Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C41E044519511F0ADF9AB78DAE4EC9C.roa
File: 0C41E044519511F0ADF9AB78DAE4EC9C.roa (raw, json)
Hash identifier: euAChw1pVZUBOpjMQCE8fSmFQwcC2s9vIqy2IS9tjHk=
Subject key identifier: 06:25:76:F6:C8:84:34:1F:46:5F:49:D6:FB:D7:9E:67:C9:00:9C:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0188E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C41E044519511F0ADF9AB78DAE4EC9C.roa
Signing time: Wed 25 Jun 2025 07:21:45 +0000
ROA not before: Wed 25 Jun 2025 07:21:40 +0000
ROA not after: Thu 31 Jul 2025 07:21:40 +0000
asID: 62240
IP address blocks: 154.194.36.0/24 maxlen: 24
154.194.59.0/24 maxlen: 24
154.194.67.0/24 maxlen: 24
154.194.207.0/24 maxlen: 24
154.198.63.0/24 maxlen: 24
154.198.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 00:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100585 (0x188e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 25 07:21:40 2025 GMT
Not After : Jul 31 07:21:40 2025 GMT
Subject: CN=685ba389-84a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:33:32:74:27:3a:d0:b6:3b:22:52:8d:e9:65:
b0:ea:46:51:f2:67:37:b0:df:06:da:70:d6:28:1a:
11:e0:d0:95:75:28:cc:d2:ad:6a:ef:a7:3d:23:71:
35:75:78:91:fb:ee:84:38:de:e4:27:79:43:84:9f:
ab:d1:a8:36:05:bc:32:90:65:f1:37:6f:1b:11:86:
a6:79:f5:f1:1d:00:2f:fd:ef:9b:9f:e6:6d:88:79:
ba:31:14:cf:94:d8:57:9b:d4:32:45:45:0f:d2:2e:
86:cc:bc:05:47:18:ce:72:17:53:7f:93:22:cd:f7:
95:77:7c:81:e2:12:5b:64:c0:f0:a0:9c:5b:10:fb:
55:a4:14:68:7e:92:60:dd:25:40:f0:04:a9:7e:8d:
f6:e4:84:bc:4e:3e:31:e6:75:b2:6c:c0:94:af:c1:
cf:67:14:e3:1d:6f:3a:57:ff:e2:72:27:7d:a7:45:
b4:30:03:41:cf:c0:fb:cd:26:a5:58:5b:cd:5e:85:
34:8c:dd:da:5d:4f:6a:f2:49:78:49:b6:99:30:43:
5f:a1:99:f4:05:4e:4c:19:eb:c8:05:b4:69:4d:4a:
06:34:e1:38:a7:85:76:fc:20:b4:0f:7f:c5:23:75:
02:0d:6d:c7:75:1b:6b:db:ed:12:98:2e:fa:bf:f0:
37:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:25:76:F6:C8:84:34:1F:46:5F:49:D6:FB:D7:9E:67:C9:00:9C:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C41E044519511F0ADF9AB78DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.36.0/24
154.194.59.0/24
154.194.67.0/24
154.194.207.0/24
154.198.63.0/24
154.198.191.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:82:22:5d:58:06:b8:64:62:da:bd:a8:2e:6f:a5:81:90:81:
9a:0e:cc:de:7c:e8:2e:e0:31:7c:8c:55:7f:22:77:f6:c9:2e:
66:cc:96:87:95:80:e8:8c:44:61:f2:ce:03:77:0e:0c:0f:09:
a3:b5:31:7a:94:33:eb:db:ea:6c:7f:58:bb:11:24:56:d6:e1:
22:70:9c:7b:7d:dc:b7:e0:7d:5e:8a:06:4d:65:44:6f:e0:77:
dc:97:e1:f0:dd:c0:af:1f:44:20:e0:84:38:a3:80:90:75:38:
7a:4d:f0:af:35:e9:ff:ac:a7:c5:41:fa:a1:5e:30:15:a5:c9:
66:ff:7d:e9:f8:8b:af:28:40:59:89:b4:92:7d:7e:97:99:97:
01:d7:f0:3d:43:20:cf:41:5f:2b:1a:62:6e:d9:dd:4c:91:ad:
98:2c:bd:de:90:69:50:0e:3d:4f:1b:3d:8e:4c:ce:fb:b0:5a:
31:92:0a:75:d5:5a:0b:3c:4e:ee:9a:34:ce:6f:2d:fc:63:23:
a3:7c:7d:d9:e3:c6:9d:0a:b6:3f:7c:63:00:7b:1a:cd:34:64:
ea:ca:f4:00:83:d5:de:01:09:87:f1:cf:0b:65:3e:5e:96:eb:
fa:94:7f:23:a3:d6:78:be:5c:ae:19:67:df:c3:6a:61:cb:26:
17:d4:39:79
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAYjpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI1MDcyMTQwWhcNMjUwNzMxMDcyMTQwWjAYMRYw
FAYDVQQDEw02ODViYTM4OS04NGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyTMydCc60LY7IlKN6WWw6kZR8mc3sN8G2nDWKBoR4NCVdSjM0q1q76c9
I3E1dXiR++6EON7kJ3lDhJ+r0ag2BbwykGXxN28bEYamefXxHQAv/e+bn+ZtiHm6
MRTPlNhXm9QyRUUP0i6GzLwFRxjOchdTf5MizfeVd3yB4hJbZMDwoJxbEPtVpBRo
fpJg3SVA8ASpfo325IS8Tj4x5nWybMCUr8HPZxTjHW86V//icid9p0W0MANBz8D7
zSalWFvNXoU0jN3aXU9q8kl4SbaZMENfoZn0BU5MGevIBbRpTUoGNOE4p4V2/CC0
D3/FI3UCDW3HdRtr2+0SmC76v/A3jQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFAYl
dvbIhDQfRl9J1vvXnmfJAJwzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQzQxRTA0NDUxOTUxMUYwQURGOUFCNzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAmsIkAwQAmsI7AwQAmsJD
AwQAmsLPAwQAmsY/AwQAmsa/MA0GCSqGSIb3DQEBCwUAA4IBAQDOgiJdWAa4ZGLa
vagub6WBkIGaDszefOgu4DF8jFV/Inf2yS5mzJaHlYDojERh8s4Ddw4MDwmjtTF6
lDPr2+psf1i7ESRW1uEicJx7fdy34H1eigZNZURv4Hfcl+Hw3cCvH0Qg4IQ4o4CQ
dTh6TfCvNen/rKfFQfqhXjAVpclm/33p+IuvKEBZibSSfX6XmZcB1/A9QyDPQV8r
GmJu2d1Mka2YLL3ekGlQDj1PGz2OTM77sFoxkgp11VoLPE7umjTOby38YyOjfH3Z
48adCrY/fGMAexrNNGTqyvQAg9XeAQmH8c8LZT5eluv6lH8jo9Z4vlyuGWffw2ph
yyYX1Dl5
-----END CERTIFICATE-----
Generated at Tue Jul 1 03:43:44 2025 by rpki-client