ec:c6:0e:94:10:da:8f:82:ca:78:8f:eb:
8f:2c:67:15:07:6f:8f:42:84:42:56:96:53:57:4c:
ec:41:3f:19:41:87:c3:9b:fb:c9:57:11:be:60:72:
84:74:fe:a1:f7:e9:97:66:12:a0:13:e5:76:4c:ae:
f2:3d:65:97:2d:fa:fd:32:cc:a7:9a:58:41:7d:8d:
63:4d:b6:53:6e:91:01:3d:24:52:72:37:bb:3c:6d:
d7:b6:b3:30:4e:5d:98:a0:c6:c1:f2:e8:f2:90:f8:
77:59:6e:5c:ea:3a:46:85:12:09:f7:48:94:e6:cb:
f8:8e:5c:df:cd:05:51:82:30:a0:5f:67:80:cb:65:
43:ca:93:83:af:28:e3:28:cd:21:3a:56:c2:eb:36:
99:34:38:a5:70:4a:ce:52:2a:1b:09:0c:8a:07:d9:
99:46:41:68:6d:18:0a:04:a0:20:a2:84:80:bb:c9:
51:37:ef:93:79:4e:10:b9:3c:a2:db:65:22:1c:1b:
29:73:e6:69:af:76:41:6b:67:a7:97:56:c2:81:92:
55:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:97:1C:1B:76:9E:47:50:DE:A3:E2:FB:C8:2D:E6:0C:66:93:16:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/06C03A5826A711F08CDB9D8DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.250.0-154.208.255.255
154.214.128.0-154.214.141.255
Signature Algorithm: sha256WithRSAEncryption
52:48:d3:87:db:16:96:6f:66:4f:48:67:21:94:b1:98:41:8b:
04:27:a3:29:1d:3e:e9:80:f8:f7:4b:33:dc:f1:50:d8:e5:01:
08:e5:b4:39:58:ca:d6:48:93:9a:6a:33:e6:97:87:67:38:ab:
f4:62:1b:7f:1c:60:b6:a0:d4:b0:28:ea:ff:5c:11:91:f2:db:
5c:b1:2f:95:e2:8f:1b:28:b6:a2:8e:e1:80:f0:d6:d6:66:b0:
40:1e:85:7a:17:a5:8e:45:79:85:28:8d:6a:b4:4a:38:31:c8:
0f:69:1a:cc:e6:51:99:86:5c:94:0f:b9:f2:66:e3:18:aa:a5:
d5:e9:fe:59:f0:90:34:5c:33:85:8e:c6:d6:93:2f:ab:97:de:
a0:9c:b3:a7:a3:80:ef:00:73:a3:ed:07:2d:92:1b:64:06:9f:
84:04:c6:19:b0:f9:40:6d:22:69:a4:91:3f:a6:c7:a5:00:ba:
c9:b5:3c:04:be:af:18:ce:0e:6f:bc:05:29:64:83:fc:a1:4f:
ba:19:66:a9:75:df:85:40:90:dd:0c:95:40:3d:5f:bb:5e:ec:
ab:f0:0e:5e:4c:ae:45:b0:a5:39:62:9f:ec:16:a3:04:50:0e:
79:db:d6:bc:35:f5:24:36:fa:74:61:98:90:93:f2:9b:2f:14:
c1:83:a6:e5
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAX40MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTYxMjAxWhcNMjgwNTAxMTYxMjAxWjAYMRYw
FAYDVQQDEw02ODEzOWQ1Ny1lODhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs82Gn6oMpJeu1iVj/fXY33Aq6bxVr1bJJgwrpxfV1X860u5rjwhEVF4E
rrZ4iSnsxg6UENqPgsp4j+uPLGcVB2+PQoRCVpZTV0zsQT8ZQYfDm/vJVxG+YHKE
dP6h9+mXZhKgE+V2TK7yPWWXLfr9MsynmlhBfY1jTbZTbpEBPSRScje7PG3XtrMw
Tl2YoMbB8ujykPh3WW5c6jpGhRIJ90iU5sv4jlzfzQVRgjCgX2eAy2VDypODryjj
KM0hOlbC6zaZNDilcErOUiobCQyKB9mZRkFobRgKBKAgooSAu8lRN++TeU4QuTyi
22UiHBspc+Zpr3ZBa2enl1bCgZJVmwIDAQABo4ICujCCArYwHQYDVR0OBBYEFE+X
HBt2nkdQ3qPi+8gt5gxmkxY+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNkMwM0E1ODI2QTcxMUYwOENEQjlEOEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDBAGa0PoDAwCa0DAMAwQH
mtaAAwQBmtaMMA0GCSqGSIb3DQEBCwUAA4IBAQBSSNOH2xaWb2ZPSGchlLGYQYsE
J6MpHT7pgPj3SzPc8VDY5QEI5bQ5WMrWSJOaajPml4dnOKv0Yht/HGC2oNSwKOr/
XBGR8ttcsS+V4o8bKLaijuGA8NbWZrBAHoV6F6WORXmFKI1qtEo4McgPaRrM5lGZ
hlyUD7nyZuMYqqXV6f5Z8JA0XDOFjsbWky+rl96gnLOno4DvAHOj7QctkhtkBp+E
BMYZsPlAbSJppJE/pselALrJtTwEvq8Yzg5vvAUpZIP8oU+6GWapdd+FQJDdDJVA
PV+7Xuyr8A5eTK5FsKU5Yp/sFqMEUA5529a8NfUkNvp0YZiQk/KbLxTBg6bl
-----END CERTIFICATE-----
Generated at Thu May 8 21:20:46 2025 by rpki-client