Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A825D234512E11F094BC64D1DAE4EC9C.roa
File: A825D234512E11F094BC64D1DAE4EC9C.roa (raw, json)
Hash identifier: Qb/kjcjHax5PLBTzLHpkeNZ+RJs8kDdTRWdK2NUdUjQ=
Subject key identifier: C5:AD:86:68:3B:38:DE:08:FE:C7:B4:D6:3F:73:7C:21:2E:AA:EF:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01889C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A825D234512E11F094BC64D1DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 19:08:48 +0000
ROA not before: Tue 24 Jun 2025 19:08:43 +0000
ROA not after: Fri 15 Aug 2025 19:08:43 +0000
asID: 63139
IP address blocks: 154.203.160.0/24 maxlen: 24
154.203.163.0/24 maxlen: 24
154.203.164.0/24 maxlen: 24
154.203.165.0/24 maxlen: 24
154.203.166.0/24 maxlen: 24
154.203.167.0/24 maxlen: 24
154.203.168.0/24 maxlen: 24
154.203.169.0/24 maxlen: 24
154.203.170.0/24 maxlen: 24
154.203.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100508 (0x1889c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 19:08:43 2025 GMT
Not After : Aug 15 19:08:43 2025 GMT
Subject: CN=685af7c0-c536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:69:34:91:98:8e:6d:08:5f:8e:ad:cd:fb:f4:
b8:18:c1:b3:06:8e:91:60:dd:08:dc:ad:73:14:d2:
e1:b2:81:98:5e:53:21:6d:51:27:c7:d2:89:6a:aa:
3d:0b:54:1a:2f:b1:ab:c3:d8:e4:a3:77:30:9b:15:
01:79:8e:7f:49:49:77:fc:92:52:f3:85:00:61:7b:
8a:92:3f:cb:84:90:5c:a7:bf:30:18:f4:8a:49:ca:
6b:82:64:a1:32:77:71:f8:d4:a6:4e:b4:c1:d1:4b:
7c:54:80:67:76:4d:2a:44:a5:11:6a:59:b7:d7:8e:
b1:8a:ab:75:7f:e4:e9:84:63:5c:07:ab:e2:60:80:
b9:fc:30:73:bd:7c:cd:2e:f6:b8:83:42:83:15:a1:
fe:9a:c0:b4:55:30:ab:7a:29:e3:97:28:e9:53:7b:
d7:98:1c:01:95:3b:a1:92:07:d8:9d:74:d9:fd:17:
06:83:b6:d3:91:d9:a1:5b:f8:60:be:c6:0c:a0:b0:
14:bd:b1:e5:16:9b:bc:dd:ea:b0:04:da:51:fe:f8:
88:4c:ac:2a:83:6d:0a:c8:7f:f9:69:2f:e0:63:b9:
a3:51:a2:88:9e:dd:b1:9e:9c:2a:f3:bf:1d:9e:62:
3d:4c:49:0d:c9:12:be:16:e9:25:73:28:f3:1b:77:
5f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AD:86:68:3B:38:DE:08:FE:C7:B4:D6:3F:73:7C:21:2E:AA:EF:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A825D234512E11F094BC64D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.160.0/24
154.203.163.0-154.203.170.255
154.203.172.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c3:84:cd:64:24:73:31:13:1e:54:cc:f0:ba:54:b0:99:f6:
3b:bb:51:cd:d9:14:65:bd:67:62:03:e5:6a:f1:40:91:9e:98:
8d:9c:32:17:8a:28:01:ef:0a:5c:0d:b3:2b:34:5d:f5:f4:a7:
82:d8:d3:b7:b5:1e:26:c1:0a:37:df:15:35:93:ff:11:ce:5d:
0b:a3:6d:45:a5:c8:df:ef:72:66:79:50:b9:89:6c:8b:f7:fb:
45:60:df:76:91:46:05:0d:24:9f:4b:25:78:be:f8:c5:e0:d4:
94:63:d4:9e:01:61:a0:e4:a9:d5:82:72:bc:54:a0:e7:2f:16:
ae:23:b5:b5:ca:48:e3:b1:32:87:3d:88:99:28:c4:98:42:9b:
fb:1e:d1:74:cb:2c:11:26:52:95:7e:60:a1:8a:b2:85:2f:e1:
7e:26:99:f3:65:68:6a:64:73:71:0b:23:93:2b:2d:f1:8c:ff:
fd:5d:52:a4:3a:03:e0:c4:3d:7d:dd:22:a3:a8:69:34:ca:56:
c9:70:fa:48:70:69:c5:7e:e5:bb:d4:ce:84:a6:03:7f:ef:5d:
e0:23:8f:29:3e:8c:34:37:fb:f9:b8:a3:10:76:be:02:28:d0:
2c:fd:08:24:9b:32:3c:0f:11:f0:87:a6:ed:b0:bd:5a:97:3a:
8e:57:1d:0b
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYicMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTkwODQzWhcNMjUwODE1MTkwODQzWjAYMRYw
FAYDVQQDEw02ODVhZjdjMC1jNTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Gk0kZiObQhfjq3N+/S4GMGzBo6RYN0I3K1zFNLhsoGYXlMhbVEnx9KJ
aqo9C1QaL7Grw9jko3cwmxUBeY5/SUl3/JJS84UAYXuKkj/LhJBcp78wGPSKScpr
gmShMndx+NSmTrTB0Ut8VIBndk0qRKURalm3146xiqt1f+TphGNcB6viYIC5/DBz
vXzNLva4g0KDFaH+msC0VTCreinjlyjpU3vXmBwBlTuhkgfYnXTZ/RcGg7bTkdmh
W/hgvsYMoLAUvbHlFpu83eqwBNpR/viITKwqg20KyH/5aS/gY7mjUaKInt2xnpwq
878dnmI9TEkNyRK+FuklcyjzG3dfuwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFMWt
hmg7ON4I/se01j9zfCEuqu8hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BODI1RDIzNDUxMkUxMUYwOTRCQzY0RDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAmsugMAwDBACay6MDBACa
y6oDBACay6wwDQYJKoZIhvcNAQELBQADggEBACTDhM1kJHMxEx5UzPC6VLCZ9ju7
Uc3ZFGW9Z2ID5WrxQJGemI2cMheKKAHvClwNsys0XfX0p4LY07e1HibBCjffFTWT
/xHOXQujbUWlyN/vcmZ5ULmJbIv3+0Vg33aRRgUNJJ9LJXi++MXg1JRj1J4BYaDk
qdWCcrxUoOcvFq4jtbXKSOOxMoc9iJkoxJhCm/se0XTLLBEmUpV+YKGKsoUv4X4m
mfNlaGpkc3ELI5MrLfGM//1dUqQ6A+DEPX3dIqOoaTTKVslw+khwacV+5bvUzoSm
A3/vXeAjjyk+jDQ3+/m4oxB2vgIo0Cz9CCSbMjwPEfCHpu2wvVqXOo5XHQs=
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:55:08 2025 by rpki-client