Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02814866525711F08D9D75E7DAE4EC9C.roa
File: 02814866525711F08D9D75E7DAE4EC9C.roa (raw, json)
Hash identifier: 1L446n9NzCc433p+yiv2QfkBLkm3oDlOHKSYRfLnG2s=
Subject key identifier: 9D:06:2F:4F:57:F6:6A:2E:79:7A:4A:63:4F:B4:0E:60:7F:F4:29:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01890C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02814866525711F08D9D75E7DAE4EC9C.roa
Signing time: Thu 26 Jun 2025 06:30:11 +0000
ROA not before: Thu 26 Jun 2025 06:30:06 +0000
ROA not after: Wed 16 Jul 2025 06:30:06 +0000
asID: 153706
IP address blocks: 154.89.194.0/24 maxlen: 24
154.193.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100620 (0x1890c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 26 06:30:06 2025 GMT
Not After : Jul 16 06:30:06 2025 GMT
Subject: CN=685ce8f3-5aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1e:69:7b:42:1e:49:c7:20:e8:94:ed:37:78:
6f:b7:c7:32:60:0b:a2:dc:45:44:f7:1f:49:d6:10:
be:f2:19:59:c4:db:19:04:2c:47:9d:b5:ed:36:b6:
b1:ce:60:fe:ce:ff:d2:45:77:5e:61:bc:45:9d:dd:
9f:e6:c9:31:4b:f6:bc:d6:c2:5f:b2:cf:1e:01:34:
06:da:a0:fa:d2:fe:31:3a:c2:c6:d6:9d:0c:71:13:
63:95:85:04:30:ae:39:a9:9d:39:95:22:c7:5f:bf:
73:e0:9a:5b:01:f8:50:9f:10:06:98:2a:bf:9e:61:
82:43:c1:ab:47:d9:1d:3c:a6:d8:09:fe:21:4c:32:
34:6e:ed:7c:8d:4b:d9:43:ac:7a:cc:ba:6d:a9:07:
fe:60:a0:c8:dd:73:01:74:dc:7f:9a:d5:55:05:45:
5d:a3:38:a3:cd:8e:2b:1e:66:2e:7c:d1:2f:f8:1a:
93:81:38:5b:61:c5:00:97:ba:e3:0b:b5:85:39:5e:
9a:80:79:99:6e:fb:ec:19:8e:73:6e:a0:84:53:37:
cf:40:2b:05:35:fd:70:4d:e7:c7:76:2f:b0:83:28:
49:9d:0b:89:1d:6e:a3:0f:19:ec:f7:88:b2:89:c5:
54:2b:1f:2e:89:26:17:2e:f9:39:57:e7:1c:37:cb:
46:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:06:2F:4F:57:F6:6A:2E:79:7A:4A:63:4F:B4:0E:60:7F:F4:29:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02814866525711F08D9D75E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
154.193.211.0/24
Signature Algorithm: sha256WithRSAEncryption
96:bc:ba:5b:4b:24:76:e5:f0:a2:72:db:05:cd:1d:3f:d8:c8:
cc:d8:a3:29:e5:0a:1e:27:83:54:53:e0:91:75:1b:da:e9:de:
6f:2e:d7:6f:75:c4:e8:bd:6d:6d:f6:a6:ed:a9:d6:1f:e6:fa:
8a:77:bc:bc:6d:ea:ba:56:81:48:ff:ae:eb:4c:95:56:c6:ec:
cc:fd:0c:da:7a:55:7f:fc:8c:c1:69:e6:3c:d2:d3:6a:a2:b6:
3f:d8:35:8f:7b:3d:93:62:38:ee:59:54:b2:7e:ad:a6:40:d9:
8c:ce:3d:1a:0f:8c:60:d5:ec:d8:0c:6a:3a:9c:75:64:b1:31:
b6:53:86:83:e6:3c:21:e8:a3:13:f6:20:c7:d3:b5:fb:9a:70:
40:e8:15:24:b8:67:b3:b3:08:b7:71:5d:27:ab:4a:c7:f9:ed:
33:e1:89:39:29:d1:99:2d:a4:12:8c:1a:20:ff:6a:cb:a5:47:
dc:c1:24:83:c7:a8:6c:75:1b:e8:a9:fa:96:a3:56:71:1c:3d:
6e:5e:60:0d:54:d3:b5:04:e0:e6:5d:31:88:18:86:2c:db:88:
49:9e:19:1f:66:6d:c9:fb:73:db:ba:07:c7:60:93:a3:90:a8:
e4:f8:7a:15:74:24:7a:0f:88:0e:12:6c:60:fc:f8:91:c5:eb:
71:22:a4:e5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYkMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI2MDYzMDA2WhcNMjUwNzE2MDYzMDA2WjAYMRYw
FAYDVQQDEw02ODVjZThmMy01YWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0R5pe0IeSccg6JTtN3hvt8cyYAui3EVE9x9J1hC+8hlZxNsZBCxHnbXt
NraxzmD+zv/SRXdeYbxFnd2f5skxS/a81sJfss8eATQG2qD60v4xOsLG1p0McRNj
lYUEMK45qZ05lSLHX79z4JpbAfhQnxAGmCq/nmGCQ8GrR9kdPKbYCf4hTDI0bu18
jUvZQ6x6zLptqQf+YKDI3XMBdNx/mtVVBUVdozijzY4rHmYufNEv+BqTgThbYcUA
l7rjC7WFOV6agHmZbvvsGY5zbqCEUzfPQCsFNf1wTefHdi+wgyhJnQuJHW6jDxns
94iyicVUKx8uiSYXLvk5V+ccN8tGvQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJ0G
L09X9moueXpKY0+0DmB/9Ck5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjgxNDg2NjUyNTcxMUYwOEQ5RDc1RTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlnCAwQAmsHTMA0GCSqG
SIb3DQEBCwUAA4IBAQCWvLpbSyR25fCictsFzR0/2MjM2KMp5QoeJ4NUU+CRdRva
6d5vLtdvdcTovW1t9qbtqdYf5vqKd7y8beq6VoFI/67rTJVWxuzM/QzaelV//IzB
aeY80tNqorY/2DWPez2TYjjuWVSyfq2mQNmMzj0aD4xg1ezYDGo6nHVksTG2U4aD
5jwh6KMT9iDH07X7mnBA6BUkuGezswi3cV0nq0rH+e0z4Yk5KdGZLaQSjBog/2rL
pUfcwSSDx6hsdRvoqfqWo1ZxHD1uXmANVNO1BODmXTGIGIYs24hJnhkfZm3J+3Pb
ugfHYJOjkKjk+HoVdCR6D4gOEmxg/PiRxetxIqTl
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:12:52 2025 by rpki-client