Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/232DC2D215E511F09F1553216EB8BCC6.roa
File: 232DC2D215E511F09F1553216EB8BCC6.roa (raw, json)
Hash identifier: oIvICFN4D1Hl/HyrKVAMxnluRw4/0C7DGViITUCawOA=
Subject key identifier: AA:1D:3B:8C:83:FC:95:67:57:37:69:A9:08:58:25:5F:ED:72:44:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178AB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/232DC2D215E511F09F1553216EB8BCC6.roa
Signing time: Thu 10 Apr 2025 08:23:53 +0000
ROA not before: Thu 10 Apr 2025 08:23:49 +0000
ROA not after: Thu 08 May 2025 08:23:49 +0000
asID: 45194
IP address blocks: 154.84.225.0/24 maxlen: 24
154.84.226.0/24 maxlen: 24
154.84.227.0/24 maxlen: 24
154.84.228.0/24 maxlen: 24
154.84.229.0/24 maxlen: 24
154.84.230.0/24 maxlen: 24
154.84.231.0/24 maxlen: 24
154.84.232.0/24 maxlen: 24
154.84.233.0/24 maxlen: 24
154.84.234.0/24 maxlen: 24
154.84.235.0/24 maxlen: 24
154.84.236.0/24 maxlen: 24
154.84.237.0/24 maxlen: 24
154.84.238.0/24 maxlen: 24
154.84.239.0/24 maxlen: 24
154.84.240.0/24 maxlen: 24
154.84.241.0/24 maxlen: 24
154.84.243.0/24 maxlen: 24
154.84.244.0/24 maxlen: 24
154.84.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96427 (0x178ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 08:23:49 2025 GMT
Not After : May 8 08:23:49 2025 GMT
Subject: CN=67f78019-a897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2b:4d:b3:7d:68:c1:8a:4a:0a:e2:b9:54:f0:
b6:ba:09:ac:48:bb:66:80:97:9f:50:df:4d:64:0d:
2d:3c:ec:ec:35:55:5f:50:c9:4a:63:4d:63:c7:f1:
6c:1c:45:e5:a1:cb:43:24:81:8e:2c:dc:70:87:28:
ad:fc:4c:0f:95:9e:eb:e6:80:bb:3c:7c:b6:b1:a1:
b4:73:9a:5f:4b:92:e9:c1:f6:fe:5f:b5:d6:ec:72:
4d:59:ab:36:99:08:14:a7:72:54:c6:6e:98:69:d8:
6b:94:71:f3:17:d6:3b:34:0e:34:a6:4b:a9:65:24:
c8:b2:1e:67:7e:f9:8e:cf:05:f6:8d:1b:f5:3f:41:
94:cd:b5:1e:7b:be:20:c8:02:06:d2:83:92:db:7e:
df:ee:5b:88:64:76:d6:2b:30:3b:b4:c9:a9:3d:c6:
ec:39:95:67:8c:94:2c:37:bf:23:ac:2e:1b:dd:14:
62:9e:1b:98:96:67:43:71:89:22:0a:dc:d5:d8:32:
f2:aa:e1:7b:a2:4e:26:7a:76:16:45:41:0a:0c:63:
5a:7a:3d:3d:02:40:fd:db:2b:0d:21:fd:52:36:62:
bb:53:06:de:59:f7:dd:42:26:44:48:48:cb:51:42:
5b:7f:e6:21:04:0c:b1:53:25:80:45:b0:f7:f0:de:
b0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1D:3B:8C:83:FC:95:67:57:37:69:A9:08:58:25:5F:ED:72:44:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/232DC2D215E511F09F1553216EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.225.0-154.84.241.255
154.84.243.0-154.84.245.255
Signature Algorithm: sha256WithRSAEncryption
39:36:e2:b3:11:84:39:09:cc:08:7d:c6:21:af:b6:e7:1f:22:
70:81:41:54:b1:1f:10:a3:44:a7:10:26:46:4c:96:97:0e:39:
94:5b:8b:75:54:1c:0e:68:e5:0a:29:b6:f5:6a:e5:9d:ab:75:
80:44:08:40:a4:c8:56:ec:81:99:02:b2:71:52:6e:04:8f:c6:
de:4d:76:9e:0a:d5:5d:3a:4c:d0:3b:ba:6e:6e:d0:3a:9c:62:
ca:1c:39:57:25:d9:c7:73:fc:3c:ef:14:a7:10:42:7b:1c:94:
b1:78:3f:7a:35:97:5f:04:b6:60:a4:f8:a1:6a:58:1e:fa:a3:
b5:fa:4f:69:7d:6f:36:44:04:45:11:78:1f:a8:6a:d9:e0:61:
a5:8c:87:3c:be:34:10:29:fd:26:9f:23:55:2b:bd:c2:2b:30:
1e:cf:8d:bc:16:46:82:4b:91:30:fe:9b:30:4a:95:bb:66:e7:
b6:10:ab:8e:f2:ef:33:df:a6:16:17:b7:62:33:e9:a6:75:ae:
28:eb:b8:cc:ea:2f:2f:51:f6:de:18:02:f5:49:0c:46:82:f5:
f5:d7:47:da:d3:58:af:53:ae:d7:4e:6c:fb:81:f5:a3:a1:8f:
59:74:d1:0b:cf:5a:90:99:a9:f7:3b:71:11:39:bf:a6:ef:e9:
7c:6f:a3:e3
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAXirMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDEwMDgyMzQ5WhcNMjUwNTA4MDgyMzQ5WjAYMRYw
FAYDVQQDEw02N2Y3ODAxOS1hODk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3CtNs31owYpKCuK5VPC2ugmsSLtmgJefUN9NZA0tPOzsNVVfUMlKY01j
x/FsHEXloctDJIGOLNxwhyit/EwPlZ7r5oC7PHy2saG0c5pfS5Lpwfb+X7XW7HJN
Was2mQgUp3JUxm6YadhrlHHzF9Y7NA40pkupZSTIsh5nfvmOzwX2jRv1P0GUzbUe
e74gyAIG0oOS237f7luIZHbWKzA7tMmpPcbsOZVnjJQsN78jrC4b3RRinhuYlmdD
cYkiCtzV2DLyquF7ok4menYWRUEKDGNaej09AkD92ysNIf1SNmK7UwbeWffdQiZE
SEjLUUJbf+YhBAyxUyWARbD38N6wIQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFKod
O4yD/JVnVzdpqQhYJV/tckQ+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMzJEQzJEMjE1RTUxMUYwOUYxNTUzMjE2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBACaVOEDBAGaVPAwDAME
AJpU8wMEAZpU9DANBgkqhkiG9w0BAQsFAAOCAQEAOTbisxGEOQnMCH3GIa+25x8i
cIFBVLEfEKNEpxAmRkyWlw45lFuLdVQcDmjlCim29Wrlnat1gEQIQKTIVuyBmQKy
cVJuBI/G3k12ngrVXTpM0Du6bm7QOpxiyhw5VyXZx3P8PO8UpxBCexyUsXg/ejWX
XwS2YKT4oWpYHvqjtfpPaX1vNkQERRF4H6hq2eBhpYyHPL40ECn9Jp8jVSu9wisw
Hs+NvBZGgkuRMP6bMEqVu2bnthCrjvLvM9+mFhe3YjPppnWuKOu4zOovL1H23hgC
9UkMRoL19ddH2tNYr1Ou105s+4H1o6GPWXTRC89akJmp9ztxETm/pu/pfG+j4w==
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:53:39 2025 by rpki-client on console.sobornost.net