Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F52CA2104EAE11F0990AE199DAE4EC9C.roa
File: F52CA2104EAE11F0990AE199DAE4EC9C.roa (raw, json)
Hash identifier: 2/qaaAhEKoH99z96/3Yo00Pi4sFw53z4gRfRNmpzJww=
Subject key identifier: 8B:2C:7A:D4:F7:2E:63:B9:36:BB:26:88:9C:38:16:37:44:7E:32:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187E8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F52CA2104EAE11F0990AE199DAE4EC9C.roa
Signing time: Sat 21 Jun 2025 14:49:39 +0000
ROA not before: Sat 21 Jun 2025 14:49:34 +0000
ROA not after: Thu 31 Jul 2025 14:49:34 +0000
asID: 44559
IP address blocks: 154.81.40.0/24 maxlen: 24
154.81.41.0/24 maxlen: 24
154.81.42.0/24 maxlen: 24
154.81.43.0/24 maxlen: 24
154.81.44.0/24 maxlen: 24
154.81.45.0/24 maxlen: 24
154.81.46.0/24 maxlen: 24
154.81.47.0/24 maxlen: 24
154.81.52.0/24 maxlen: 24
154.81.53.0/24 maxlen: 24
154.81.54.0/24 maxlen: 24
154.81.55.0/24 maxlen: 24
154.81.192.0/24 maxlen: 24
154.81.193.0/24 maxlen: 24
154.81.195.0/24 maxlen: 24
154.81.196.0/24 maxlen: 24
154.81.197.0/24 maxlen: 24
154.81.198.0/24 maxlen: 24
154.81.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100328 (0x187e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 21 14:49:34 2025 GMT
Not After : Jul 31 14:49:34 2025 GMT
Subject: CN=6856c683-b83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:31:1c:13:97:7c:79:da:f6:8d:5e:58:28:06:
02:16:ef:f4:15:b4:19:9e:b2:dc:e3:bb:f0:2f:8d:
de:50:63:92:3f:35:51:f1:b7:df:31:53:61:c6:34:
d9:93:e6:4c:b1:e4:98:25:8e:8a:b8:ee:ab:7e:e0:
12:48:e7:64:72:94:d7:bf:b9:cd:72:8d:d1:8d:b7:
0f:e0:18:ae:d1:65:aa:8a:8a:72:61:ea:f7:a5:7b:
fd:e1:21:85:74:3b:f6:33:5a:d9:f9:7f:c2:09:14:
53:15:07:ed:e4:46:c9:67:61:c6:e3:68:9b:41:0a:
80:62:e3:e7:bb:fe:28:22:6e:b3:ba:b9:66:d8:7c:
7b:3a:a8:99:b1:f4:60:ee:99:7b:93:f8:d3:eb:6e:
5b:de:e5:9d:10:50:25:dc:e8:12:5f:eb:e0:a8:85:
f7:d4:f1:75:2c:03:ef:8c:c9:d3:2d:1d:5f:ea:19:
91:31:8a:ba:91:58:10:3a:fb:a3:3f:f8:8d:91:c4:
66:38:75:f4:6c:25:ea:a3:92:03:f2:06:8d:da:55:
dc:89:b5:33:c4:3f:cb:72:5f:93:f2:8d:72:23:65:
fe:41:27:ce:c2:15:57:10:96:2f:dc:2b:7d:4a:74:
04:0b:05:10:cf:f6:8a:aa:1a:24:99:16:56:22:50:
32:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2C:7A:D4:F7:2E:63:B9:36:BB:26:88:9C:38:16:37:44:7E:32:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F52CA2104EAE11F0990AE199DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.40.0/21
