Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C64973C4E9E11F090E3A8ADDAE4EC9C.roa
File: 0C64973C4E9E11F090E3A8ADDAE4EC9C.roa (raw, json)
Hash identifier: S8saMcv+N0A3xlMLSFw29XiT9JBKD+vgqz/G8hzIKdU=
Subject key identifier: 4D:5E:4A:4C:A8:B1:47:0E:C4:F9:0A:2D:DC:AE:61:01:0A:E4:B4:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187C8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C64973C4E9E11F090E3A8ADDAE4EC9C.roa
Signing time: Sat 21 Jun 2025 12:48:37 +0000
ROA not before: Sat 21 Jun 2025 12:48:33 +0000
ROA not after: Wed 30 Jul 2025 12:48:33 +0000
asID: 62240
IP address blocks: 154.195.2.0/24 maxlen: 24
154.195.3.0/24 maxlen: 24
154.195.97.0/24 maxlen: 24
154.195.98.0/24 maxlen: 24
154.195.99.0/24 maxlen: 24
154.195.101.0/24 maxlen: 24
154.195.102.0/24 maxlen: 24
154.195.103.0/24 maxlen: 24
154.195.104.0/24 maxlen: 24
154.195.105.0/24 maxlen: 24
154.195.106.0/24 maxlen: 24
154.195.107.0/24 maxlen: 24
154.195.109.0/24 maxlen: 24
154.195.110.0/24 maxlen: 24
154.195.114.0/24 maxlen: 24
154.195.115.0/24 maxlen: 24
154.195.119.0/24 maxlen: 24
154.196.83.0/24 maxlen: 24
154.196.84.0/24 maxlen: 24
154.196.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100296 (0x187c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 21 12:48:33 2025 GMT
Not After : Jul 30 12:48:33 2025 GMT
Subject: CN=6856aa25-c566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:29:a9:7b:c7:00:61:f9:60:f8:5a:61:a0:ab:
03:e4:54:84:0d:19:d4:df:ac:eb:84:24:17:e4:1d:
3a:f2:90:54:8d:cf:e7:16:be:7d:c0:32:10:6c:d1:
f2:64:59:c5:76:c7:eb:17:70:40:53:f9:bb:86:ac:
a0:82:a2:fc:b7:04:d6:18:66:cc:63:32:56:bf:67:
a0:9a:61:bf:2e:22:4e:b4:2d:be:6e:90:7c:b7:5b:
f7:18:17:11:05:7f:88:ce:66:42:aa:fa:0f:cd:05:
49:56:e0:c2:b4:68:50:09:a7:67:7f:a1:3d:a0:5b:
05:d3:72:bd:a4:ab:5a:0a:31:c9:90:0e:2b:91:56:
6e:21:49:c6:11:4f:59:bb:fb:80:b8:68:e4:dd:53:
a3:9f:26:34:69:49:a8:94:af:9d:4d:52:28:f6:d1:
fa:35:a4:66:53:c0:2b:73:29:59:fe:8a:30:58:d6:
06:58:bc:4f:de:a4:40:e8:c4:4d:84:b1:a7:77:d5:
c6:71:e6:d9:88:05:51:7f:2c:80:bd:88:18:66:e5:
27:7c:0d:7e:d1:02:20:21:83:ac:cc:4e:ba:d7:50:
26:95:90:12:47:8a:00:db:1c:46:96:c3:3c:85:9e:
05:ba:6b:dd:95:2c:f4:f7:9a:5c:b8:d1:14:71:ee:
1f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5E:4A:4C:A8:B1:47:0E:C4:F9:0A:2D:DC:AE:61:01:0A:E4:B4:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C64973C4E9E11F090E3A8ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.2.0/23
