Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4790096850E711F08288F487DAE4EC9C.roa
File: 4790096850E711F08288F487DAE4EC9C.roa (raw, json)
Hash identifier: LqrI1tQGVGyZpsZR81n9jPCdyzu/y90ptugQ/+mT6RI=
Subject key identifier: C4:91:D8:31:2F:B8:DF:44:D2:87:65:3D:BA:B7:AA:18:CB:EC:CE:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018850
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4790096850E711F08288F487DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 10:37:52 +0000
ROA not before: Tue 24 Jun 2025 10:37:47 +0000
ROA not after: Fri 08 Aug 2025 10:37:47 +0000
asID: 44559
IP address blocks: 154.210.237.0/24 maxlen: 24
154.210.238.0/24 maxlen: 24
154.219.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 06:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100432 (0x18850)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 10:37:47 2025 GMT
Not After : Aug 8 10:37:47 2025 GMT
Subject: CN=685a8000-661f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8f:b6:58:60:ad:36:ab:cf:fb:75:e9:45:43:
16:b8:d5:5a:9a:d0:d4:95:36:b0:e6:0e:4f:cf:56:
4b:1f:d1:8e:30:73:27:0f:5e:23:9e:93:3e:04:48:
7a:a0:5b:14:2b:71:9d:70:b9:c6:20:2c:b5:61:56:
10:33:9e:e9:21:be:6d:1a:b5:5d:90:54:77:82:01:
4d:fb:61:d9:a0:99:0e:18:2d:d4:4d:74:d6:a3:bc:
7f:e6:61:32:d3:72:8c:49:f7:e0:ef:22:16:c0:c9:
93:cd:19:bf:17:b9:73:0d:e5:76:09:21:f0:51:5b:
e2:b5:71:3b:ad:c9:c1:8c:bb:d3:76:70:de:92:3f:
83:2d:0c:fc:6b:d9:67:7a:11:77:e4:1f:06:c3:2e:
9f:fb:98:5b:83:3e:70:2a:37:7d:08:cd:17:b5:a0:
a7:2a:87:d2:e2:ae:91:fa:44:8e:77:bc:f3:e7:50:
30:27:4a:18:45:12:37:13:c5:a5:c2:bc:48:83:65:
42:f1:4a:d3:ee:72:5e:d3:cc:ff:0b:b2:32:24:1a:
2f:ee:3c:64:e0:20:0e:6e:2f:11:b4:81:bd:03:dc:
c5:2c:f5:88:ea:13:2d:b7:5a:00:51:0e:3b:57:89:
d6:d6:38:f4:62:54:7a:ef:a4:00:96:24:41:95:30:
cd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:91:D8:31:2F:B8:DF:44:D2:87:65:3D:BA:B7:AA:18:CB:EC:CE:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4790096850E711F08288F487DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.237.0-154.210.238.255
154.219.64.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:6c:a9:d3:17:81:a8:d8:a1:fe:f1:6c:21:53:d4:a1:c6:fa:
af:9a:67:c8:3c:7d:85:2f:95:8c:e3:d5:54:fc:de:7e:b7:6b:
47:a2:37:70:3f:9e:ab:de:74:05:16:11:d1:df:01:db:c7:e3:
ea:fa:76:02:69:24:1b:14:d0:51:31:b8:ba:51:27:e1:63:87:
2c:ce:17:7a:2d:4b:a9:c9:3e:c4:ee:60:07:ee:df:ea:78:d0:
74:00:0c:d7:9c:17:ae:82:95:91:f6:a4:d6:17:6d:6b:01:d7:
bb:97:83:2c:37:69:12:ad:62:60:f9:18:4a:c4:c3:22:69:fe:
8b:f8:9f:7b:29:37:cb:4b:ef:46:56:83:19:3c:fc:4e:50:62:
cd:85:1b:f4:06:97:38:bd:59:bd:06:ca:a5:fd:7f:4a:77:ae:
ef:7b:28:60:04:90:cc:e0:cb:4c:10:b6:84:cf:90:f0:8d:09:
3e:25:1e:59:03:15:0a:8f:d9:ea:a2:68:84:0f:e6:54:22:ac:
38:45:c2:00:d9:cc:9e:68:36:bf:50:d8:85:35:1f:e7:d1:24:
39:4d:50:91:30:d1:42:0b:9e:bc:c3:57:ff:4b:44:cb:54:24:
73:26:6a:f8:51:86:37:14:26:4f:e3:52:23:4e:65:a2:1a:77:
f2:34:d4:74
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYhQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTAzNzQ3WhcNMjUwODA4MTAzNzQ3WjAYMRYw
FAYDVQQDEw02ODVhODAwMC02NjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtI+2WGCtNqvP+3XpRUMWuNVamtDUlTaw5g5Pz1ZLH9GOMHMnD14jnpM+
BEh6oFsUK3GdcLnGICy1YVYQM57pIb5tGrVdkFR3ggFN+2HZoJkOGC3UTXTWo7x/
5mEy03KMSffg7yIWwMmTzRm/F7lzDeV2CSHwUVvitXE7rcnBjLvTdnDekj+DLQz8
a9lnehF35B8Gwy6f+5hbgz5wKjd9CM0XtaCnKofS4q6R+kSOd7zz51AwJ0oYRRI3
E8WlwrxIg2VC8UrT7nJe08z/C7IyJBov7jxk4CAObi8RtIG9A9zFLPWI6hMtt1oA
UQ47V4nW1jj0YlR676QAliRBlTDN8wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMSR
2DEvuN9E0odlPbq3qhjL7M5WMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzkwMDk2ODUwRTcxMUYwODI4OEY0ODdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACa0u0DBACa0u4DBACa
20AwDQYJKoZIhvcNAQELBQADggEBALdsqdMXgajYof7xbCFT1KHG+q+aZ8g8fYUv
lYzj1VT83n63a0eiN3A/nqvedAUWEdHfAdvH4+r6dgJpJBsU0FExuLpRJ+FjhyzO
F3otS6nJPsTuYAfu3+p40HQADNecF66ClZH2pNYXbWsB17uXgyw3aRKtYmD5GErE
wyJp/ov4n3spN8tL70ZWgxk8/E5QYs2FG/QGlzi9Wb0GyqX9f0p3ru97KGAEkMzg
y0wQtoTPkPCNCT4lHlkDFQqP2eqiaIQP5lQirDhFwgDZzJ5oNr9Q2IU1H+fRJDlN
UJEw0UILnrzDV/9LRMtUJHMmavhRhjcUJk/jUiNOZaIad/I01HQ=
-----END CERTIFICATE-----
Generated at Tue Jul 1 09:20:04 2025 by rpki-client