Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76E5E2524EA111F0B8224AC3DAE4EC9C.roa
File: 76E5E2524EA111F0B8224AC3DAE4EC9C.roa (raw, json)
Hash identifier: y8MUDBA5jdM71X1zE1NGB+la1ey0vwJGhse1FJNA/FI=
Subject key identifier: 24:E9:49:70:78:31:10:6F:8C:59:48:57:5E:6C:84:28:F9:F6:A4:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76E5E2524EA111F0B8224AC3DAE4EC9C.roa
Signing time: Sat 21 Jun 2025 13:13:04 +0000
ROA not before: Sat 21 Jun 2025 13:12:59 +0000
ROA not after: Wed 30 Jul 2025 13:12:59 +0000
asID: 62240
IP address blocks: 154.195.108.0/24 maxlen: 24
154.195.111.0/24 maxlen: 24
154.195.112.0/24 maxlen: 24
154.195.120.0/24 maxlen: 24
154.195.124.0/24 maxlen: 24
154.195.136.0/24 maxlen: 24
154.195.137.0/24 maxlen: 24
154.195.138.0/24 maxlen: 24
154.195.140.0/24 maxlen: 24
154.196.30.0/24 maxlen: 24
154.196.31.0/24 maxlen: 24
154.196.33.0/24 maxlen: 24
154.196.36.0/24 maxlen: 24
154.196.40.0/24 maxlen: 24
154.196.41.0/24 maxlen: 24
154.196.42.0/24 maxlen: 24
154.196.43.0/24 maxlen: 24
154.196.44.0/24 maxlen: 24
154.196.45.0/24 maxlen: 24
154.196.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100302 (0x187ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 21 13:12:59 2025 GMT
Not After : Jul 30 13:12:59 2025 GMT
Subject: CN=6856afe0-6850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:de:54:91:fc:2e:bd:bd:ea:6f:a8:43:04:da:
f5:23:8f:51:ca:5e:7c:40:82:c8:59:55:c1:4d:65:
c6:e4:9d:64:04:48:36:5c:d7:91:5c:55:6c:7e:0b:
32:99:08:b7:94:80:52:86:1a:6b:dd:14:5a:f6:e2:
cf:78:12:49:a0:dd:57:d7:c0:79:cf:54:ea:81:50:
93:63:08:61:e6:0e:0b:e2:ed:70:ee:3b:dd:41:b2:
bc:7c:41:65:cf:4c:ad:46:de:a8:78:76:11:eb:9b:
eb:c7:74:2b:b6:70:7e:61:c5:a1:a5:36:40:c5:f0:
10:17:be:ef:a1:e4:8d:bf:dd:6a:e0:59:6f:56:61:
91:0b:d0:03:48:cb:dc:8c:5f:cc:8f:8f:00:18:82:
e9:06:8d:f7:10:b2:18:e5:4b:2e:82:8e:31:2f:70:
c0:f1:c0:e7:a6:76:70:01:5b:14:5b:89:c9:d3:e0:
1e:99:1b:2d:92:89:63:a8:d3:2e:31:24:04:0a:15:
21:a9:58:9b:09:4a:2f:81:40:6e:5a:8a:4e:4c:a8:
02:e0:a8:5d:63:d3:ab:ed:a1:e9:15:a9:1d:02:c7:
d3:63:58:e9:10:5f:18:29:7a:67:24:04:25:28:0d:
a6:6b:fa:62:be:b0:e6:72:4a:59:6c:48:42:bb:02:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E9:49:70:78:31:10:6F:8C:59:48:57:5E:6C:84:28:F9:F6:A4:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76E5E2524EA111F0B8224AC3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.108.0/24
