Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D681DA43BBD11F09B1CA3C9DAE4EC9C.roa
File: 6D681DA43BBD11F09B1CA3C9DAE4EC9C.roa (raw, json)
Hash identifier: VT+FurT8L0Q/IpK5bttBMRusN6m2pb3B+/DRBhfS/bg=
Subject key identifier: F7:9F:F5:7E:E1:57:4C:A5:69:89:F6:B7:1D:A0:D4:8A:41:7F:41:61
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018362
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D681DA43BBD11F09B1CA3C9DAE4EC9C.roa
Signing time: Wed 28 May 2025 12:15:22 +0000
ROA not before: Wed 28 May 2025 12:15:17 +0000
ROA not after: Sun 06 Jul 2025 12:15:17 +0000
asID: 202656
IP address blocks: 154.218.30.0/24 maxlen: 24
154.219.17.0/24 maxlen: 24
154.219.18.0/24 maxlen: 24
154.219.19.0/24 maxlen: 24
154.219.20.0/24 maxlen: 24
154.219.21.0/24 maxlen: 24
154.219.22.0/24 maxlen: 24
154.219.23.0/24 maxlen: 24
154.219.25.0/24 maxlen: 24
154.219.26.0/24 maxlen: 24
154.219.27.0/24 maxlen: 24
154.222.40.0/24 maxlen: 24
154.222.41.0/24 maxlen: 24
154.222.42.0/24 maxlen: 24
154.222.193.0/24 maxlen: 24
154.222.194.0/24 maxlen: 24
154.222.195.0/24 maxlen: 24
154.222.196.0/24 maxlen: 24
154.222.198.0/24 maxlen: 24
154.222.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99170 (0x18362)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 12:15:17 2025 GMT
Not After : Jul 6 12:15:17 2025 GMT
Subject: CN=6836fe5a-fa31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:00:49:e6:7d:ec:c6:38:ac:51:c3:7b:07:8f:
da:49:f4:84:7f:15:a7:83:d4:71:99:a9:f5:e9:43:
df:03:d8:9f:a6:b9:1e:3c:3a:fe:7e:00:90:3e:d5:
b8:a4:a7:14:fe:5e:57:ef:bf:71:17:35:96:1d:1b:
b0:4b:73:68:a0:60:34:7b:3a:96:04:80:83:80:93:
3f:93:32:6e:c8:d4:ff:87:05:c4:35:cb:8a:c7:d3:
58:50:3b:94:46:af:dd:fe:ff:74:a6:fe:b0:f8:33:
50:53:e2:84:ca:d2:72:3a:50:ea:68:e0:fa:b0:18:
ed:58:47:17:ee:f6:40:52:4a:0e:46:f1:15:5c:2c:
3a:f8:1e:91:ce:6b:0e:b2:49:70:6c:e4:59:aa:96:
ee:c3:fb:40:9d:27:fd:e5:4f:3a:9c:20:5e:9c:db:
93:85:b9:02:85:54:58:e8:d2:ed:10:a2:87:92:b7:
df:e4:43:b2:93:d8:00:c1:ba:e1:4c:af:9c:29:15:
52:80:51:5b:e8:4d:7d:d9:c9:06:4a:a3:54:4b:d8:
03:62:97:20:ae:26:7f:3c:52:6d:32:3f:07:28:3b:
6b:5a:bf:23:e7:1b:13:9c:e3:fb:ea:8c:c2:94:67:
7d:0d:9c:18:4c:74:d2:54:e7:c6:d0:5d:a3:02:36:
f9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9F:F5:7E:E1:57:4C:A5:69:89:F6:B7:1D:A0:D4:8A:41:7F:41:61
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D681DA43BBD11F09B1CA3C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.30.0/24
