Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90F7400A502C11F09D2313C7DAE4EC9C.roa
File: 90F7400A502C11F09D2313C7DAE4EC9C.roa (raw, json)
Hash identifier: CxUbthwicdj7xlYjKq1rEuYy3E4Omtc/+7Pv7bFtfpM=
Subject key identifier: 59:7D:DB:A1:C8:1F:83:9A:D0:BD:BE:AB:8F:4E:96:28:21:D3:7C:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018801
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90F7400A502C11F09D2313C7DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 12:21:19 +0000
ROA not before: Mon 23 Jun 2025 12:21:15 +0000
ROA not after: Tue 29 Jul 2025 12:21:15 +0000
asID: 135983
IP address blocks: 154.200.32.0/24 maxlen: 24
154.200.33.0/24 maxlen: 24
154.200.35.0/24 maxlen: 24
154.200.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100353 (0x18801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 23 12:21:15 2025 GMT
Not After : Jul 29 12:21:15 2025 GMT
Subject: CN=685946bf-4b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:76:ff:27:68:ce:1f:e5:85:f4:0d:42:32:0c:
73:75:90:ce:cb:e5:c8:43:d9:8e:cc:1d:88:5b:2d:
df:ac:8c:bb:a9:3a:9a:1b:1e:28:7d:f3:14:4f:d9:
5b:dd:4c:c4:d7:0d:f7:a8:9a:67:4e:c5:f5:43:fa:
35:ec:fc:d6:5c:6f:64:1b:61:03:79:ef:3f:a1:ef:
d5:2d:37:e0:96:56:33:a2:bc:6b:3f:3f:95:c0:8a:
cf:fa:cd:db:4f:0c:1b:2c:cd:f4:36:81:09:83:24:
a2:23:bd:a1:28:f6:31:39:2f:40:f8:e0:ee:3a:c5:
e6:37:98:f6:5e:5e:b3:44:93:b7:20:bb:41:0d:85:
26:9e:e3:22:68:ba:95:82:9c:4b:2f:3e:92:47:e8:
4a:5b:3d:76:b6:6a:f9:75:24:96:dd:11:d5:51:31:
65:52:f0:f4:17:c7:fc:51:27:e4:94:15:e7:b1:00:
d0:bf:7a:c4:6c:ce:a9:ca:de:17:d0:3a:5f:1f:a9:
2b:85:52:ae:41:f3:20:b1:7e:6f:0a:1c:2b:23:27:
55:da:b3:33:7a:c4:d0:00:79:4c:74:e5:a3:ab:e9:
0d:16:48:b1:4f:a5:fb:a5:dd:65:01:42:f5:3f:18:
38:4f:8a:56:5b:3f:a8:13:c5:56:e8:aa:46:b9:23:
46:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7D:DB:A1:C8:1F:83:9A:D0:BD:BE:AB:8F:4E:96:28:21:D3:7C:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90F7400A502C11F09D2313C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.32.0/23
154.200.35.0-154.200.36.255
Signature Algorithm: sha256WithRSAEncryption
c9:15:5d:4d:2f:b3:36:a5:5d:32:6a:c1:45:be:45:ad:8e:a5:
b4:6b:e5:3a:5d:9f:44:2e:77:56:5c:49:27:d2:23:fc:da:da:
ae:af:84:f8:1f:d3:d2:80:06:6d:e6:43:8b:0f:77:9e:32:e2:
ad:63:94:05:3b:8f:fa:60:52:ea:b2:6a:9f:55:b6:5e:f1:b4:
2d:ff:13:75:e3:58:d4:bf:02:fb:f6:00:07:2c:dc:ff:c6:7a:
12:e9:24:cd:28:14:0a:ef:cd:f0:70:4f:23:06:5b:bc:31:b1:
ce:03:02:ec:60:36:e5:a7:5f:66:71:64:cf:6b:fa:3e:9c:a5:
e4:e9:48:8f:73:fb:3c:be:07:5b:15:5f:14:5f:62:57:08:a5:
f6:0e:61:d6:6f:c3:ff:7f:17:f9:0c:98:dc:c1:c4:64:07:55:
6b:ed:a9:06:50:68:eb:4e:af:ac:3d:c3:f4:7d:fe:46:2b:7a:
6b:28:2a:ff:97:96:ea:38:aa:f8:64:95:12:94:70:f5:68:ca:
61:17:49:35:74:83:d4:15:ca:e1:1b:67:21:fd:9b:49:da:3a:
ce:85:da:3e:61:e2:e9:9c:76:db:ec:7b:16:70:36:2f:24:24:
77:91:25:62:ef:0e:17:72:69:a3:24:c9:b7:08:12:f9:43:99:
ee:f4:84:7b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYgBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIzMTIyMTE1WhcNMjUwNzI5MTIyMTE1WjAYMRYw
FAYDVQQDEw02ODU5NDZiZi00YjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA53b/J2jOH+WF9A1CMgxzdZDOy+XIQ9mOzB2IWy3frIy7qTqaGx4offMU
T9lb3UzE1w33qJpnTsX1Q/o17PzWXG9kG2EDee8/oe/VLTfgllYzorxrPz+VwIrP
+s3bTwwbLM30NoEJgySiI72hKPYxOS9A+ODuOsXmN5j2Xl6zRJO3ILtBDYUmnuMi
aLqVgpxLLz6SR+hKWz12tmr5dSSW3RHVUTFlUvD0F8f8USfklBXnsQDQv3rEbM6p
yt4X0DpfH6krhVKuQfMgsX5vChwrIydV2rMzesTQAHlMdOWjq+kNFkixT6X7pd1l
AUL1Pxg4T4pWWz+oE8VW6KpGuSNG1wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFl9
26HIH4Oa0L2+q49Oligh03zfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MEY3NDAwQTUwMkMxMUYwOUQyMzEzQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBmsggMAwDBACayCMDBACa
yCQwDQYJKoZIhvcNAQELBQADggEBAMkVXU0vszalXTJqwUW+Ra2OpbRr5Tpdn0Qu
d1ZcSSfSI/za2q6vhPgf09KABm3mQ4sPd54y4q1jlAU7j/pgUuqyap9Vtl7xtC3/
E3XjWNS/Avv2AAcs3P/GehLpJM0oFArvzfBwTyMGW7wxsc4DAuxgNuWnX2ZxZM9r
+j6cpeTpSI9z+zy+B1sVXxRfYlcIpfYOYdZvw/9/F/kMmNzBxGQHVWvtqQZQaOtO
r6w9w/R9/kYremsoKv+Xluo4qvhklRKUcPVoymEXSTV0g9QVyuEbZyH9m0naOs6F
2j5h4umcdtvsexZwNi8kJHeRJWLvDhdyaaMkybcIEvlDme70hHs=
-----END CERTIFICATE-----
Generated at Thu Jul 3 22:50:45 2025 by rpki-client