154.195.111.0-154.195.112.255
154.195.120.0/24
154.195.124.0/24
154.195.136.0-154.195.138.255
154.195.140.0/24
154.196.30.0/23
154.196.33.0/24
154.196.36.0/24
154.196.40.0-154.196.46.255
Signature Algorithm: sha256WithRSAEncryption
20:e8:8c:0a:2c:4c:f7:23:74:83:95:3c:9c:7b:45:56:33:de:
a1:42:7a:ba:e4:d9:21:da:80:db:d6:59:ad:0e:b4:bc:55:7a:
cf:75:8a:15:93:21:ac:b4:ad:90:f4:fc:61:7d:72:d4:37:2c:
3d:fd:7d:5f:e1:e4:9c:e6:21:63:ba:f1:32:1e:33:b2:14:23:
c9:53:91:d0:fb:6f:53:ff:a4:ee:21:6c:fd:2e:32:39:0b:ad:
ff:93:e2:0e:62:72:d7:e9:72:28:d9:58:2f:b8:36:15:16:5e:
49:b4:d7:aa:7b:6a:d8:11:bf:fd:16:27:42:21:70:89:ec:55:
c6:0b:f5:7e:19:47:b1:c1:c5:76:a9:36:9b:13:57:96:47:3e:
e9:4d:10:de:fa:15:d1:7a:fe:52:34:8f:7f:94:0d:fe:82:b4:
c1:ea:5e:f6:d2:cf:b4:38:0e:a1:90:e0:27:c6:06:24:f0:38:
ae:79:16:63:c3:a3:dc:46:f8:58:d2:98:69:a5:a1:45:3c:20:
bf:a4:cf:f9:9a:f5:52:fa:8d:b8:7f:9b:4f:42:64:10:a6:12:
77:5d:b1:59:cf:b8:54:2a:75:c5:bd:f9:26:b6:e9:84:5f:57:
42:ca:b3:ae:a4:0f:f6:31:f2:8e:ff:30:ae:c0:64:9d:c3:42:
28:0a:8e:dd
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDAYfOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIxMTMxMjU5WhcNMjUwNzMwMTMxMjU5WjAYMRYw
FAYDVQQDEw02ODU2YWZlMC02ODUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu95Ukfwuvb3qb6hDBNr1I49Ryl58QILIWVXBTWXG5J1kBEg2XNeRXFVs
fgsymQi3lIBShhpr3RRa9uLPeBJJoN1X18B5z1TqgVCTYwhh5g4L4u1w7jvdQbK8
fEFlz0ytRt6oeHYR65vrx3QrtnB+YcWhpTZAxfAQF77voeSNv91q4FlvVmGRC9AD
SMvcjF/Mj48AGILpBo33ELIY5Usugo4xL3DA8cDnpnZwAVsUW4nJ0+AemRstkolj
qNMuMSQEChUhqVibCUovgUBuWopOTKgC4KhdY9Or7aHpFakdAsfTY1jpEF8YKXpn
JAQlKA2ma/pivrDmckpZbEhCuwIstwIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFCTp
SXB4MRBvjFlIV15shCj59qRAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NkU1RTI1MjRFQTExMUYwQjgyMjRBQzNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAmsNsMAwDBACaw28DBACa
w3ADBACaw3gDBACaw3wwDAMEA5rDiAMEAJrDigMEAJrDjAMEAZrEHgMEAJrEIQME
AJrEJDAMAwQDmsQoAwQAmsQuMA0GCSqGSIb3DQEBCwUAA4IBAQAg6IwKLEz3I3SD
lTyce0VWM96hQnq65Nkh2oDb1lmtDrS8VXrPdYoVkyGstK2Q9PxhfXLUNyw9/X1f
4eSc5iFjuvEyHjOyFCPJU5HQ+29T/6TuIWz9LjI5C63/k+IOYnLX6XIo2VgvuDYV
Fl5JtNeqe2rYEb/9FidCIXCJ7FXGC/V+GUexwcV2qTabE1eWRz7pTRDe+hXRev5S
NI9/lA3+grTB6l720s+0OA6hkOAnxgYk8DiueRZjw6PcRvhY0phppaFFPCC/pM/5
mvVS+o24f5tPQmQQphJ3XbFZz7hUKnXFvfkmtumEX1dCyrOupA/2MfKO/zCuwGSd
w0IoCo7d
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:25:43 2025 by rpki-client