Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19DF3B8621AF11F0ABB597D1DAE4EC9C.roa
File: 19DF3B8621AF11F0ABB597D1DAE4EC9C.roa (raw, json)
Hash identifier: 6djKPjoq64wJvzp2sGw9L8cwBoYalY3dH4wHJxwBvMs=
Subject key identifier: A9:6F:DB:36:2E:50:83:C0:37:B6:0A:41:39:A6:18:49:B5:2E:7E:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AF7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19DF3B8621AF11F0ABB597D1DAE4EC9C.roa
Signing time: Fri 25 Apr 2025 08:27:19 +0000
ROA not before: Fri 25 Apr 2025 08:27:14 +0000
ROA not after: Mon 05 May 2025 08:27:14 +0000
asID: 135097
IP address blocks: 154.212.164.0/22 maxlen: 24
154.212.168.0/21 maxlen: 24
154.212.176.0/20 maxlen: 24
154.212.192.0/18 maxlen: 24
154.213.8.0/21 maxlen: 24
154.213.80.0/20 maxlen: 24
154.216.4.0/22 maxlen: 24
154.216.8.0/21 maxlen: 24
154.220.4.0/22 maxlen: 24
154.220.8.0/21 maxlen: 24
154.220.16.0/20 maxlen: 24
154.220.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97015 (0x17af7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 08:27:14 2025 GMT
Not After : May 5 08:27:14 2025 GMT
Subject: CN=680b4767-efae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a0:56:50:63:93:45:6b:f2:30:c7:82:40:fa:
61:43:c1:da:20:3c:37:66:b1:05:c6:cf:de:07:62:
7f:90:06:a8:ed:2f:d4:39:2a:65:cf:6b:97:d9:2d:
75:49:7a:dd:7f:2b:5f:d0:63:ba:ed:0c:5b:d5:86:
cf:4d:a2:12:45:da:16:b1:72:11:c1:e9:ad:e1:28:
1a:a8:5b:1b:ce:6f:b3:ff:c8:07:77:4c:b0:88:64:
a5:53:6f:df:32:85:f7:74:8b:c9:03:ba:5f:40:f3:
20:1b:e1:dc:4b:72:28:6e:ee:e3:bf:d2:b3:7f:bf:
c2:bc:e9:da:4e:de:19:46:b6:8b:87:f9:e4:06:bf:
a8:97:ad:21:d6:c1:6c:b1:24:79:41:64:2d:32:7c:
f6:55:7b:8e:cd:20:87:dc:1c:22:71:6f:27:ef:28:
29:5d:52:46:57:ce:82:ea:b9:49:07:b6:78:d2:2e:
ce:58:e8:3b:e9:34:0a:d3:b1:c0:d0:8b:5a:e5:22:
b9:e1:5a:79:08:49:97:ec:fa:31:a5:84:13:2b:8c:
5b:ee:20:72:21:0f:d1:c4:51:52:be:2d:5a:23:de:
7f:c8:27:1d:8f:0d:b4:c6:80:b8:69:a7:93:57:d0:
1a:f9:03:92:2c:1e:e3:1b:fa:d9:23:2c:61:c8:83:
b3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:6F:DB:36:2E:50:83:C0:37:B6:0A:41:39:A6:18:49:B5:2E:7E:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/19DF3B8621AF11F0ABB597D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.164.0-154.212.255.255
154.213.8.0/21
154.213.80.0/20
154.216.4.0-154.216.15.255
154.220.4.0-154.220.31.255
154.220.64.0/18
Signature Algorithm: sha256WithRSAEncryption
43:82:59:25:f8:29:97:ed:0c:8f:80:35:49:ed:97:67:f6:1f:
e5:df:77:54:b2:a0:51:01:2e:a0:02:5f:d4:08:72:aa:0a:da:
a5:e4:28:a6:2e:80:08:aa:2a:08:6c:c6:9e:ca:a1:08:e9:02:
76:65:e6:73:23:3c:1e:a5:f3:e2:d2:d3:7d:9a:1e:3f:b6:c2:
a5:34:a9:54:a7:0d:ad:d8:d8:d1:ec:74:57:ef:7c:fc:0d:ad:
d7:7d:76:1f:ee:d6:92:38:a5:d9:d1:63:42:08:e3:71:53:70:
7c:8e:eb:bc:b2:e4:89:5f:da:37:c3:73:2d:ae:97:08:06:0a:
a2:49:bd:fb:8c:e5:72:12:92:db:ed:20:9d:78:0a:ac:8e:28:
e0:e5:9c:e0:a1:f2:a7:b7:4d:25:de:b9:91:ac:ff:c2:c7:17:
69:37:09:03:02:55:51:07:c9:84:f3:89:4f:e6:ea:7a:9b:90:
55:06:b6:f6:46:90:13:bb:88:ac:ed:0b:c8:45:47:7d:20:f1:
5c:a0:38:b7:4d:02:08:ed:2f:da:47:1c:33:4c:8a:95:4d:12:
55:bf:83:03:67:0e:be:86:88:2c:42:ad:05:f7:6e:27:97:2d:
5c:f8:ba:e1:c4:f1:d2:d3:a7:92:b1:4d:a4:3a:bd:a5:c7:e0:
ab:18:74:70
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAXr3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDgyNzE0WhcNMjUwNTA1MDgyNzE0WjAYMRYw
FAYDVQQDEw02ODBiNDc2Ny1lZmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3KBWUGOTRWvyMMeCQPphQ8HaIDw3ZrEFxs/eB2J/kAao7S/UOSplz2uX
2S11SXrdfytf0GO67Qxb1YbPTaISRdoWsXIRwemt4SgaqFsbzm+z/8gHd0ywiGSl
U2/fMoX3dIvJA7pfQPMgG+HcS3Iobu7jv9Kzf7/CvOnaTt4ZRraLh/nkBr+ol60h
1sFssSR5QWQtMnz2VXuOzSCH3BwicW8n7ygpXVJGV86C6rlJB7Z40i7OWOg76TQK
07HA0Ita5SK54Vp5CEmX7PoxpYQTK4xb7iByIQ/RxFFSvi1aI95/yCcdjw20xoC4
aaeTV9Aa+QOSLB7jG/rZIyxhyIOzcwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFKlv
2zYuUIPAN7YKQTmmGEm1Ln6QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOURGM0I4NjIxQUYxMUYwQUJCNTk3RDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7MAsDBAKa1KQDAwCa1AMEA5rV
CAMEBJrVUDAMAwQCmtgEAwQEmtgAMAwDBAKa3AQDBAWa3AADBAaa3EAwDQYJKoZI
hvcNAQELBQADggEBAEOCWSX4KZftDI+ANUntl2f2H+Xfd1SyoFEBLqACX9QIcqoK
2qXkKKYugAiqKghsxp7KoQjpAnZl5nMjPB6l8+LS032aHj+2wqU0qVSnDa3Y2NHs
dFfvfPwNrdd9dh/u1pI4pdnRY0II43FTcHyO67yy5Ilf2jfDcy2ulwgGCqJJvfuM
5XISktvtIJ14CqyOKODlnOCh8qe3TSXeuZGs/8LHF2k3CQMCVVEHyYTziU/m6nqb
kFUGtvZGkBO7iKztC8hFR30g8VygOLdNAgjtL9pHHDNMipVNElW/gwNnDr6GiCxC
rQX3bieXLVz4uuHE8dLTp5KxTaQ6vaXH4KsYdHA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:52:16 2025 by rpki-client on console.sobornost.net