Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F2D7B34501A11F0B97786D9DAE4EC9C.roa
File: 8F2D7B34501A11F0B97786D9DAE4EC9C.roa (raw, json)
Hash identifier: Sq2jkxNCNooIWSofPAJ4mEcEKGvGv220aSjx2mgffc0=
Subject key identifier: A3:80:3B:5A:29:22:E8:EC:8A:2C:7D:51:1E:85:A2:81:DE:6E:CD:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F2D7B34501A11F0B97786D9DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 10:12:25 +0000
ROA not before: Mon 23 Jun 2025 10:12:21 +0000
ROA not after: Thu 24 Jul 2025 10:12:21 +0000
asID: 139923
IP address blocks: 154.89.151.0/24 maxlen: 24
154.89.152.0/23 maxlen: 24
154.89.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100341 (0x187f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 23 10:12:21 2025 GMT
Not After : Jul 24 10:12:21 2025 GMT
Subject: CN=68592889-17b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d0:db:84:ef:02:b5:09:b6:be:1d:0a:f5:6c:
1c:20:17:d5:fe:9b:aa:a5:00:a8:6a:fc:51:5c:61:
19:16:bd:f1:f4:6e:59:2e:1d:28:34:53:2c:cf:4e:
ca:10:c3:70:df:1a:1d:0b:fa:0b:b2:20:57:a5:d7:
77:cd:00:62:d7:b2:bc:e4:f8:6b:2d:d6:ff:8e:75:
4e:f5:d8:86:be:47:b6:3e:ea:9e:09:21:19:7c:24:
1a:24:9e:52:39:3b:9f:51:e3:88:c6:14:cd:73:fb:
77:ce:f7:11:7c:22:7c:bf:93:68:20:de:05:f2:fa:
60:db:9c:67:bb:b3:54:af:1a:af:2d:72:24:58:8e:
c2:39:3b:ec:ce:e8:37:73:04:d8:d5:1d:64:66:f9:
f2:60:53:56:01:d7:29:24:53:0f:77:3b:1e:b9:f8:
f2:06:ba:b1:bb:b5:74:07:8d:6c:86:54:96:87:cd:
73:42:66:a6:df:62:cd:5b:40:b0:e7:fd:64:f9:22:
23:8b:22:08:4f:97:c5:4e:39:9c:19:75:68:bc:1d:
ad:aa:bb:a5:98:ba:19:7a:16:32:85:c7:58:d2:9a:
56:c3:92:d2:25:ca:09:10:4c:f1:57:ac:3f:fa:d1:
07:e0:c4:2d:a3:28:5b:23:24:33:12:21:22:ff:15:
0e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:80:3B:5A:29:22:E8:EC:8A:2C:7D:51:1E:85:A2:81:DE:6E:CD:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F2D7B34501A11F0B97786D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.151.0-154.89.153.255
154.89.157.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:bc:34:7c:c5:29:9b:41:14:29:22:aa:f6:09:27:f1:a2:1e:
08:8f:60:56:cf:ee:2a:d1:ab:db:67:d7:b6:af:6e:38:a6:1b:
59:de:de:ff:eb:43:20:ee:a7:51:e9:4f:eb:07:87:be:dd:4d:
a2:67:96:37:f0:a9:9c:39:cd:da:96:66:d6:1f:62:4a:78:e3:
c2:fd:0c:7e:c7:b2:7e:0c:c9:62:a3:96:1d:65:52:10:79:fd:
62:6a:f6:6c:16:9e:45:7d:44:c0:4e:33:f2:07:e0:04:02:93:
02:fd:58:69:da:17:3e:f3:53:ad:b4:ef:75:53:e9:62:5e:92:
93:64:59:48:29:2e:e7:2d:48:b2:18:6c:aa:4f:d8:ac:bf:8b:
19:58:9a:e2:b5:94:99:0b:89:4c:a9:22:54:02:0e:64:78:a6:
28:86:fa:04:ed:21:77:67:27:ff:5a:c0:75:b7:ea:24:a8:e9:
f2:87:78:ff:9a:ec:38:90:ec:59:76:f3:17:a5:7e:78:61:e7:
10:df:f8:f0:94:f5:20:41:a9:28:e0:51:03:9f:5a:a8:8c:4b:
2c:9d:5a:7e:54:0d:4d:a3:b1:51:b9:ad:cc:d5:80:b5:0b:b9:
3c:e2:b4:3c:3f:70:98:16:26:85:89:8f:1f:e2:bd:ea:c2:74:
01:43:be:1a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYf1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIzMTAxMjIxWhcNMjUwNzI0MTAxMjIxWjAYMRYw
FAYDVQQDEw02ODU5Mjg4OS0xN2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdDbhO8CtQm2vh0K9WwcIBfV/puqpQCoavxRXGEZFr3x9G5ZLh0oNFMs
z07KEMNw3xodC/oLsiBXpdd3zQBi17K85PhrLdb/jnVO9diGvke2PuqeCSEZfCQa
JJ5SOTufUeOIxhTNc/t3zvcRfCJ8v5NoIN4F8vpg25xnu7NUrxqvLXIkWI7COTvs
zug3cwTY1R1kZvnyYFNWAdcpJFMPdzseufjyBrqxu7V0B41shlSWh81zQmam32LN
W0Cw5/1k+SIjiyIIT5fFTjmcGXVovB2tqrulmLoZehYyhcdY0ppWw5LSJcoJEEzx
V6w/+tEH4MQtoyhbIyQzEiEi/xUOMQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKOA
O1opIujsiix9UR6FooHebs3VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RjJEN0IzNDUwMUExMUYwQjk3Nzg2RDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACaWZcDBAGaWZgDBACa
WZ0wDQYJKoZIhvcNAQELBQADggEBALq8NHzFKZtBFCkiqvYJJ/GiHgiPYFbP7irR
q9tn17avbjimG1ne3v/rQyDup1HpT+sHh77dTaJnljfwqZw5zdqWZtYfYkp448L9
DH7Hsn4MyWKjlh1lUhB5/WJq9mwWnkV9RMBOM/IH4AQCkwL9WGnaFz7zU62073VT
6WJekpNkWUgpLuctSLIYbKpP2Ky/ixlYmuK1lJkLiUypIlQCDmR4piiG+gTtIXdn
J/9awHW36iSo6fKHeP+a7DiQ7Fl28xelfnhh5xDf+PCU9SBBqSjgUQOfWqiMSyyd
Wn5UDU2jsVG5rczVgLULuTzitDw/cJgWJoWJjx/iverCdAFDvho=
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:07:42 2025 by rpki-client