Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AE2D0EE5E4311F0AB4A47BEDAE4EC9C.roa
File: 1AE2D0EE5E4311F0AB4A47BEDAE4EC9C.roa (raw, json)
Hash identifier: tV6MoxjINZD98Pad1li4aUJN9WL7iQzb/npkxhlCjBM=
Subject key identifier: 3D:16:E2:55:BD:89:CE:69:D1:C6:E5:29:C8:D4:7E:57:D4:8B:32:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D53
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AE2D0EE5E4311F0AB4A47BEDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 10:37:56 +0000
ROA not before: Fri 11 Jul 2025 10:37:51 +0000
ROA not after: Sat 16 Aug 2025 10:37:51 +0000
asID: 22773
IP address blocks: 154.202.30.0/24 maxlen: 24
154.202.31.0/24 maxlen: 24
154.202.69.0/24 maxlen: 24
154.202.72.0/24 maxlen: 24
154.202.73.0/24 maxlen: 24
154.202.76.0/24 maxlen: 24
154.202.77.0/24 maxlen: 24
154.202.109.0/24 maxlen: 24
154.202.110.0/24 maxlen: 24
154.202.111.0/24 maxlen: 24
154.202.112.0/24 maxlen: 24
154.202.113.0/24 maxlen: 24
154.202.114.0/24 maxlen: 24
154.202.116.0/24 maxlen: 24
154.202.137.0/24 maxlen: 24
154.213.192.0/24 maxlen: 24
154.213.200.0/24 maxlen: 24
154.213.201.0/24 maxlen: 24
154.213.205.0/24 maxlen: 24
154.213.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101715 (0x18d53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 10:37:51 2025 GMT
Not After : Aug 16 10:37:51 2025 GMT
Subject: CN=6870e984-7519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:53:fa:dd:5b:15:d2:67:65:f4:9d:3e:7c:6b:
8f:db:c8:52:c2:8d:61:e5:7e:67:44:2d:64:16:b7:
5a:f1:de:e3:9f:84:e4:92:a1:57:6b:7e:f4:e6:0c:
f9:2d:dc:97:79:c5:cf:7a:39:2a:d0:b6:93:75:f0:
83:43:cf:a4:c3:d9:23:b7:47:50:3f:20:cd:d2:92:
66:04:36:0b:3d:fc:9b:df:13:b4:a4:97:11:21:8f:
ef:c5:21:4d:72:c0:f5:12:92:58:5a:46:d5:25:d6:
2d:64:e1:d9:a1:1d:9b:52:94:80:dd:00:95:c0:6d:
2d:78:39:7e:37:21:1e:0a:d7:a9:f2:06:0f:eb:a9:
96:f9:89:f6:b6:0d:56:30:52:f9:84:0e:e1:9d:24:
da:7a:8d:23:d4:cc:21:82:3c:9e:d0:51:8d:60:f0:
91:1f:d4:e9:c0:e3:cf:21:03:37:b3:b9:44:0a:a0:
f5:75:b4:1a:78:7b:fc:6c:9c:89:67:52:d2:58:52:
85:2f:97:10:38:f4:e8:23:33:d4:29:8c:91:69:a0:
30:ba:21:d5:c6:40:b7:7f:d7:00:ae:09:bd:0e:72:
b1:78:10:c3:81:25:05:7b:cd:fa:fd:77:af:f2:1c:
08:e8:f8:bc:0a:a5:35:5d:ce:99:e1:05:da:36:f9:
7e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:16:E2:55:BD:89:CE:69:D1:C6:E5:29:C8:D4:7E:57:D4:8B:32:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AE2D0EE5E4311F0AB4A47BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.30.0/23
