Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96B37606269E11F0AB9D15D4DAE4EC9C.roa
File: 96B37606269E11F0AB9D15D4DAE4EC9C.roa (raw, json)
Hash identifier: CdKM2WaxPcmOilw+4inG+PCqdC20Oo92L7x/A9ess6g=
Subject key identifier: 84:39:CD:9D:6B:C3:3C:5B:8C:FC:6A:4F:70:F3:AB:8C:D2:C5:75:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017E26
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96B37606269E11F0AB9D15D4DAE4EC9C.roa
Signing time: Thu 01 May 2025 15:11:43 +0000
ROA not before: Thu 01 May 2025 15:11:38 +0000
ROA not after: Fri 28 Apr 2028 15:11:38 +0000
asID: 17561
IP address blocks: 154.95.194.0/24 maxlen: 24
154.95.195.0/24 maxlen: 24
154.95.196.0/24 maxlen: 24
154.95.197.0/24 maxlen: 24
154.95.198.0/24 maxlen: 24
154.95.199.0/24 maxlen: 24
154.95.200.0/24 maxlen: 24
154.95.201.0/24 maxlen: 24
154.95.202.0/24 maxlen: 24
154.95.203.0/24 maxlen: 24
154.95.204.0/24 maxlen: 24
154.95.205.0/24 maxlen: 24
154.95.206.0/24 maxlen: 24
154.95.207.0/24 maxlen: 24
154.95.208.0/24 maxlen: 24
154.95.209.0/24 maxlen: 24
154.95.210.0/24 maxlen: 24
154.95.211.0/24 maxlen: 24
154.95.212.0/24 maxlen: 24
154.95.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97830 (0x17e26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 15:11:38 2025 GMT
Not After : Apr 28 15:11:38 2028 GMT
Subject: CN=68138f2f-5fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b6:00:e9:fc:97:be:92:64:f4:fa:77:5e:a0:
aa:29:f8:fc:ed:79:65:7c:02:1e:0d:15:59:21:52:
bf:f1:6d:f5:7f:b7:37:ed:e3:60:e3:f2:a8:aa:73:
12:82:be:c8:27:1b:c1:ec:f2:ba:46:f9:ef:83:94:
69:03:e6:6d:87:fc:9b:80:4d:fe:fe:79:d9:ed:9e:
b1:5a:24:29:94:a0:ab:b1:dc:85:e2:49:96:bd:b1:
8f:7f:5a:cb:e7:62:ed:d4:50:8d:c7:f1:3b:c3:2b:
b1:0f:d3:49:aa:af:dd:8d:2a:7a:49:b3:f9:c2:fc:
36:6c:69:8a:30:50:e3:12:84:51:65:48:a8:8b:40:
6e:0f:54:92:fa:9d:06:3f:18:53:d8:1b:89:f3:80:
b8:f9:2a:c1:7b:48:4b:d9:99:23:8b:dd:7a:83:29:
f4:59:43:ed:d7:95:38:26:5d:03:94:47:6d:dc:54:
85:50:cd:ba:fc:b0:d5:3c:b9:9d:01:36:56:20:0f:
ba:e5:ce:6d:ed:3c:ed:27:c7:91:e5:c0:70:66:8d:
c4:38:9a:0c:7b:8d:77:32:ce:9b:01:ea:6c:4c:ad:
cd:56:42:6a:2c:0e:b1:2c:bf:40:89:99:e7:61:5e:
b1:be:52:43:8b:be:d3:52:40:5a:a7:cf:cb:e9:c3:
44:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:39:CD:9D:6B:C3:3C:5B:8C:FC:6A:4F:70:F3:AB:8C:D2:C5:75:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96B37606269E11F0AB9D15D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.194.0-154.95.213.255
Signature Algorithm: sha256WithRSAEncryption
43:6c:87:c6:03:c8:d7:a4:d6:48:6b:22:b7:70:db:76:bd:63:
24:ad:b2:da:ad:94:fe:ec:f2:5a:f2:06:b4:f4:43:6c:df:45:
26:8e:bd:33:9b:41:e8:61:df:99:7e:29:9d:76:d3:0e:ec:af:
dd:a9:c4:f8:87:c2:9b:23:b5:d3:0b:0d:3d:9d:3b:e3:b8:c5:
7d:ac:f5:3d:42:5f:fe:c8:89:d5:eb:06:f4:fd:e5:36:27:0d:
88:b4:7e:48:16:07:1f:c1:6e:3d:db:db:ea:80:15:98:b2:cd:
77:66:c8:49:c6:4e:c8:b1:01:6f:e2:b0:ae:08:40:7d:af:ee:
f5:0a:c3:8f:3c:34:36:27:f2:8a:42:fd:c6:3d:7c:e2:c7:0d:
3d:ee:4f:7a:6c:18:a9:86:85:7d:92:24:d9:69:69:ff:ec:e0:
90:3e:96:c2:da:94:65:5a:9d:83:e5:47:d0:7e:d0:5c:50:88:
bb:11:35:33:5e:d6:20:bf:85:4f:9e:13:2f:da:fe:b8:60:34:
3e:33:36:d5:ec:22:a8:48:99:0c:8b:7f:6b:cf:22:6d:ef:6b:
79:f3:d1:e5:ee:4c:32:31:52:1d:83:2a:5e:44:8c:15:32:f3:
6b:95:fd:bd:3e:2f:72:e7:8f:03:c3:19:72:ff:c5:65:3f:69:
e8:0b:8f:47
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAX4mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTAxMTUxMTM4WhcNMjgwNDI4MTUxMTM4WjAYMRYw
FAYDVQQDEw02ODEzOGYyZi01ZmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo7YA6fyXvpJk9Pp3XqCqKfj87XllfAIeDRVZIVK/8W31f7c37eNg4/Ko
qnMSgr7IJxvB7PK6Rvnvg5RpA+Zth/ybgE3+/nnZ7Z6xWiQplKCrsdyF4kmWvbGP
f1rL52Lt1FCNx/E7wyuxD9NJqq/djSp6SbP5wvw2bGmKMFDjEoRRZUioi0BuD1SS
+p0GPxhT2BuJ84C4+SrBe0hL2Zkji916gyn0WUPt15U4Jl0DlEdt3FSFUM26/LDV
PLmdATZWIA+65c5t7TztJ8eR5cBwZo3EOJoMe413Ms6bAepsTK3NVkJqLA6xLL9A
iZnnYV6xvlJDi77TUkBap8/L6cNEjQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFIQ5
zZ1rwzxbjPxqT3Dzq4zSxXVqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NkIzNzYwNjI2OUUxMUYwQUI5RDE1RDREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaX8IDBAGaX9QwDQYJ
KoZIhvcNAQELBQADggEBAENsh8YDyNek1khrIrdw23a9YyStstqtlP7s8lryBrT0
Q2zfRSaOvTObQehh35l+KZ120w7sr92pxPiHwpsjtdMLDT2dO+O4xX2s9T1CX/7I
idXrBvT95TYnDYi0fkgWBx/Bbj3b2+qAFZiyzXdmyEnGTsixAW/isK4IQH2v7vUK
w488NDYn8opC/cY9fOLHDT3uT3psGKmGhX2SJNlpaf/s4JA+lsLalGVanYPlR9B+
0FxQiLsRNTNe1iC/hU+eEy/a/rhgND4zNtXsIqhImQyLf2vPIm3va3nz0eXuTDIx
Uh2DKl5EjBUy82uV/b0+L3LnjwPDGXL/xWU/aegLj0c=
-----END CERTIFICATE-----
Generated at Fri Jul 4 09:59:34 2025 by rpki-client