Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24218590574C11F088D67D98DAE4EC9C.roa
File: 24218590574C11F088D67D98DAE4EC9C.roa (raw, json)
Hash identifier: 76Z5jtJW2Z8Iyt5xAwlCU7gyc9mZ3tLqc+z0Td8Dv2M=
Subject key identifier: E0:CB:2D:FD:5B:AB:25:79:A3:FD:48:41:10:40:05:0B:3F:4F:AD:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24218590574C11F088D67D98DAE4EC9C.roa
Signing time: Wed 02 Jul 2025 13:54:59 +0000
ROA not before: Wed 02 Jul 2025 13:54:54 +0000
ROA not after: Sun 24 Aug 2025 13:54:54 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
154.89.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100816 (0x189d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 2 13:54:54 2025 GMT
Not After : Aug 24 13:54:54 2025 GMT
Subject: CN=68653a33-f9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:22:1e:d9:36:86:75:4e:35:f4:c6:d7:0e:
52:64:80:09:5a:37:e3:26:8d:10:d3:f5:d8:36:1b:
10:07:98:67:3d:b6:6c:1d:fc:e8:64:6c:df:4c:8b:
78:ca:c8:2c:32:85:1f:b7:24:73:64:2d:f9:c5:74:
1c:bf:1d:91:88:d7:d8:9a:45:38:ab:84:ce:88:63:
c6:c0:78:08:b5:38:9b:b4:7d:6a:2e:56:ce:1f:4c:
11:bb:18:e6:d0:6e:71:a6:ec:3d:48:3d:52:b0:62:
c6:1b:7b:31:f4:a2:c1:79:aa:5c:85:2f:d0:5c:f5:
ce:6b:9d:38:79:ca:75:84:5d:9a:55:2d:8e:bc:97:
66:2b:7f:ba:da:4f:6b:ec:ef:57:bb:2e:34:05:5b:
3e:58:59:96:7c:a8:f8:72:b4:b8:d2:ce:2a:3f:0a:
2c:0e:24:5a:36:51:7b:2c:bd:43:63:2f:ac:f3:26:
cd:5a:da:67:08:3a:ba:ec:cf:e7:db:77:80:06:f0:
d7:9f:2c:d4:f3:68:b0:36:66:b3:76:7d:4f:07:72:
46:c0:2f:2a:fd:f7:1a:45:82:da:b2:a2:dd:fb:26:
35:b3:84:fa:5b:97:c1:17:d9:04:47:5a:af:b6:50:
03:62:df:e8:ec:f9:1a:d0:16:93:12:94:3a:b5:21:
a8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CB:2D:FD:5B:AB:25:79:A3:FD:48:41:10:40:05:0B:3F:4F:AD:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24218590574C11F088D67D98DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
154.89.200.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:a4:85:82:51:8b:96:68:68:05:10:0d:62:aa:6d:ab:43:ab:
7e:cd:4a:81:88:22:6a:f7:84:a1:d3:49:af:77:68:72:4c:77:
23:ad:cb:e8:6b:7c:51:5d:4b:0c:42:af:9f:f0:aa:8b:b2:a5:
bb:74:96:b3:27:e8:89:31:53:96:b1:49:60:83:32:05:be:61:
11:8b:0b:ba:8b:b8:4e:d2:81:20:8f:ee:b1:65:03:81:08:38:
3d:da:a8:69:67:af:19:09:aa:2f:d8:8a:c0:57:e9:ba:03:46:
78:62:0b:83:0d:d1:76:62:92:6f:64:61:47:de:ba:66:8a:d0:
36:e0:59:57:c7:16:78:47:c3:ef:d0:4d:c7:40:c8:95:45:ad:
96:6f:2f:37:85:85:e1:eb:c6:b9:df:f5:ce:ec:04:7a:60:52:
ef:91:ef:43:57:83:02:39:04:95:5d:a1:75:53:c7:f6:93:15:
3b:ed:76:ad:91:ca:f4:dd:99:6b:d1:70:f6:59:70:23:3b:07:
b9:d6:08:85:14:2e:25:9f:dc:48:56:54:2b:26:8e:09:d3:eb:
7f:3b:6e:39:c4:d5:9b:ca:3f:2c:8d:0b:dd:00:03:b1:d0:a1:
4d:c5:40:92:65:76:f1:af:0d:8a:31:45:74:be:61:cf:1a:ff:
cf:d6:6b:34
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYnQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAyMTM1NDU0WhcNMjUwODI0MTM1NDU0WjAYMRYw
FAYDVQQDEw02ODY1M2EzMy1mOWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0TkiHtk2hnVONfTG1w5SZIAJWjfjJo0Q0/XYNhsQB5hnPbZsHfzoZGzf
TIt4ysgsMoUftyRzZC35xXQcvx2RiNfYmkU4q4TOiGPGwHgItTibtH1qLlbOH0wR
uxjm0G5xpuw9SD1SsGLGG3sx9KLBeapchS/QXPXOa504ecp1hF2aVS2OvJdmK3+6
2k9r7O9Xuy40BVs+WFmWfKj4crS40s4qPwosDiRaNlF7LL1DYy+s8ybNWtpnCDq6
7M/n23eABvDXnyzU82iwNmazdn1PB3JGwC8q/fcaRYLasqLd+yY1s4T6W5fBF9kE
R1qvtlADYt/o7Pka0BaTEpQ6tSGopQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFODL
Lf1bqyV5o/1IQRBABQs/T614MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNDIxODU5MDU3NEMxMUYwODhENjdEOThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmlmgAwQDmlnIMA0GCSqG
SIb3DQEBCwUAA4IBAQANpIWCUYuWaGgFEA1iqm2rQ6t+zUqBiCJq94Sh00mvd2hy
THcjrcvoa3xRXUsMQq+f8KqLsqW7dJazJ+iJMVOWsUlggzIFvmERiwu6i7hO0oEg
j+6xZQOBCDg92qhpZ68ZCaov2IrAV+m6A0Z4YguDDdF2YpJvZGFH3rpmitA24FlX
xxZ4R8Pv0E3HQMiVRa2Wby83hYXh68a53/XO7AR6YFLvke9DV4MCOQSVXaF1U8f2
kxU77Xatkcr03Zlr0XD2WXAjOwe51giFFC4ln9xIVlQrJo4J0+t/O245xNWbyj8s
jQvdAAOx0KFNxUCSZXbxrw2KMUV0vmHPGv/P1ms0
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:12:08 2025 by rpki-client