Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E3D94BA4B6811F0BF4FA0B7DAE4EC9C.roa
File: 1E3D94BA4B6811F0BF4FA0B7DAE4EC9C.roa (raw, json)
Hash identifier: vDeNZkOeFxrLIIsBfjhnlHGO68XB7uXFY4nZmaSPOnA=
Subject key identifier: 99:77:B0:EF:45:CE:8D:88:99:53:DD:F3:6C:53:CB:63:62:23:27:C0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018705
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E3D94BA4B6811F0BF4FA0B7DAE4EC9C.roa
Signing time: Tue 17 Jun 2025 10:45:01 +0000
ROA not before: Tue 17 Jun 2025 10:44:56 +0000
ROA not after: Thu 24 Jul 2025 10:44:56 +0000
asID: 18013
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100101 (0x18705)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 10:44:56 2025 GMT
Not After : Jul 24 10:44:56 2025 GMT
Subject: CN=6851472d-5336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:b5:94:5f:15:6f:c9:22:2a:bc:5b:1e:c4:
c2:ad:67:1c:69:2a:e9:ba:07:12:84:2c:1c:3a:53:
f7:ba:54:a9:f6:78:9a:15:d1:27:ec:cf:cb:19:23:
a4:7e:87:d9:55:d3:40:cc:6e:55:9b:9e:5f:1c:72:
77:94:93:a0:d3:87:52:bf:84:0f:2a:55:1f:14:1d:
d6:98:b3:d0:60:52:b7:32:66:ef:da:9e:ee:d5:04:
f8:7d:c2:15:5d:09:0c:b3:c9:a1:59:b9:70:23:61:
75:d4:0d:96:8f:71:8f:ac:f0:9c:59:0a:c2:3d:ef:
fd:2f:81:85:60:1d:26:37:e7:dc:27:66:23:d5:04:
02:bb:da:50:64:0c:e5:2d:bf:50:ea:25:7b:fc:93:
ff:e1:17:08:15:04:3d:d6:46:1d:aa:70:65:bd:eb:
df:68:f9:ac:1d:5b:2d:f3:15:6a:85:63:e2:2a:8f:
a5:6e:04:ee:ec:d6:94:f5:69:4c:3b:26:71:d1:0b:
1c:d8:34:76:d4:a8:c2:7a:f6:b6:35:31:d9:e4:07:
83:ac:53:42:d1:28:6f:19:16:d1:42:fa:7f:31:bb:
bb:f2:47:60:f3:5d:2c:ff:c6:78:32:e2:38:2f:13:
ca:ce:81:e6:0d:06:ca:a2:a0:cd:c3:dc:70:db:85:
5e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:77:B0:EF:45:CE:8D:88:99:53:DD:F3:6C:53:CB:63:62:23:27:C0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E3D94BA4B6811F0BF4FA0B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
d6:a0:21:3b:13:56:56:b2:dd:0c:0a:c2:96:fd:7f:b4:04:94:
c3:30:7c:74:b0:e2:6c:7a:f0:11:aa:8d:8f:48:fc:92:51:5f:
51:5e:40:c7:52:a9:12:02:88:11:3c:03:c7:82:dd:2e:5e:73:
1d:a5:62:4c:e0:67:20:e3:51:1b:d3:14:21:11:43:f9:0d:e4:
b8:a2:2d:3a:f2:97:12:ec:2c:1d:04:a9:7d:1d:d3:f6:90:16:
e6:ec:a2:05:3a:da:9c:2e:92:ff:e4:80:61:c9:1c:02:90:fe:
4e:d2:f8:31:2b:f1:15:27:da:7a:e8:b6:be:32:7b:00:34:18:
5f:44:2f:cc:2b:2e:95:cb:5a:01:7d:df:f4:9f:97:36:5e:c4:
64:29:c8:c0:78:29:16:9c:bc:2a:d0:ec:7f:96:bf:4d:9d:44:
d6:d6:93:de:d4:88:fb:5b:bc:d0:2d:ae:ba:15:ec:36:35:dd:
71:db:e0:e0:91:d8:11:7c:78:f4:f1:17:ed:be:df:ce:45:8b:
cd:9a:cc:6c:46:b8:80:3a:e4:fb:52:47:2e:64:66:4c:19:e9:
51:38:73:f2:ba:70:a1:fe:48:bb:53:05:d1:ab:92:39:2a:be:
af:8e:cb:b6:81:07:ae:b7:32:dd:de:82:a0:00:32:23:ad:54:
ed:86:a7:13
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAYcFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTA0NDU2WhcNMjUwNzI0MTA0NDU2WjAYMRYw
FAYDVQQDEw02ODUxNDcyZC01MzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsIC1lF8Vb8kiKrxbHsTCrWccaSrpugcShCwcOlP3ulSp9niaFdEn7M/L
GSOkfofZVdNAzG5Vm55fHHJ3lJOg04dSv4QPKlUfFB3WmLPQYFK3Mmbv2p7u1QT4
fcIVXQkMs8mhWblwI2F11A2Wj3GPrPCcWQrCPe/9L4GFYB0mN+fcJ2Yj1QQCu9pQ
ZAzlLb9Q6iV7/JP/4RcIFQQ91kYdqnBlvevfaPmsHVst8xVqhWPiKo+lbgTu7NaU
9WlMOyZx0Qsc2DR21KjCeva2NTHZ5AeDrFNC0ShvGRbRQvp/Mbu78kdg810s/8Z4
MuI4LxPKzoHmDQbKoqDNw9xw24VepQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFJl3
sO9Fzo2ImVPd82xTy2NiIyfAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRTNEOTRCQTRCNjgxMUYwQkY0RkEwQjdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEA1qAhOxNWVrLdDArClv1/tASUwzB8
dLDibHrwEaqNj0j8klFfUV5Ax1KpEgKIETwDx4LdLl5zHaViTOBnIONRG9MUIRFD
+Q3kuKItOvKXEuwsHQSpfR3T9pAW5uyiBTranC6S/+SAYckcApD+TtL4MSvxFSfa
eui2vjJ7ADQYX0QvzCsulctaAX3f9J+XNl7EZCnIwHgpFpy8KtDsf5a/TZ1E1taT
3tSI+1u80C2uuhXsNjXdcdvg4JHYEXx49PEX7b7fzkWLzZrMbEa4gDrk+1JHLmRm
TBnpUThz8rpwof5Iu1MF0auSOSq+r47LtoEHrrcy3d6CoAAyI61U7YanEw==
-----END CERTIFICATE-----
Generated at Mon Jun 30 12:35:43 2025 by rpki-client