Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B04C7DE510911F0A7449FE1DAE4EC9C.roa
File: 3B04C7DE510911F0A7449FE1DAE4EC9C.roa (raw, json)
Hash identifier: n8ijRV0LUDELejtgn50bew3yZIfEErRfReLgTVFSSuw=
Subject key identifier: 2C:22:5F:B8:49:D3:4F:57:7F:C5:6E:54:C0:FB:8C:02:CB:80:8C:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01886E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B04C7DE510911F0A7449FE1DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 14:40:54 +0000
ROA not before: Tue 24 Jun 2025 14:40:46 +0000
ROA not after: Tue 05 Aug 2025 14:40:46 +0000
asID: 202656
IP address blocks: 154.219.217.0/24 maxlen: 24
154.219.218.0/24 maxlen: 24
154.219.219.0/24 maxlen: 24
154.219.220.0/24 maxlen: 24
154.219.221.0/24 maxlen: 24
154.219.223.0/24 maxlen: 24
154.219.224.0/24 maxlen: 24
154.219.249.0/24 maxlen: 24
154.221.52.0/24 maxlen: 24
154.222.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100462 (0x1886e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 14:40:46 2025 GMT
Not After : Aug 5 14:40:46 2025 GMT
Subject: CN=685ab8f6-a3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d3:cd:ef:19:2c:d8:15:4a:60:51:db:79:ea:
2c:a7:c9:96:ac:c5:b8:24:64:6d:bf:92:7d:69:4a:
dc:8b:e3:31:7c:d5:64:f1:63:53:a4:01:bf:84:4c:
39:e4:d6:45:df:b6:6a:c8:26:c5:1f:9f:1d:9c:15:
a7:f4:30:88:c3:34:94:d5:91:46:1d:fc:9d:d6:dd:
33:68:a9:b4:f3:97:de:c1:75:8d:16:e5:b2:e2:46:
3a:7e:75:a2:9a:f8:c6:09:7e:8c:17:b1:1f:5f:38:
4d:48:9a:3b:ec:7e:91:67:15:d6:92:5a:08:bb:cb:
ca:fc:3a:59:0c:23:33:fb:0f:a6:54:00:9f:0f:5d:
96:29:9d:a7:73:10:4e:45:bd:da:47:33:28:64:30:
39:c7:e2:f9:15:5c:cb:4d:72:42:72:90:44:90:1e:
ce:be:0c:22:1c:69:85:40:a1:05:b8:5a:96:b5:d6:
22:f0:5c:5a:4c:bf:47:e6:ce:2b:d2:47:02:8d:ba:
ba:1e:b7:8a:cc:aa:70:47:af:a4:60:db:2c:b3:c1:
0b:18:f6:71:61:fb:2c:3f:fe:35:ba:e1:44:1d:f2:
c0:1c:0e:cd:02:3d:65:3e:00:02:57:b2:2f:a2:1d:
f6:c6:38:2e:19:29:48:12:d1:ac:41:20:ce:8a:3c:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:22:5F:B8:49:D3:4F:57:7F:C5:6E:54:C0:FB:8C:02:CB:80:8C:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B04C7DE510911F0A7449FE1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.217.0-154.219.221.255
154.219.223.0-154.219.224.255
154.219.249.0/24
154.221.52.0/24
154.222.197.0/24
Signature Algorithm: sha256WithRSAEncryption
39:1d:50:3b:e7:10:bb:98:d3:d6:fd:ac:b8:4f:ea:70:20:53:
d4:e1:ea:6e:a7:33:57:e9:1e:6c:2f:42:01:c8:42:98:2c:75:
e1:c0:11:97:4a:3e:60:33:be:69:f4:c7:99:92:bb:64:ff:30:
21:41:e0:08:9e:0e:cb:8a:9c:8b:71:2e:30:05:4f:80:54:cf:
49:53:fc:8a:5d:c9:2b:55:4b:11:43:31:11:e3:4a:00:0c:76:
50:3e:79:b8:15:ad:f3:87:a7:7c:f3:5d:ff:71:6f:1c:f5:63:
54:4a:17:a8:20:43:e9:2b:3e:fa:6c:af:da:76:d7:ff:5b:e7:
08:46:5b:ea:4b:d6:2c:34:ca:5d:e5:f9:84:0e:50:ad:d7:41:
4c:db:59:f1:59:81:ee:ac:db:16:25:86:6c:5e:75:02:d4:87:
34:81:53:b4:e2:f0:e0:0c:cc:4e:5f:eb:f0:0a:59:1b:65:49:
8d:c7:a0:a9:30:81:15:87:9b:03:4f:2f:4b:79:91:d4:8a:80:
3b:73:91:5b:a8:57:78:f4:d7:70:8d:16:24:72:05:29:b9:8e:
6c:c3:aa:bd:bc:c3:45:7b:a0:f6:e5:b4:21:22:20:fc:67:e5:
1b:aa:ff:38:81:ea:25:00:90:ad:dc:b1:40:11:59:5f:58:7e:
0c:c9:c2:30
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAYhuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTQ0MDQ2WhcNMjUwODA1MTQ0MDQ2WjAYMRYw
FAYDVQQDEw02ODVhYjhmNi1hM2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsNPN7xks2BVKYFHbeeosp8mWrMW4JGRtv5J9aUrci+MxfNVk8WNTpAG/
hEw55NZF37ZqyCbFH58dnBWn9DCIwzSU1ZFGHfyd1t0zaKm085fewXWNFuWy4kY6
fnWimvjGCX6MF7EfXzhNSJo77H6RZxXWkloIu8vK/DpZDCMz+w+mVACfD12WKZ2n
cxBORb3aRzMoZDA5x+L5FVzLTXJCcpBEkB7OvgwiHGmFQKEFuFqWtdYi8FxaTL9H
5s4r0kcCjbq6HreKzKpwR6+kYNsss8ELGPZxYfssP/41uuFEHfLAHA7NAj1lPgAC
V7Ivoh32xjguGSlIEtGsQSDOijx+FwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFCwi
X7hJ009Xf8VuVMD7jALLgIyKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQjA0QzdERTUxMDkxMUYwQTc0NDlGRTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBACa29kDBAGa29wwDAME
AJrb3wMEAJrb4AMEAJrb+QMEAJrdNAMEAJrexTANBgkqhkiG9w0BAQsFAAOCAQEA
OR1QO+cQu5jT1v2suE/qcCBT1OHqbqczV+kebC9CAchCmCx14cARl0o+YDO+afTH
mZK7ZP8wIUHgCJ4Oy4qci3EuMAVPgFTPSVP8il3JK1VLEUMxEeNKAAx2UD55uBWt
84enfPNd/3FvHPVjVEoXqCBD6Ss++myv2nbX/1vnCEZb6kvWLDTKXeX5hA5QrddB
TNtZ8VmB7qzbFiWGbF51AtSHNIFTtOLw4AzMTl/r8ApZG2VJjcegqTCBFYebA08v
S3mR1IqAO3ORW6hXePTXcI0WJHIFKbmObMOqvbzDRXug9uW0ISIg/GflG6r/OIHq
JQCQrdyxQBFZX1h+DMnCMA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:02:13 2025 by rpki-client