Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D342761E541E11F08490D2F0DAE4EC9C.roa
File: D342761E541E11F08490D2F0DAE4EC9C.roa (raw, json)
Hash identifier: Rhi85BIqSrf022+K6XuQHNZMELx2l6j0Ucfcfnx9anY=
Subject key identifier: 89:A4:66:C5:14:EA:4C:6B:B2:0E:14:A3:BF:DF:8B:37:A1:7C:43:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018951
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D342761E541E11F08490D2F0DAE4EC9C.roa
Signing time: Sat 28 Jun 2025 12:53:02 +0000
ROA not before: Sat 28 Jun 2025 12:52:57 +0000
ROA not after: Tue 29 Jul 2025 12:52:57 +0000
asID: 9304
IP address blocks: 154.203.241.0/24 maxlen: 24
154.203.242.0/24 maxlen: 24
154.208.76.0/22 maxlen: 24
154.208.84.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100689 (0x18951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 12:52:57 2025 GMT
Not After : Jul 29 12:52:57 2025 GMT
Subject: CN=685fe5ae-1c33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2a:a0:59:23:97:e1:fa:77:f0:d6:bc:f2:60:
2e:4d:c5:17:10:84:12:2c:ba:dc:1e:b0:84:d9:47:
63:39:43:56:b7:7e:38:08:a7:0b:e3:a3:a6:a9:5b:
a9:dc:83:52:72:46:7a:b3:1f:6c:5a:5f:32:e6:4c:
97:3b:90:de:63:f8:95:a7:b5:c7:66:bd:a7:dd:60:
5a:7a:e7:8c:b7:fc:39:45:68:9e:c2:65:dc:ec:5a:
2b:20:91:2e:a2:93:ed:70:14:e4:f5:14:8e:54:4a:
e2:83:f6:c4:1e:fc:40:12:37:cc:ab:1e:eb:63:cb:
12:9d:ea:67:54:05:6c:e5:87:55:bc:10:fa:e7:12:
2e:07:79:51:ac:26:d5:2b:f9:95:d0:ff:e0:63:71:
3b:8a:6b:80:04:eb:f0:24:5a:d0:ac:e6:32:7a:32:
c9:a4:8d:d8:a1:a2:53:57:0c:d6:ab:8d:e4:51:86:
cc:3c:49:50:79:85:d1:43:58:7b:48:1b:a2:39:e4:
01:87:bc:c7:eb:b7:b4:39:9d:98:23:2f:d4:89:b2:
1d:b8:8c:53:b0:bd:83:3f:84:49:ad:a9:df:d4:53:
7c:42:33:28:b8:9b:5d:5e:f4:3b:9f:d6:39:7d:b8:
4f:ec:db:16:38:72:66:24:9c:cc:1e:b3:c4:42:d1:
24:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A4:66:C5:14:EA:4C:6B:B2:0E:14:A3:BF:DF:8B:37:A1:7C:43:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D342761E541E11F08490D2F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.241.0-154.203.242.255
154.208.76.0/22
154.208.84.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:af:b1:2b:aa:32:00:9d:54:c5:1c:66:e8:93:bb:da:dd:d7:
9a:31:16:db:00:cf:d3:13:fc:10:79:00:c5:67:5a:fd:af:5f:
49:11:52:63:ef:b5:45:a4:ed:53:47:f7:e9:91:f7:95:5c:af:
da:65:5a:ea:24:46:04:2e:f0:d2:26:bc:1f:66:98:74:89:49:
ca:68:1d:8d:1f:8e:6f:76:bf:33:88:ec:65:27:c3:6f:b9:64:
d3:ed:80:24:9d:49:e7:89:30:51:41:aa:73:02:68:f4:33:d1:
b4:12:25:54:4f:34:4c:f7:a9:e6:62:f5:76:26:39:ce:62:7e:
b5:73:ff:5b:6a:c6:73:00:20:5d:7f:53:f6:89:ff:8d:2b:cb:
8d:89:31:20:93:fd:a0:5f:e9:12:cd:09:c7:28:d1:f6:32:0c:
e4:cd:99:c9:d9:45:03:c4:3f:91:ed:33:84:4e:47:aa:73:59:
ef:b4:12:79:4f:02:f8:58:85:7d:a1:15:45:aa:d4:b4:c0:d1:
92:15:2c:62:66:4a:b8:f2:a6:01:94:a4:76:19:fc:2d:b9:98:
b2:cd:ac:a2:9f:1d:8b:98:d5:a8:2f:cb:80:64:ef:13:84:a3:
58:56:2b:fd:aa:c5:a5:ea:01:4f:26:15:ae:75:24:3d:89:5b:
0b:2c:c8:cf
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYlRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI4MTI1MjU3WhcNMjUwNzI5MTI1MjU3WjAYMRYw
FAYDVQQDEw02ODVmZTVhZS0xYzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzyqgWSOX4fp38Na88mAuTcUXEIQSLLrcHrCE2UdjOUNWt344CKcL46Om
qVup3INSckZ6sx9sWl8y5kyXO5DeY/iVp7XHZr2n3WBaeueMt/w5RWiewmXc7For
IJEuopPtcBTk9RSOVErig/bEHvxAEjfMqx7rY8sSnepnVAVs5YdVvBD65xIuB3lR
rCbVK/mV0P/gY3E7imuABOvwJFrQrOYyejLJpI3YoaJTVwzWq43kUYbMPElQeYXR
Q1h7SBuiOeQBh7zH67e0OZ2YIy/UibIduIxTsL2DP4RJranf1FN8QjMouJtdXvQ7
n9Y5fbhP7NsWOHJmJJzMHrPEQtEkGQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFImk
ZsUU6kxrsg4Uo7/fizehfENqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzQyNzYxRTU0MUUxMUYwODQ5MEQyRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACay/EDBACay/IDBAKa
0EwDBAKa0FQwDQYJKoZIhvcNAQELBQADggEBABuvsSuqMgCdVMUcZuiTu9rd15ox
FtsAz9MT/BB5AMVnWv2vX0kRUmPvtUWk7VNH9+mR95Vcr9plWuokRgQu8NImvB9m
mHSJScpoHY0fjm92vzOI7GUnw2+5ZNPtgCSdSeeJMFFBqnMCaPQz0bQSJVRPNEz3
qeZi9XYmOc5ifrVz/1tqxnMAIF1/U/aJ/40ry42JMSCT/aBf6RLNCcco0fYyDOTN
mcnZRQPEP5HtM4ROR6pzWe+0EnlPAvhYhX2hFUWq1LTA0ZIVLGJmSrjypgGUpHYZ
/C25mLLNrKKfHYuY1agvy4Bk7xOEo1hWK/2qxaXqAU8mFa51JD2JWwssyM8=
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:27:38 2025 by rpki-client