Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01C38DF65CB311F0AB4E41D0DAE4EC9C.roa
File: 01C38DF65CB311F0AB4E41D0DAE4EC9C.roa (raw, json)
Hash identifier: chz85byIlj/kAxZ0frwSMH1r94xDofHzpPFxRnhh0SA=
Subject key identifier: 6A:7A:26:D5:5F:A7:CC:1C:45:AA:13:1E:80:E4:38:88:88:F5:72:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CB5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01C38DF65CB311F0AB4E41D0DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 10:53:55 +0000
ROA not before: Wed 09 Jul 2025 10:53:50 +0000
ROA not after: Wed 06 Aug 2025 10:53:50 +0000
asID: 45194
IP address blocks: 154.84.212.0/24 maxlen: 24
154.84.213.0/24 maxlen: 24
154.84.214.0/24 maxlen: 24
154.84.215.0/24 maxlen: 24
154.84.216.0/24 maxlen: 24
154.84.217.0/24 maxlen: 24
154.84.218.0/24 maxlen: 24
154.84.219.0/24 maxlen: 24
154.84.220.0/24 maxlen: 24
154.84.221.0/24 maxlen: 24
154.84.222.0/24 maxlen: 24
154.84.223.0/24 maxlen: 24
154.84.224.0/24 maxlen: 24
154.84.249.0/24 maxlen: 24
154.84.250.0/24 maxlen: 24
154.84.251.0/24 maxlen: 24
154.84.252.0/24 maxlen: 24
154.84.253.0/24 maxlen: 24
154.84.254.0/24 maxlen: 24
154.84.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101557 (0x18cb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 10:53:50 2025 GMT
Not After : Aug 6 10:53:50 2025 GMT
Subject: CN=686e4a43-4c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:09:15:8d:ce:4e:4a:4f:52:49:ac:29:c2:75:
af:96:6d:e1:9c:39:ee:7f:95:95:fe:dc:86:3a:03:
40:93:e8:b9:d4:7b:c4:07:6a:2a:79:b7:a1:92:d2:
3e:44:9f:38:a6:5e:d5:b4:21:03:8c:57:60:44:26:
5f:c8:d1:40:b0:c9:0c:83:40:1d:e0:b1:56:44:02:
9e:fe:76:a4:77:01:eb:07:08:52:c7:98:6a:89:78:
4a:e9:31:35:1c:28:3e:42:e5:cd:33:12:bb:6c:d5:
99:aa:a3:96:ba:26:83:7f:18:9a:fa:7c:63:27:0b:
be:08:fc:2a:45:14:f5:69:2d:4e:67:3a:0b:2e:3c:
bb:bf:61:b8:49:e5:65:91:0b:be:0d:45:20:ca:fb:
d1:af:ad:21:56:d7:da:36:03:40:28:a7:b0:99:4e:
89:55:07:00:93:ca:8c:eb:aa:75:52:ed:e5:f6:67:
ff:4a:6b:49:c0:f1:26:b4:d8:6e:f3:79:31:da:4c:
43:38:d6:93:7e:19:58:e0:ff:63:58:25:a1:66:43:
09:8d:37:bc:68:06:4b:76:62:49:9b:aa:47:ba:00:
9e:35:81:d1:28:89:db:0c:ac:54:64:60:d6:a8:76:
cf:3e:29:99:7d:63:e0:73:f6:da:84:62:96:19:98:
f7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7A:26:D5:5F:A7:CC:1C:45:AA:13:1E:80:E4:38:88:88:F5:72:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01C38DF65CB311F0AB4E41D0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.212.0-154.84.224.255
154.84.249.0-154.84.255.255
Signature Algorithm: sha256WithRSAEncryption
93:d6:22:11:51:e5:0d:16:5d:bb:d0:9f:51:5a:57:33:a8:f0:
72:9b:92:8f:db:9c:c9:b1:92:e9:d0:fb:b1:87:94:7b:1f:d7:
d8:43:f6:63:84:45:3b:5a:28:8c:46:81:2a:b7:a7:ca:be:06:
0b:72:4e:1a:79:75:e9:99:05:a6:9d:83:0f:85:80:93:0a:98:
d1:76:5e:11:20:88:54:a9:a2:1d:7c:25:e5:5b:f7:25:91:e8:
8d:9d:7d:5c:1d:ef:9a:78:f6:be:8c:13:e4:df:f6:16:e1:46:
b7:1c:ca:1b:fb:2e:ca:9d:36:75:37:9a:19:a4:14:c7:b3:9e:
e4:d6:cb:fa:85:24:26:df:05:02:1e:0b:18:f4:9e:00:ce:4c:
f2:a9:fc:f1:51:21:1c:70:c4:04:ea:db:ee:7c:7f:34:d9:a8:
6a:0d:ae:81:df:8f:db:65:d1:73:3a:d0:81:07:93:ea:8e:ae:
1e:54:d6:23:63:ae:27:c9:58:a9:37:71:d3:9d:71:e6:da:2d:
22:1c:60:85:81:f6:ab:f7:cb:2e:5d:e6:ef:1e:5b:0b:6e:11:
18:8d:c8:a8:3a:e1:13:a8:91:68:11:fa:37:17:62:b8:a9:8a:
90:f4:71:1d:13:9f:b0:20:1c:61:70:d7:03:86:83:72:cb:70:
db:24:ec:52
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAYy1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTA1MzUwWhcNMjUwODA2MTA1MzUwWjAYMRYw
FAYDVQQDEw02ODZlNGE0My00YzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwkVjc5OSk9SSawpwnWvlm3hnDnuf5WV/tyGOgNAk+i51HvEB2oqebeh
ktI+RJ84pl7VtCEDjFdgRCZfyNFAsMkMg0Ad4LFWRAKe/nakdwHrBwhSx5hqiXhK
6TE1HCg+QuXNMxK7bNWZqqOWuiaDfxia+nxjJwu+CPwqRRT1aS1OZzoLLjy7v2G4
SeVlkQu+DUUgyvvRr60hVtfaNgNAKKewmU6JVQcAk8qM66p1Uu3l9mf/SmtJwPEm
tNhu83kx2kxDONaTfhlY4P9jWCWhZkMJjTe8aAZLdmJJm6pHugCeNYHRKInbDKxU
ZGDWqHbPPimZfWPgc/bahGKWGZj3wwIDAQABo4ICujCCArYwHQYDVR0OBBYEFGp6
JtVfp8wcRaoTHoDkOIiI9XLiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMUMzOERGNjVDQjMxMUYwQUI0RTQxRDBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAwDBAKaVNQDBACaVOAwCwME
AJpU+QMDAJpUMA0GCSqGSIb3DQEBCwUAA4IBAQCT1iIRUeUNFl270J9RWlczqPBy
m5KP25zJsZLp0Puxh5R7H9fYQ/ZjhEU7WiiMRoEqt6fKvgYLck4aeXXpmQWmnYMP
hYCTCpjRdl4RIIhUqaIdfCXlW/clkeiNnX1cHe+aePa+jBPk3/YW4Ua3HMob+y7K
nTZ1N5oZpBTHs57k1sv6hSQm3wUCHgsY9J4AzkzyqfzxUSEccMQE6tvufH802ahq
Da6B34/bZdFzOtCBB5Pqjq4eVNYjY64nyVipN3HTnXHm2i0iHGCFgfar98suXebv
HlsLbhEYjcioOuETqJFoEfo3F2K4qYqQ9HEdE5+wIBxhcNcDhoNyy3DbJOxS
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:07 2025 by rpki-client