Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60AC676428B211F0B455EEC2DAE4EC9C.roa
File: 60AC676428B211F0B455EEC2DAE4EC9C.roa (raw, json)
Hash identifier: Ofn9PkHZvaEsQD7bkIor9WK/WR5dnuK8LDF+/0qxqKg=
Subject key identifier: 14:9E:5F:CD:E4:2D:B2:68:B2:BB:ED:FE:FA:60:EE:24:10:CF:66:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EA6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60AC676428B211F0B455EEC2DAE4EC9C.roa
Signing time: Sun 04 May 2025 06:38:24 +0000
ROA not before: Sun 04 May 2025 06:38:20 +0000
ROA not after: Tue 10 Jun 2025 06:38:20 +0000
asID: 141159
IP address blocks: 154.94.228.0/24 maxlen: 24
154.94.229.0/24 maxlen: 24
154.94.230.0/24 maxlen: 24
154.94.231.0/24 maxlen: 24
154.94.238.0/24 maxlen: 24
154.94.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97958 (0x17ea6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 06:38:20 2025 GMT
Not After : Jun 10 06:38:20 2025 GMT
Subject: CN=68170b60-1024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:4d:4f:3f:6d:fb:27:0e:f1:33:6a:66:6d:
95:3a:05:57:5d:9b:ba:3a:02:32:19:7b:6c:78:41:
8a:39:02:2d:1c:f9:b7:bb:77:9c:3a:e8:58:cb:4b:
ab:22:be:2a:3b:78:6a:da:d2:46:df:eb:4a:ef:ec:
91:e1:2c:48:2d:29:7b:7d:73:f6:55:e1:bf:54:38:
c6:82:66:47:5e:1e:51:1f:89:cf:24:52:14:a5:d1:
32:83:d4:f0:be:10:44:f9:64:63:7d:a8:21:c9:69:
9d:2a:30:e1:c5:e2:42:15:15:02:14:83:4a:6e:0e:
88:18:61:97:bc:92:bf:85:ca:50:14:24:f9:13:ae:
28:fa:58:a4:f4:ac:7b:37:e6:c2:ea:16:0f:4f:ad:
ad:e5:b8:27:43:fa:6f:c6:13:27:32:54:97:09:26:
02:6c:3c:da:41:18:c1:10:10:71:4b:1a:be:8b:e5:
f2:16:b9:31:86:b6:da:24:19:b2:da:db:52:ac:ff:
02:ea:5e:85:6d:34:19:9d:71:5a:9e:ff:8a:fc:f6:
22:97:29:7a:65:cc:40:9b:ea:83:f2:97:4b:4b:7b:
0a:d7:24:e6:54:17:a7:51:57:da:cb:62:36:42:7e:
65:48:64:df:f8:09:a4:6f:dc:d2:3f:e3:3c:30:69:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9E:5F:CD:E4:2D:B2:68:B2:BB:ED:FE:FA:60:EE:24:10:CF:66:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60AC676428B211F0B455EEC2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.228.0/22
154.94.238.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:64:74:7a:32:a9:cf:dd:27:f5:1a:a5:43:49:81:00:5b:39:
ac:db:dc:2f:86:75:21:e2:9c:ac:d6:6b:c0:9a:3c:67:34:31:
ca:1d:fa:ef:a6:b0:c0:ba:c4:ee:d8:8f:7e:12:9d:f5:b4:c5:
81:00:4a:4d:04:e9:04:86:9a:54:27:a9:03:f5:9d:35:ce:77:
f4:77:a7:63:5b:fb:1b:1c:a9:b3:a5:bd:a6:cb:02:82:d0:25:
85:bd:b0:75:dc:d9:ae:f9:4e:e1:eb:91:65:9f:16:87:4f:eb:
ea:6a:cd:e1:6b:55:d7:e1:05:4e:ca:bc:eb:7e:23:18:fa:74:
6b:a0:dd:e4:46:31:32:5b:b4:d0:8f:07:7d:23:b9:68:53:ca:
0c:6b:a1:8a:97:80:4f:55:fc:32:b0:a7:0a:0b:60:49:88:70:
01:db:26:92:9c:ee:ef:34:c8:40:19:dc:7c:63:47:ae:88:cc:
70:64:55:a1:1f:5e:e9:37:28:68:6d:a0:8e:fc:81:58:cb:db:
6f:14:35:7a:4d:9f:21:84:1b:81:01:a3:e1:60:19:8a:8d:8e:
e5:d9:65:ad:73:c0:79:8d:9d:df:16:ce:ad:09:73:2d:ad:d3:
dd:a8:88:1d:c4:2f:44:22:72:95:d0:56:60:28:cc:84:e0:96:
c4:f1:ed:09
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAX6mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDYzODIwWhcNMjUwNjEwMDYzODIwWjAYMRYw
FAYDVQQDEw02ODE3MGI2MC0xMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsHpNTz9t+ycO8TNqZm2VOgVXXZu6OgIyGXtseEGKOQItHPm3u3ecOuhY
y0urIr4qO3hq2tJG3+tK7+yR4SxILSl7fXP2VeG/VDjGgmZHXh5RH4nPJFIUpdEy
g9TwvhBE+WRjfaghyWmdKjDhxeJCFRUCFINKbg6IGGGXvJK/hcpQFCT5E64o+lik
9Kx7N+bC6hYPT62t5bgnQ/pvxhMnMlSXCSYCbDzaQRjBEBBxSxq+i+XyFrkxhrba
JBmy2ttSrP8C6l6FbTQZnXFanv+K/PYilyl6ZcxAm+qD8pdLS3sK1yTmVBenUVfa
y2I2Qn5lSGTf+Amkb9zSP+M8MGlKcQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBSe
X83kLbJosrvt/vpg7iQQz2bMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MEFDNjc2NDI4QjIxMUYwQjQ1NUVFQzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCml7kAwQBml7uMA0GCSqG
SIb3DQEBCwUAA4IBAQC0ZHR6MqnP3Sf1GqVDSYEAWzms29wvhnUh4pys1mvAmjxn
NDHKHfrvprDAusTu2I9+Ep31tMWBAEpNBOkEhppUJ6kD9Z01znf0d6djW/sbHKmz
pb2mywKC0CWFvbB13Nmu+U7h65FlnxaHT+vqas3ha1XX4QVOyrzrfiMY+nRroN3k
RjEyW7TQjwd9I7loU8oMa6GKl4BPVfwysKcKC2BJiHAB2yaSnO7vNMhAGdx8Y0eu
iMxwZFWhH17pNyhobaCO/IFYy9tvFDV6TZ8hhBuBAaPhYBmKjY7l2WWtc8B5jZ3f
Fs6tCXMtrdPdqIgdxC9EInKV0FZgKMyE4JbE8e0J
-----END CERTIFICATE-----
Generated at Sun May 11 04:51:16 2025 by rpki-client