Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/392189F6542F11F0B93B14DCDAE4EC9C.roa
File: 392189F6542F11F0B93B14DCDAE4EC9C.roa (raw, json)
Hash identifier: 2rLu66GgV5afiN2btgbWwmHkyyYtaZaxOpHf9756cks=
Subject key identifier: 9C:9D:6A:31:FA:B4:65:C7:EC:3C:30:D4:12:B5:0C:83:9B:EB:0A:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01895B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/392189F6542F11F0B93B14DCDAE4EC9C.roa
Signing time: Sat 28 Jun 2025 14:50:25 +0000
ROA not before: Sat 28 Jun 2025 14:50:19 +0000
ROA not after: Sat 02 Aug 2025 14:50:19 +0000
asID: 203020
IP address blocks: 154.205.186.0/24 maxlen: 24
154.223.137.0/24 maxlen: 24
154.223.138.0/24 maxlen: 24
154.223.139.0/24 maxlen: 24
154.223.140.0/24 maxlen: 24
154.223.143.0/24 maxlen: 24
154.223.160.0/24 maxlen: 24
154.223.161.0/24 maxlen: 24
154.223.186.0/24 maxlen: 24
154.223.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100699 (0x1895b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 14:50:19 2025 GMT
Not After : Aug 2 14:50:19 2025 GMT
Subject: CN=68600131-263f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:7c:58:1c:d6:71:ed:46:9c:28:43:53:b4:f2:
18:50:0e:ee:fc:65:4a:14:b6:83:44:3c:7b:be:a8:
fc:5d:2d:5e:b8:40:53:b1:a3:03:24:0b:c5:be:3b:
c9:60:dd:1b:54:3c:22:1d:ba:d9:0f:2d:7b:bc:59:
fe:61:94:9c:77:5f:e8:00:93:bf:eb:9a:da:5b:9f:
19:8f:f8:f3:4e:32:2c:a6:be:76:70:40:f0:b2:37:
8b:87:8e:91:f2:b1:d3:17:fe:b5:85:bb:df:8f:9c:
70:55:b7:e9:cd:58:9d:43:f6:5e:59:68:42:36:99:
b6:34:26:a3:1f:3b:55:3e:03:2c:ef:db:8f:5a:f9:
3b:c7:c1:02:2b:10:b4:ea:a1:46:cd:a2:ae:1b:12:
66:4d:8a:7f:5b:e7:12:a7:d6:99:14:4d:c9:9b:8e:
a3:ed:c9:03:46:8c:64:06:6d:a3:9c:a2:1c:e3:08:
6c:9c:b2:6e:5e:15:f6:27:db:f6:d2:be:ef:9c:4e:
f5:a1:8e:72:97:34:ac:98:cb:96:68:54:a3:9d:89:
70:35:9d:7e:01:5d:f0:ea:a6:14:df:3c:19:7c:26:
15:ef:79:40:b6:2c:4a:50:03:47:13:dc:dd:f3:44:
57:a0:17:cb:05:5c:c1:ed:e0:ba:6c:0d:e5:c5:2c:
06:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9D:6A:31:FA:B4:65:C7:EC:3C:30:D4:12:B5:0C:83:9B:EB:0A:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/392189F6542F11F0B93B14DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.186.0/24
154.223.137.0-154.223.140.255
154.223.143.0/24
154.223.160.0/23
154.223.186.0/23
Signature Algorithm: sha256WithRSAEncryption
42:fd:d3:f1:05:49:da:8e:46:68:29:00:84:46:fc:45:fb:2d:
b5:00:68:2f:c2:eb:d4:ea:68:87:b8:7a:ae:59:8d:79:2f:2e:
2a:f7:7a:6f:78:a7:96:52:20:ed:3d:92:14:8e:65:fa:e3:62:
be:d5:c4:2f:27:2e:29:78:7e:b3:c5:a3:90:71:ac:27:e5:3a:
d5:10:8f:f3:a3:80:64:60:3b:ff:59:d0:da:37:22:56:e8:f0:
37:2d:c5:88:6b:07:5c:9b:d5:18:41:4a:b2:3d:5d:37:51:27:
ad:54:c4:78:26:15:98:6f:da:7e:4a:08:41:80:38:9c:39:47:
e1:67:38:26:fa:06:0b:af:12:aa:99:05:67:93:a2:42:5f:97:
8e:6a:e6:00:2a:75:65:f8:25:3d:6a:9a:87:ca:19:4f:7a:49:
dc:37:c6:ab:1b:d4:95:6e:f6:0d:43:69:55:e0:f0:ac:19:c0:
02:4b:55:d4:5f:4b:c6:27:c2:65:be:10:55:7c:ea:34:51:c3:
8f:85:43:2d:aa:67:ea:77:d9:33:d2:44:55:f5:45:ed:20:d3:
a0:40:84:6e:10:87:cd:8e:ec:62:fc:17:98:43:ec:39:45:01:
d4:30:84:c1:e4:88:f0:c6:c4:00:e4:07:74:7f:d7:68:7e:eb:
4c:bc:4a:c7
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAYlbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI4MTQ1MDE5WhcNMjUwODAyMTQ1MDE5WjAYMRYw
FAYDVQQDEw02ODYwMDEzMS0yNjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA53xYHNZx7UacKENTtPIYUA7u/GVKFLaDRDx7vqj8XS1euEBTsaMDJAvF
vjvJYN0bVDwiHbrZDy17vFn+YZScd1/oAJO/65raW58Zj/jzTjIspr52cEDwsjeL
h46R8rHTF/61hbvfj5xwVbfpzVidQ/ZeWWhCNpm2NCajHztVPgMs79uPWvk7x8EC
KxC06qFGzaKuGxJmTYp/W+cSp9aZFE3Jm46j7ckDRoxkBm2jnKIc4whsnLJuXhX2
J9v20r7vnE71oY5ylzSsmMuWaFSjnYlwNZ1+AV3w6qYU3zwZfCYV73lAtixKUANH
E9zd80RXoBfLBVzB7eC6bA3lxSwGYwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFJyd
ajH6tGXH7Dww1BK1DIOb6wrQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOTIxODlGNjU0MkYxMUYwQjkzQjE0RENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAms26MAwDBACa34kDBACa
34wDBACa348DBAGa36ADBAGa37owDQYJKoZIhvcNAQELBQADggEBAEL90/EFSdqO
RmgpAIRG/EX7LbUAaC/C69TqaIe4eq5ZjXkvLir3em94p5ZSIO09khSOZfrjYr7V
xC8nLil4frPFo5BxrCflOtUQj/OjgGRgO/9Z0No3Ilbo8DctxYhrB1yb1RhBSrI9
XTdRJ61UxHgmFZhv2n5KCEGAOJw5R+FnOCb6BguvEqqZBWeTokJfl45q5gAqdWX4
JT1qmofKGU96Sdw3xqsb1JVu9g1DaVXg8KwZwAJLVdRfS8YnwmW+EFV86jRRw4+F
Qy2qZ+p32TPSRFX1Re0g06BAhG4Qh82O7GL8F5hD7DlFAdQwhMHkiPDGxADkB3R/
12h+60y8Ssc=
-----END CERTIFICATE-----
Generated at Wed Jul 2 01:39:06 2025 by rpki-client