154.81.52.0/22
154.81.192.0/23
154.81.195.0-154.81.199.255
Signature Algorithm: sha256WithRSAEncryption
2a:bd:22:9b:ac:ba:e9:5c:d8:64:7c:0f:f6:ea:54:9f:9e:3b:
f2:fb:10:06:c5:9e:10:77:ed:23:87:c1:de:ca:47:e9:df:a3:
51:98:98:4c:18:6d:6d:64:1c:cf:19:ad:34:52:da:72:78:cb:
6b:99:58:f9:c7:e3:80:29:c6:b2:19:40:f5:14:2a:47:b4:57:
2c:6a:22:43:24:1f:f1:eb:fe:5c:69:70:05:69:04:a0:f5:16:
92:24:d7:f2:b0:c9:29:8a:fc:c6:c5:fa:49:84:51:af:f5:90:
32:65:91:c1:65:51:1e:91:f1:3f:8f:9c:e7:b2:f6:ff:e3:c7:
03:3f:23:2e:17:fa:6d:bf:25:3a:7c:44:c8:ce:ed:6f:e6:eb:
b7:22:07:29:8d:75:26:e6:34:d1:24:35:86:19:3d:87:4a:74:
5d:2b:90:7e:05:e5:87:eb:5c:0d:7a:a2:4e:68:17:07:d7:a6:
11:fa:81:fa:c0:9e:cd:12:66:50:48:8b:48:60:03:35:e2:ed:
a0:87:44:3f:2d:8b:64:01:49:6b:c9:b0:c9:5c:4b:c5:cf:e6:
a5:6c:58:74:40:b5:d2:6a:f9:a2:82:bf:63:c1:cf:af:7b:9d:
bf:24:ea:f0:ee:12:6d:bd:19:83:81:9f:58:73:b4:a4:4a:40:
0b:05:5e:f8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAYfoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIxMTQ0OTM0WhcNMjUwNzMxMTQ0OTM0WjAYMRYw
FAYDVQQDEw02ODU2YzY4My1iODNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzDEcE5d8edr2jV5YKAYCFu/0FbQZnrLc47vwL43eUGOSPzVR8bffMVNh
xjTZk+ZMseSYJY6KuO6rfuASSOdkcpTXv7nNco3RjbcP4Biu0WWqiopyYer3pXv9
4SGFdDv2M1rZ+X/CCRRTFQft5EbJZ2HG42ibQQqAYuPnu/4oIm6zurlm2Hx7OqiZ
sfRg7pl7k/jT625b3uWdEFAl3OgSX+vgqIX31PF1LAPvjMnTLR1f6hmRMYq6kVgQ
OvujP/iNkcRmOHX0bCXqo5ID8gaN2lXcibUzxD/Lcl+T8o1yI2X+QSfOwhVXEJYv
3Ct9SnQECwUQz/aKqhokmRZWIlAyMwIDAQABo4ICvzCCArswHQYDVR0OBBYEFIss
etT3LmO5NrsmiJw4FjdEfjJoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNTJDQTIxMDRFQUUxMUYwOTkwQUUxOTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDmlEoAwQCmlE0AwQBmlHA
MAwDBACaUcMDBAOaUcAwDQYJKoZIhvcNAQELBQADggEBACq9Ipusuulc2GR8D/bq
VJ+eO/L7EAbFnhB37SOHwd7KR+nfo1GYmEwYbW1kHM8ZrTRS2nJ4y2uZWPnH44Ap
xrIZQPUUKke0VyxqIkMkH/Hr/lxpcAVpBKD1FpIk1/KwySmK/MbF+kmEUa/1kDJl
kcFlUR6R8T+PnOey9v/jxwM/Iy4X+m2/JTp8RMjO7W/m67ciBymNdSbmNNEkNYYZ
PYdKdF0rkH4F5YfrXA16ok5oFwfXphH6gfrAns0SZlBIi0hgAzXi7aCHRD8ti2QB
SWvJsMlcS8XP5qVsWHRAtdJq+aKCv2PBz697nb8k6vDuEm29GYOBn1hztKRKQAsF
Xvg=
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:09:05 2025 by rpki-client