154.202.69.0/24
154.202.72.0/23
154.202.76.0/23
154.202.109.0-154.202.114.255
154.202.116.0/24
154.202.137.0/24
154.213.192.0/24
154.213.200.0/23
154.213.205.0-154.213.206.255
Signature Algorithm: sha256WithRSAEncryption
a5:f5:07:ac:50:5b:ef:a2:ef:cd:c9:7d:02:bd:62:8d:96:69:
1d:1e:13:45:83:73:6b:f1:79:94:c0:7a:92:21:e0:fb:89:c6:
23:79:a3:03:7a:ca:6c:14:1f:08:f9:f6:96:af:67:dd:37:4a:
12:5a:1e:d0:20:03:f2:fd:d4:92:fc:3b:a3:3e:ed:fb:3b:83:
1a:5e:8d:cc:56:d6:d9:58:66:11:7f:3b:42:38:6d:55:bf:5b:
37:d0:91:33:e1:c9:69:ff:25:dc:6e:4f:d2:90:fc:43:8a:8f:
a2:a0:ee:a0:eb:65:59:38:a6:22:a2:76:16:ba:97:5e:89:d4:
c9:4a:73:d7:11:50:aa:f8:40:00:16:4f:f2:09:21:5c:62:41:
e1:33:10:03:aa:69:bb:be:80:ce:82:2d:c5:33:dc:71:76:f2:
fb:56:97:ca:f2:37:2b:61:0f:03:e9:8e:6c:dc:34:97:3d:f3:
8e:1d:77:c6:80:23:17:75:48:76:4b:5a:04:09:7f:97:dc:ef:
41:1a:46:9d:b9:fc:0b:6c:56:3e:88:c3:23:52:c2:54:73:9f:
bf:39:52:13:6d:27:cf:58:bf:93:b1:f0:f5:ad:5a:02:f7:2d:
0c:57:24:0e:8f:1c:67:85:ab:77:51:80:c4:6f:64:59:e5:12:
7d:91:f6:a6
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIDAY1TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTAzNzUxWhcNMjUwODE2MTAzNzUxWjAYMRYw
FAYDVQQDEw02ODcwZTk4NC03NTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz1P63VsV0mdl9J0+fGuP28hSwo1h5X5nRC1kFrda8d7jn4TkkqFXa370
5gz5LdyXecXPejkq0LaTdfCDQ8+kw9kjt0dQPyDN0pJmBDYLPfyb3xO0pJcRIY/v
xSFNcsD1EpJYWkbVJdYtZOHZoR2bUpSA3QCVwG0teDl+NyEeCtep8gYP66mW+Yn2
tg1WMFL5hA7hnSTaeo0j1Mwhgjye0FGNYPCRH9TpwOPPIQM3s7lECqD1dbQaeHv8
bJyJZ1LSWFKFL5cQOPToIzPUKYyRaaAwuiHVxkC3f9cArgm9DnKxeBDDgSUFe836
/Xev8hwI6Pi8CqU1Xc6Z4QXaNvl+xwIDAQABo4IC6zCCAucwHQYDVR0OBBYEFD0W
4lW9ic5p0cblKcjUflfUizL7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUUyRDBFRTVFNDMxMUYwQUI0QTQ3QkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBmsoeAwQAmspFAwQBmspI
AwQBmspMMAwDBACaym0DBACaynIDBACaynQDBACayokDBACa1cADBAGa1cgwDAME
AJrVzQMEAJrVzjANBgkqhkiG9w0BAQsFAAOCAQEApfUHrFBb76Lvzcl9Ar1ijZZp
HR4TRYNza/F5lMB6kiHg+4nGI3mjA3rKbBQfCPn2lq9n3TdKEloe0CAD8v3Ukvw7
oz7t+zuDGl6NzFbW2VhmEX87QjhtVb9bN9CRM+HJaf8l3G5P0pD8Q4qPoqDuoOtl
WTimIqJ2FrqXXonUyUpz1xFQqvhAABZP8gkhXGJB4TMQA6ppu76AzoItxTPccXby
+1aXyvI3K2EPA+mObNw0lz3zjh13xoAjF3VIdktaBAl/l9zvQRpGnbn8C2xWPojD
I1LCVHOfvzlSE20nz1i/k7Hw9a1aAvctDFckDo8cZ4Wrd1GAxG9kWeUSfZH2pg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:46 2025 by rpki-client