Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85E49542201F11F0923911E1DAE4EC9C.roa
File: 85E49542201F11F0923911E1DAE4EC9C.roa (raw, json)
Hash identifier: ZzNlweMoyx63DLHKb1sJ6m3ngiDLE1hAtoy+PDz8chg=
Subject key identifier: B8:B5:C4:D2:56:0A:8D:97:5B:3B:CB:7F:46:5F:FD:A1:44:D1:0B:99
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85E49542201F11F0923911E1DAE4EC9C.roa
Signing time: Wed 23 Apr 2025 08:47:01 +0000
ROA not before: Wed 23 Apr 2025 08:46:57 +0000
ROA not after: Fri 02 May 2025 08:46:57 +0000
asID: 7018
IP address blocks: 154.195.8.0/21 maxlen: 24
154.195.32.0/23 maxlen: 24
154.195.36.0/22 maxlen: 24
154.195.40.0/23 maxlen: 24
154.195.43.0/24 maxlen: 24
154.195.47.0/24 maxlen: 24
154.195.48.0/20 maxlen: 24
154.198.16.0/20 maxlen: 24
154.201.0.0/24 maxlen: 24
154.201.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96953 (0x17ab9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 08:46:57 2025 GMT
Not After : May 2 08:46:57 2025 GMT
Subject: CN=6808a905-f43b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:68:72:0a:a0:8e:cf:54:06:f9:3d:c1:01:f2:
a6:26:4a:c3:f0:7a:25:10:33:12:cc:ad:cc:cb:56:
6c:53:14:35:82:d5:1c:98:69:8a:8b:54:83:a0:09:
cb:59:a7:f3:d6:0c:ec:3d:61:3f:97:95:d7:6f:da:
3d:ce:0c:17:14:3f:c4:0b:91:90:f8:86:a3:91:36:
43:8c:d8:a3:c4:29:f9:9a:fc:13:ee:18:f6:cb:94:
c4:a7:57:90:bf:6c:43:b4:43:fd:43:da:82:6a:6d:
a6:5c:28:f7:28:83:b4:62:65:a6:04:49:4a:96:81:
cb:77:76:a3:9b:43:48:8a:58:73:e7:0d:fd:37:6f:
14:ca:c3:69:b1:1b:87:0a:94:f4:4d:4c:4c:d1:1d:
ba:84:7f:e0:45:3a:8e:96:6b:43:d5:6f:06:32:c1:
27:70:b3:5e:2f:e3:f1:c8:a7:26:83:ec:4e:a7:b2:
e9:34:ba:5a:07:5a:6f:de:8f:7d:80:4f:f8:cc:dd:
66:33:1d:94:08:68:5d:fb:21:a8:49:af:e1:5b:1b:
08:8a:ad:b9:59:67:9a:0c:37:7d:2b:28:c1:55:ae:
90:34:ff:e2:43:5c:9c:e9:c2:cd:0c:e9:32:a7:2d:
7d:48:c9:20:98:03:e4:f3:93:87:bc:ea:90:68:23:
f4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B5:C4:D2:56:0A:8D:97:5B:3B:CB:7F:46:5F:FD:A1:44:D1:0B:99
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85E49542201F11F0923911E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.8.0/21
154.195.32.0/23
154.195.36.0-154.195.41.255
154.195.43.0/24
154.195.47.0-154.195.63.255
154.198.16.0/20
154.201.0.0/24
154.201.2.0/23
Signature Algorithm: sha256WithRSAEncryption
49:51:e6:9c:c6:3f:ab:e6:a9:14:23:5f:a5:dd:d2:dc:98:d5:
22:72:3b:d5:26:e8:04:da:94:c9:d8:90:a9:c8:7a:ae:99:b5:
b0:e1:04:d3:ba:6f:08:7e:4a:55:3c:e7:a7:c5:fe:50:39:95:
65:60:0e:48:b6:92:24:b7:8b:f9:4b:c8:96:f9:87:c0:77:9e:
0b:a4:32:15:9f:01:32:01:41:c8:dc:54:cd:99:2c:f3:36:50:
a0:d5:97:6b:77:74:20:21:87:29:4b:af:db:20:95:f4:6a:7f:
3d:95:2d:42:80:01:b0:9c:36:80:67:16:b8:77:ac:57:25:89:
04:93:ce:e4:06:6e:e9:2e:41:80:44:d3:7e:f8:20:33:26:3f:
7a:bc:bc:ba:3b:d5:56:5f:4d:42:83:b9:a0:9c:45:1a:44:b0:
4e:46:dc:2f:e5:5c:21:05:25:07:1a:3f:f5:b0:51:e7:ff:f7:
63:11:e9:a5:9f:cd:5b:73:15:3a:3e:27:5d:ff:7d:bf:ca:e3:
02:5f:89:a8:01:f9:07:23:da:b7:bd:d6:0c:2e:47:8c:93:ea:
55:43:fe:82:1c:a3:56:1b:0d:e5:3b:26:b1:b3:fe:2a:04:fb:
94:6e:f6:f5:0f:b1:ef:08:c9:f0:68:b9:f7:c4:71:3a:38:32:
ab:a5:ca:f7
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIDAXq5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIzMDg0NjU3WhcNMjUwNTAyMDg0NjU3WjAYMRYw
FAYDVQQDEw02ODA4YTkwNS1mNDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA12hyCqCOz1QG+T3BAfKmJkrD8HolEDMSzK3My1ZsUxQ1gtUcmGmKi1SD
oAnLWafz1gzsPWE/l5XXb9o9zgwXFD/EC5GQ+IajkTZDjNijxCn5mvwT7hj2y5TE
p1eQv2xDtEP9Q9qCam2mXCj3KIO0YmWmBElKloHLd3ajm0NIilhz5w39N28UysNp
sRuHCpT0TUxM0R26hH/gRTqOlmtD1W8GMsEncLNeL+PxyKcmg+xOp7LpNLpaB1pv
3o99gE/4zN1mMx2UCGhd+yGoSa/hWxsIiq25WWeaDDd9KyjBVa6QNP/iQ1yc6cLN
DOkypy19SMkgmAPk85OHvOqQaCP0+wIDAQABo4IC3zCCAtswHQYDVR0OBBYEFLi1
xNJWCo2XWzvLf0Zf/aFE0QuZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUU0OTU0MjIwMUYxMUYwOTIzOTExRTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQDmsMIAwQBmsMgMAwDBAKa
wyQDBAGawygDBACawyswDAMEAJrDLwMEBprDAAMEBJrGEAMEAJrJAAMEAZrJAjAN
BgkqhkiG9w0BAQsFAAOCAQEASVHmnMY/q+apFCNfpd3S3JjVInI71SboBNqUydiQ
qch6rpm1sOEE07pvCH5KVTznp8X+UDmVZWAOSLaSJLeL+UvIlvmHwHeeC6QyFZ8B
MgFByNxUzZks8zZQoNWXa3d0ICGHKUuv2yCV9Gp/PZUtQoABsJw2gGcWuHesVyWJ
BJPO5AZu6S5BgETTfvggMyY/ery8ujvVVl9NQoO5oJxFGkSwTkbcL+VcIQUlBxo/
9bBR5//3YxHppZ/NW3MVOj4nXf99v8rjAl+JqAH5ByPat73WDC5HjJPqVUP+ghyj
VhsN5TsmsbP+KgT7lG729Q+x7wjJ8Gi598RxOjgyq6XK9w==
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:05 2025 by rpki-client on console.sobornost.net