Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/037DDB2C50E411F0945FE3F3DAE4EC9C.roa
File: 037DDB2C50E411F0945FE3F3DAE4EC9C.roa (raw, json)
Hash identifier: XuUgMHLXDyT6ctnSHBbAyfHaxMe0uIJMl1sIjzdHMkA=
Subject key identifier: 5E:E3:97:0E:69:90:E4:26:59:4E:97:DD:91:FE:52:71:45:38:91:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018848
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/037DDB2C50E411F0945FE3F3DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 10:14:29 +0000
ROA not before: Tue 24 Jun 2025 10:14:24 +0000
ROA not after: Tue 05 Aug 2025 10:14:24 +0000
asID: 44559
IP address blocks: 154.209.144.0/24 maxlen: 24
154.209.145.0/24 maxlen: 24
154.209.154.0/24 maxlen: 24
154.209.155.0/24 maxlen: 24
154.209.157.0/24 maxlen: 24
154.209.158.0/24 maxlen: 24
154.209.201.0/24 maxlen: 24
154.209.202.0/24 maxlen: 24
154.209.203.0/24 maxlen: 24
154.209.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 06:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100424 (0x18848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 10:14:24 2025 GMT
Not After : Aug 5 10:14:24 2025 GMT
Subject: CN=685a7a85-48cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:73:e9:b6:fe:f2:7c:75:0f:c8:b7:39:32:fc:
ed:74:26:3f:36:e4:4f:8f:d5:c8:b0:89:f6:ed:4c:
63:ed:0d:9e:3e:d5:a4:61:5e:f4:63:3c:4a:ee:73:
5b:9c:e8:fd:a1:be:ea:40:da:37:a4:81:96:67:da:
12:63:c5:14:04:1a:b3:4c:62:7a:4c:57:5b:80:7c:
66:a9:9c:4c:fd:33:66:4d:8f:9a:1d:23:6f:00:3f:
24:9e:e6:1e:b0:bc:91:58:a4:58:17:80:e4:f4:14:
c0:6b:e1:c0:61:8b:0a:8e:88:80:94:d8:9c:5f:8b:
5d:03:8c:ad:6c:89:a1:da:d0:54:7b:e4:c5:c2:32:
68:c0:ba:df:85:da:1e:7f:57:24:d5:0e:d8:9b:81:
25:b7:af:10:f9:37:fa:58:9a:3b:ea:29:0b:da:34:
cb:77:2e:27:ab:a5:3b:57:85:a0:52:d7:37:23:2a:
fb:93:21:c5:63:ae:f0:2c:30:4e:f9:85:41:fa:d6:
a9:2e:45:1f:f5:0e:b6:e9:39:0d:ff:2a:12:2f:23:
65:3f:48:6e:6f:87:95:e6:3b:31:3b:81:a1:80:b3:
04:aa:0f:90:d6:8f:fc:81:ba:b4:64:53:3e:24:ee:
0c:42:13:79:ed:a8:f1:51:7c:bd:dd:ec:4b:f6:ab:
9e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E3:97:0E:69:90:E4:26:59:4E:97:DD:91:FE:52:71:45:38:91:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/037DDB2C50E411F0945FE3F3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.144.0/23
154.209.154.0/23
154.209.157.0-154.209.158.255
154.209.201.0-154.209.203.255
154.209.205.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:71:e6:f7:a4:a4:4f:5e:c8:7b:25:62:00:6a:c1:57:f9:85:
e9:3b:05:af:31:2d:be:6b:c6:bb:18:a9:69:74:7a:0c:0e:56:
9c:51:ee:cd:c5:c2:07:8c:d9:6c:04:27:46:65:c3:d1:64:1f:
96:66:94:ab:42:eb:ad:47:d1:47:68:20:9b:42:7d:b4:60:a1:
fc:6c:ee:d5:6e:a7:f9:ed:02:27:a5:9b:17:fe:d8:06:b9:0b:
0c:6e:77:43:7c:20:da:0c:35:fe:cf:f4:99:0f:53:33:cb:eb:
6e:8a:36:94:67:5a:2a:4c:88:7c:1c:ac:4e:81:66:4e:25:c8:
74:d9:4a:c4:2c:42:70:2b:08:f2:0f:db:23:47:3c:2f:e7:6f:
7d:27:c7:d4:91:0b:bb:a3:af:a5:b8:ac:25:b8:62:ab:14:a7:
75:82:71:4f:f2:b8:b6:c5:d6:06:92:e5:79:bb:c9:89:96:9f:
3a:43:d6:62:9c:bb:59:e5:5d:d8:d6:c7:99:ad:57:b5:48:da:
cb:80:f2:7c:8b:84:14:33:61:5c:33:32:f8:a2:6f:02:f3:9e:
80:66:81:a3:02:fb:cb:c5:a5:a4:2d:c5:37:82:7f:94:cd:4c:
23:08:74:4e:35:35:58:e1:01:a0:90:da:c1:6a:f5:be:09:40:
33:b0:a1:be
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAYhIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTAxNDI0WhcNMjUwODA1MTAxNDI0WjAYMRYw
FAYDVQQDEw02ODVhN2E4NS00OGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqnPptv7yfHUPyLc5MvztdCY/NuRPj9XIsIn27Uxj7Q2ePtWkYV70YzxK
7nNbnOj9ob7qQNo3pIGWZ9oSY8UUBBqzTGJ6TFdbgHxmqZxM/TNmTY+aHSNvAD8k
nuYesLyRWKRYF4Dk9BTAa+HAYYsKjoiAlNicX4tdA4ytbImh2tBUe+TFwjJowLrf
hdoef1ck1Q7Ym4Elt68Q+Tf6WJo76ikL2jTLdy4nq6U7V4WgUtc3Iyr7kyHFY67w
LDBO+YVB+tapLkUf9Q626TkN/yoSLyNlP0hub4eV5jsxO4GhgLMEqg+Q1o/8gbq0
ZFM+JO4MQhN57ajxUXy93exL9quejQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFF7j
lw5pkOQmWU6X3ZH+UnFFOJGkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzdEREIyQzUwRTQxMUYwOTQ1RkUzRjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBmtGQAwQBmtGaMAwDBACa
0Z0DBACa0Z4wDAMEAJrRyQMEAprRyAMEAJrRzTANBgkqhkiG9w0BAQsFAAOCAQEA
HHHm96SkT17IeyViAGrBV/mF6TsFrzEtvmvGuxipaXR6DA5WnFHuzcXCB4zZbAQn
RmXD0WQflmaUq0LrrUfRR2ggm0J9tGCh/Gzu1W6n+e0CJ6WbF/7YBrkLDG53Q3wg
2gw1/s/0mQ9TM8vrboo2lGdaKkyIfBysToFmTiXIdNlKxCxCcCsI8g/bI0c8L+dv
fSfH1JELu6OvpbisJbhiqxSndYJxT/K4tsXWBpLlebvJiZafOkPWYpy7WeVd2NbH
ma1XtUjay4DyfIuEFDNhXDMy+KJvAvOegGaBowL7y8WlpC3FN4J/lM1MIwh0TjU1
WOEBoJDawWr1vglAM7Chvg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 12:30:55 2025 by rpki-client