Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB0D36244B7011F09CB94AEFDAE4EC9C.roa
File: DB0D36244B7011F09CB94AEFDAE4EC9C.roa (raw, json)
Hash identifier: YsST/y96SOptfXJSanmWbIQ4ja0ZE0Y5PCqqgew5GyA=
Subject key identifier: 19:13:8C:48:DB:34:38:1C:5F:4D:D5:3C:10:C4:DF:29:97:B0:CB:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018717
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB0D36244B7011F09CB94AEFDAE4EC9C.roa
Signing time: Tue 17 Jun 2025 11:47:35 +0000
ROA not before: Tue 17 Jun 2025 11:47:12 +0000
ROA not after: Sat 27 Dec 2025 11:47:12 +0000
asID: 400619
IP address blocks: 154.84.32.0/21 maxlen: 24
154.84.40.0/21 maxlen: 24
154.84.48.0/21 maxlen: 24
154.84.56.0/21 maxlen: 24
154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100119 (0x18717)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 11:47:12 2025 GMT
Not After : Dec 27 11:47:12 2025 GMT
Subject: CN=685155d7-4dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4b:7e:4c:23:bd:57:bb:0d:93:4f:48:4e:c7:
8d:ba:c7:5e:5f:da:2a:31:1c:75:6d:ab:e7:83:ea:
50:8c:05:a4:6a:d2:32:23:a4:da:12:88:ee:63:26:
66:49:f5:5b:06:49:d1:10:d1:f5:aa:96:41:0b:89:
65:ac:5e:da:78:6c:56:35:8b:f6:56:3c:3f:82:33:
62:0b:d1:4e:a1:20:8d:a1:3a:1f:c7:a4:c8:29:5c:
0e:49:59:3f:c3:55:cd:ee:01:d8:9d:80:ae:13:04:
86:31:59:48:34:af:22:51:a8:3b:a9:c5:fa:ef:1e:
cb:b2:0d:8e:7f:99:23:51:18:0c:5d:c1:dc:ce:b5:
b0:dd:e1:17:af:ed:a9:86:f9:17:77:03:4b:c9:21:
a8:7f:d2:96:40:73:f7:32:ff:ca:38:a0:10:59:b8:
45:18:79:e3:4b:d5:3d:18:fc:b7:5a:35:00:04:82:
8f:31:fa:a9:f7:2d:d5:d5:00:39:20:6d:80:6d:66:
cf:3a:7b:93:4b:b7:3a:cb:2e:83:05:74:a9:cb:f4:
53:a9:c3:0c:e2:78:2f:64:a9:2f:f7:9f:27:2f:85:
5a:8b:37:53:39:cf:79:2d:06:f5:21:2a:dd:ec:80:
e0:5f:0a:7d:78:98:e2:24:82:7f:46:58:5a:b1:8e:
51:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:13:8C:48:DB:34:38:1C:5F:4D:D5:3C:10:C4:DF:29:97:B0:CB:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB0D36244B7011F09CB94AEFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.32.0/19
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:e6:f9:e3:4f:6e:e5:fa:ba:bb:c8:46:1c:0e:94:a0:4a:6e:
11:67:62:3c:fd:ec:c1:b1:04:cd:40:fc:1d:24:88:c6:ae:55:
51:2f:6d:78:ad:5d:04:48:b2:b1:6c:56:3d:cf:eb:51:ff:45:
73:25:b0:da:94:eb:e6:54:f3:56:65:f4:60:48:59:45:6f:b4:
70:69:3c:67:2b:ff:fe:d0:dd:ef:9d:1a:3e:f0:10:17:30:43:
52:63:39:9e:36:2d:fb:ce:f6:6c:5e:cd:bf:80:63:ef:96:9d:
f7:14:56:b6:6a:ef:58:39:36:86:ff:a3:f0:fe:2c:f6:dc:71:
2e:86:53:8b:7f:60:de:4d:f8:91:96:ed:2b:ed:39:48:18:d5:
f8:ce:d2:9f:ac:ab:ec:da:1b:c6:39:e8:54:73:d1:3d:57:25:
94:59:d1:4b:9f:f9:75:7f:99:75:c3:78:1e:b3:71:0b:ce:ba:
62:31:51:8c:4a:59:a4:e2:06:07:62:40:9c:c1:f4:6f:98:36:
cf:4c:ee:92:ce:60:88:20:82:ae:3b:db:8e:2d:45:0c:96:46:
70:d9:54:6a:ba:32:9a:56:be:1c:ab:2e:32:05:ec:3f:86:e1:
22:c1:16:14:57:32:f3:34:af:52:70:ef:12:d1:32:30:c0:75:
64:84:33:a1
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYcXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTE0NzEyWhcNMjUxMjI3MTE0NzEyWjAYMRYw
FAYDVQQDEw02ODUxNTVkNy00ZGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA50t+TCO9V7sNk09ITseNusdeX9oqMRx1bavng+pQjAWkatIyI6TaEoju
YyZmSfVbBknRENH1qpZBC4llrF7aeGxWNYv2Vjw/gjNiC9FOoSCNoTofx6TIKVwO
SVk/w1XN7gHYnYCuEwSGMVlINK8iUag7qcX67x7Lsg2Of5kjURgMXcHczrWw3eEX
r+2phvkXdwNLySGof9KWQHP3Mv/KOKAQWbhFGHnjS9U9GPy3WjUABIKPMfqp9y3V
1QA5IG2AbWbPOnuTS7c6yy6DBXSpy/RTqcMM4ngvZKkv958nL4VaizdTOc95LQb1
ISrd7IDgXwp9eJjiJIJ/RlhasY5RgQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFBkT
jEjbNDgcX03VPBDE3ymXsMuiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjBEMzYyNDRCNzAxMUYwOUNCOTRBRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQFmlQgMAwDBASaWZADBASa
WcADBACaXxgwDQYJKoZIhvcNAQELBQADggEBANfm+eNPbuX6urvIRhwOlKBKbhFn
Yjz97MGxBM1A/B0kiMauVVEvbXitXQRIsrFsVj3P61H/RXMlsNqU6+ZU81Zl9GBI
WUVvtHBpPGcr//7Q3e+dGj7wEBcwQ1JjOZ42LfvO9mxezb+AY++WnfcUVrZq71g5
Nob/o/D+LPbccS6GU4t/YN5N+JGW7SvtOUgY1fjO0p+sq+zaG8Y56FRz0T1XJZRZ
0Uuf+XV/mXXDeB6zcQvOumIxUYxKWaTiBgdiQJzB9G+YNs9M7pLOYIgggq47244t
RQyWRnDZVGq6MppWvhyrLjIF7D+G4SLBFhRXMvM0r1Jw7xLRMjDAdWSEM6E=
-----END CERTIFICATE-----
Generated at Mon Jun 30 10:54:20 2025 by rpki-client