154.219.17.0-154.219.23.255
154.219.25.0-154.219.27.255
154.222.40.0-154.222.42.255
154.222.193.0-154.222.196.255
154.222.198.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:ce:11:80:a2:34:6d:86:9c:f5:91:e1:ad:51:7b:2f:6e:96:
5b:af:f9:06:c8:e0:55:eb:bd:89:ca:b2:2e:bb:46:f8:07:47:
43:9f:a3:a3:0b:2a:f1:e2:3d:3d:95:88:b9:f6:25:d9:07:0a:
cf:ea:7e:6f:d8:b8:ec:d8:92:c1:89:15:e0:77:26:a0:75:6d:
15:27:56:41:6b:0e:85:38:db:39:fc:41:ae:4c:4d:af:54:93:
50:73:8a:7d:e7:cc:50:0d:9b:18:72:97:df:fb:94:2b:e9:03:
4b:78:6e:3a:6c:a7:c4:5a:2b:76:43:1d:3b:cf:34:96:ee:7a:
b2:c2:73:fd:bc:f4:be:3f:0d:e0:85:38:f6:99:2d:e0:78:e3:
29:c3:63:33:ce:8e:8c:db:d3:84:4f:be:6f:a5:12:e2:90:8d:
67:ef:8a:52:de:33:65:46:29:b3:05:c1:6c:4a:ec:44:80:61:
9b:fe:9b:81:13:92:fc:7d:c3:ab:fc:a1:55:c4:2c:c0:8e:b4:
38:5e:f0:c0:b1:9b:f2:9e:1d:5e:e3:3c:34:19:f6:31:fd:a9:
cb:da:c3:46:c2:88:4d:f4:e6:21:fd:11:b2:e7:98:ee:7f:bf:
c6:0e:f7:5e:cf:89:00:1d:c9:d6:7e:fd:e7:4e:62:5f:77:78:
29:2d:41:4b
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIDAYNiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTIxNTE3WhcNMjUwNzA2MTIxNTE3WjAYMRYw
FAYDVQQDEw02ODM2ZmU1YS1mYTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwABJ5n3sxjisUcN7B4/aSfSEfxWng9Rxman16UPfA9ifprkePDr+fgCQ
PtW4pKcU/l5X779xFzWWHRuwS3NooGA0ezqWBICDgJM/kzJuyNT/hwXENcuKx9NY
UDuURq/d/v90pv6w+DNQU+KEytJyOlDqaOD6sBjtWEcX7vZAUkoORvEVXCw6+B6R
zmsOsklwbORZqpbuw/tAnSf95U86nCBenNuThbkChVRY6NLtEKKHkrff5EOyk9gA
wbrhTK+cKRVSgFFb6E192ckGSqNUS9gDYpcgriZ/PFJtMj8HKDtrWr8j5xsTnOP7
6ozClGd9DZwYTHTSVOfG0F2jAjb57wIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFPef
9X7hV0ylaYn2tx2g1IpBf0FhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RDY4MURBNDNCQkQxMUYwOUIxQ0EzQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAmtoeMAwDBACa2xEDBAOa
2xAwDAMEAJrbGQMEAprbGDAMAwQDmt4oAwQAmt4qMAwDBACa3sEDBACa3sQDBAGa
3sYwDQYJKoZIhvcNAQELBQADggEBAMbOEYCiNG2GnPWR4a1Rey9ulluv+QbI4FXr
vYnKsi67RvgHR0Ofo6MLKvHiPT2ViLn2JdkHCs/qfm/YuOzYksGJFeB3JqB1bRUn
VkFrDoU42zn8Qa5MTa9Uk1Bzin3nzFANmxhyl9/7lCvpA0t4bjpsp8RaK3ZDHTvP
NJbuerLCc/289L4/DeCFOPaZLeB44ynDYzPOjozb04RPvm+lEuKQjWfvilLeM2VG
KbMFwWxK7ESAYZv+m4ETkvx9w6v8oVXELMCOtDhe8MCxm/KeHV7jPDQZ9jH9qcva
w0bCiE305iH9EbLnmO5/v8YO917PiQAdydZ+/edOYl93eCktQUs=
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:03:29 2025 by rpki-client