Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/480E9F44245011F0A08AD9E1DAE4EC9C.roa
File: 480E9F44245011F0A08AD9E1DAE4EC9C.roa (raw, json)
Hash identifier: 19AGrBmkYC+idQp6qNdMGnt1gb1Ro/+G+LjK8Vf2Ns4=
Subject key identifier: BE:0F:38:3C:BD:18:98:B2:6C:56:8A:8A:53:5A:77:39:41:EC:48:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C2D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/480E9F44245011F0A08AD9E1DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 16:46:08 +0000
ROA not before: Mon 28 Apr 2025 16:46:03 +0000
ROA not after: Wed 04 Jun 2025 16:46:03 +0000
asID: 49505
IP address blocks: 154.209.209.0/24 maxlen: 24
154.209.211.0/24 maxlen: 24
154.209.212.0/24 maxlen: 24
154.209.213.0/24 maxlen: 24
154.211.11.0/24 maxlen: 24
154.211.16.0/24 maxlen: 24
154.211.17.0/24 maxlen: 24
154.211.19.0/24 maxlen: 24
154.212.28.0/24 maxlen: 24
154.212.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97325 (0x17c2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 16:46:03 2025 GMT
Not After : Jun 4 16:46:03 2025 GMT
Subject: CN=680fb0d0-0e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3d:d2:3f:7c:45:a7:cd:5a:bc:d7:3a:87:8f:
98:51:b7:8b:05:07:cb:d2:79:10:d5:e3:74:b1:8a:
33:a2:aa:94:0a:c2:20:f3:20:20:db:f3:6c:15:cb:
e9:9c:d6:ef:d1:c6:c0:a9:b1:75:13:fb:61:d9:0e:
e6:3d:b4:9c:4b:f8:93:7c:81:3a:9d:b5:27:64:43:
a1:69:f5:09:db:a8:35:0b:87:18:ae:f7:3e:b2:66:
7f:98:0e:da:0a:6f:37:7b:3d:5e:b3:f8:9e:89:79:
c1:df:0e:48:45:10:1a:91:41:b9:03:00:fa:58:a4:
bd:f5:a6:e5:bb:90:63:35:4d:fb:e6:8c:48:4c:0a:
e6:e6:96:4d:7e:0f:51:1f:f0:8c:e5:f7:61:19:6d:
3c:16:13:57:ba:ba:a0:07:35:ed:56:44:36:62:c1:
7b:66:eb:85:37:f8:0b:12:7e:31:52:f1:c0:ec:c8:
97:34:40:a6:01:1e:f5:6f:53:11:90:0e:17:46:08:
e2:ec:8e:38:b9:53:cc:36:36:b7:6d:ac:09:49:4f:
f2:4f:f4:0d:9c:61:2c:49:24:ae:1c:d8:9e:54:48:
44:82:3c:fe:0f:45:be:5b:2c:53:5a:a6:15:da:51:
a7:53:fa:58:7c:9e:d0:b7:3e:91:0b:83:47:06:21:
d0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0F:38:3C:BD:18:98:B2:6C:56:8A:8A:53:5A:77:39:41:EC:48:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/480E9F44245011F0A08AD9E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.209.0/24
154.209.211.0-154.209.213.255
154.211.11.0/24
154.211.16.0/23
154.211.19.0/24
154.212.28.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:ca:fe:65:e1:d4:48:78:b7:ce:a4:74:c8:53:b5:57:9b:e8:
17:4d:46:e2:ca:18:12:1b:04:23:4a:cf:6f:6d:85:16:da:5c:
6f:4c:02:76:85:83:47:45:f7:70:08:41:91:37:22:2a:f6:f7:
2b:d7:dd:71:86:87:29:25:18:19:bf:57:7f:7a:36:75:ae:f1:
c5:a0:6f:89:29:7c:52:aa:89:c2:91:fc:53:3d:84:ef:40:f4:
6a:e7:21:b6:bb:9b:13:04:37:c0:ae:35:f1:15:94:68:7b:38:
44:98:51:d7:f0:f4:24:d2:13:db:d2:ed:74:65:4a:9b:76:fe:
2d:01:7a:bf:0c:34:04:40:57:8a:b3:1a:b0:ae:51:fc:81:5e:
b3:b8:50:99:3c:5f:16:11:b6:85:b7:80:bb:a2:82:dc:e7:52:
29:e1:fe:3a:62:41:41:f0:a7:8b:66:57:71:b8:a6:cc:87:e6:
82:7e:47:0f:c1:97:63:63:b7:57:fe:81:a9:c9:40:fd:9e:0c:
ce:c8:75:1f:d7:ae:39:f8:e9:4a:f9:a4:62:21:a8:15:77:45:
6c:af:91:7d:c8:f3:d8:45:4e:23:55:45:a7:44:3d:70:07:db:
ef:bf:11:8c:5b:1a:53:66:fc:dc:aa:0e:34:4a:f2:f9:58:f0:
86:73:83:ff
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAXwtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTY0NjAzWhcNMjUwNjA0MTY0NjAzWjAYMRYw
FAYDVQQDEw02ODBmYjBkMC0wZTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0j3SP3xFp81avNc6h4+YUbeLBQfL0nkQ1eN0sYozoqqUCsIg8yAg2/Ns
FcvpnNbv0cbAqbF1E/th2Q7mPbScS/iTfIE6nbUnZEOhafUJ26g1C4cYrvc+smZ/
mA7aCm83ez1es/ieiXnB3w5IRRAakUG5AwD6WKS99ablu5BjNU375oxITArm5pZN
fg9RH/CM5fdhGW08FhNXurqgBzXtVkQ2YsF7ZuuFN/gLEn4xUvHA7MiXNECmAR71
b1MRkA4XRgji7I44uVPMNja3bawJSU/yT/QNnGEsSSSuHNieVEhEgjz+D0W+WyxT
WqYV2lGnU/pYfJ7Qtz6RC4NHBiHQRQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFL4P
ODy9GJiybFaKilNadzlB7Ej+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODBFOUY0NDI0NTAxMUYwQTA4QUQ5RTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAmtHRMAwDBACa0dMDBAGa
0dQDBACa0wsDBAGa0xADBACa0xMDBAGa1BwwDQYJKoZIhvcNAQELBQADggEBACrK
/mXh1Eh4t86kdMhTtVeb6BdNRuLKGBIbBCNKz29thRbaXG9MAnaFg0dF93AIQZE3
Iir29yvX3XGGhyklGBm/V396NnWu8cWgb4kpfFKqicKR/FM9hO9A9GrnIba7mxME
N8CuNfEVlGh7OESYUdfw9CTSE9vS7XRlSpt2/i0Ber8MNARAV4qzGrCuUfyBXrO4
UJk8XxYRtoW3gLuigtznUinh/jpiQUHwp4tmV3G4psyH5oJ+Rw/Bl2Njt1f+ganJ
QP2eDM7IdR/Xrjn46Ur5pGIhqBV3RWyvkX3I89hFTiNVRadEPXAH2++/EYxbGlNm
/NyqDjRK8vlY8IZzg/8=
-----END CERTIFICATE-----
Generated at Sun May 11 22:00:28 2025 by rpki-client