154.195.97.0-154.195.99.255
154.195.101.0-154.195.107.255
154.195.109.0-154.195.110.255
154.195.114.0/23
154.195.119.0/24
154.196.83.0-154.196.85.255
Signature Algorithm: sha256WithRSAEncryption
d2:5b:8f:df:30:57:a5:0f:ec:12:f1:1d:a5:1b:ab:e4:3e:60:
60:0b:79:e6:10:fd:8e:18:ff:a6:c3:99:82:b2:56:6d:a1:95:
e8:d6:cc:1b:e7:63:56:f9:a0:9e:14:60:e9:26:d6:13:d0:a0:
46:db:d8:22:8a:7e:22:a0:a3:e4:ec:fd:57:c7:61:9f:d5:e5:
18:7f:b1:53:33:35:1a:54:4b:fa:85:fc:02:60:06:86:f4:45:
77:b5:14:c5:6c:4c:80:40:0b:d5:e3:2e:ce:be:92:27:cc:4f:
21:0c:86:c9:80:ee:70:54:a1:ca:e4:64:a9:f8:3a:18:59:65:
b2:7e:ca:8b:6b:ff:4a:c2:5c:e4:82:c1:ed:d9:0a:59:9a:7c:
55:8c:09:0e:8a:bc:5f:1f:55:35:c5:8f:34:b7:97:e9:a5:5b:
67:eb:f7:b2:48:60:29:39:35:ce:16:f6:23:9e:86:ce:53:e2:
b4:ee:78:87:44:0f:f1:f2:8e:dd:f7:ed:52:a5:ab:ac:3b:22:
d4:ec:80:6c:3d:77:f7:d9:3c:f6:c8:05:21:d7:c0:72:c8:8f:
c3:b5:de:ab:5f:94:f0:47:86:58:43:ab:a7:a3:e9:3a:a2:b0:
63:5a:4f:65:27:4a:87:9d:bb:0d:b9:32:23:47:a4:93:49:dc:
c8:ab:ed:6f
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIDAYfIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIxMTI0ODMzWhcNMjUwNzMwMTI0ODMzWjAYMRYw
FAYDVQQDEw02ODU2YWEyNS1jNTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsympe8cAYflg+FphoKsD5FSEDRnU36zrhCQX5B068pBUjc/nFr59wDIQ
bNHyZFnFdsfrF3BAU/m7hqyggqL8twTWGGbMYzJWv2egmmG/LiJOtC2+bpB8t1v3
GBcRBX+IzmZCqvoPzQVJVuDCtGhQCadnf6E9oFsF03K9pKtaCjHJkA4rkVZuIUnG
EU9Zu/uAuGjk3VOjnyY0aUmolK+dTVIo9tH6NaRmU8ArcylZ/oowWNYGWLxP3qRA
6MRNhLGnd9XGcebZiAVRfyyAvYgYZuUnfA1+0QIgIYOszE6611AmlZASR4oA2xxG
lsM8hZ4FumvdlSz095pcuNEUce4fAQIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFE1e
SkyosUcOxPkKLdyuYQEK5LQ7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQzY0OTczQzRFOUUxMUYwOTBFM0E4QUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBmsMCMAwDBACaw2EDBAKa
w2AwDAMEAJrDZQMEAprDaDAMAwQAmsNtAwQAmsNuAwQBmsNyAwQAmsN3MAwDBACa
xFMDBAGaxFQwDQYJKoZIhvcNAQELBQADggEBANJbj98wV6UP7BLxHaUbq+Q+YGAL
eeYQ/Y4Y/6bDmYKyVm2hlejWzBvnY1b5oJ4UYOkm1hPQoEbb2CKKfiKgo+Ts/VfH
YZ/V5Rh/sVMzNRpUS/qF/AJgBob0RXe1FMVsTIBAC9XjLs6+kifMTyEMhsmA7nBU
ocrkZKn4OhhZZbJ+yotr/0rCXOSCwe3ZClmafFWMCQ6KvF8fVTXFjzS3l+mlW2fr
97JIYCk5Nc4W9iOehs5T4rTueIdED/Hyjt337VKlq6w7ItTsgGw9d/fZPPbIBSHX
wHLIj8O13qtflPBHhlhDq6ej6TqisGNaT2UnSoeduw25MiNHpJNJ3Mir7W8=
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:43:45 2025 by rpki-client