Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AB6BA60513411F0A6D5B4F1DAE4EC9C.roa
File: 2AB6BA60513411F0A6D5B4F1DAE4EC9C.roa (raw, json)
Hash identifier: tLt85JrmR3swhwbRTe/gG9XFyhBlko9U+KpjdYJXQHs=
Subject key identifier: BE:17:64:E0:50:1E:B3:1E:D1:18:44:3F:61:6B:3A:80:2F:E5:66:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0188A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AB6BA60513411F0A6D5B4F1DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 19:48:15 +0000
ROA not before: Tue 24 Jun 2025 19:48:10 +0000
ROA not after: Sat 09 Aug 2025 19:48:10 +0000
asID: 138915
IP address blocks: 154.90.32.0/23 maxlen: 24
154.90.34.0/23 maxlen: 24
154.90.36.0/23 maxlen: 24
154.90.38.0/23 maxlen: 24
154.90.40.0/23 maxlen: 24
154.90.42.0/23 maxlen: 24
154.90.48.0/23 maxlen: 24
154.90.52.0/23 maxlen: 24
154.90.54.0/23 maxlen: 24
154.90.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100520 (0x188a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 19:48:10 2025 GMT
Not After : Aug 9 19:48:10 2025 GMT
Subject: CN=685b00ff-dbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fd:d8:ad:e1:d9:bc:a7:54:a6:b5:8c:e2:1a:
12:cf:bc:e2:c0:c7:2b:a2:61:47:90:c0:6b:30:ba:
e1:12:52:54:09:c7:ef:fe:64:ed:1a:89:a0:95:f0:
5e:4b:86:40:16:38:e1:c8:21:79:45:03:d5:f5:9c:
ef:d8:f4:c9:14:cc:d9:10:39:79:1b:b1:c6:e7:a4:
b4:b7:37:82:70:4b:1c:5a:c7:74:9e:a0:e5:43:dd:
ba:69:6b:d8:5f:99:5a:2a:68:1d:b3:41:38:0b:a6:
7b:bf:4f:b7:4d:40:60:78:07:c8:c1:8b:bf:50:40:
4c:6d:8a:98:39:a2:c6:fe:7d:e9:85:19:56:b9:0f:
c3:a0:4b:b3:4a:2d:a1:b1:c8:e2:3d:64:da:58:5d:
5c:c3:e7:27:28:d6:97:d0:83:77:7c:d5:77:03:98:
34:e1:b7:28:2d:26:b0:56:43:c7:a4:68:22:d4:b9:
47:08:1f:fb:bf:bd:48:36:eb:df:e2:d0:30:f7:79:
b0:56:e1:99:5c:22:d5:74:66:db:4b:fb:e9:c8:12:
60:16:3d:7c:8c:19:52:4d:f7:5f:17:96:8a:0e:36:
ea:2f:c4:5b:1b:7c:e8:2a:39:97:26:c5:7c:25:7c:
c9:ea:0a:fc:6c:1c:48:97:8d:96:bd:2b:0e:3b:df:
ba:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:17:64:E0:50:1E:B3:1E:D1:18:44:3F:61:6B:3A:80:2F:E5:66:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AB6BA60513411F0A6D5B4F1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.32.0-154.90.43.255
154.90.48.0/23
154.90.52.0-154.90.57.255
Signature Algorithm: sha256WithRSAEncryption
5d:0c:cf:e8:c6:3c:40:49:98:fe:98:bb:cf:70:6b:05:b6:fa:
1c:76:eb:f4:9a:7a:7a:63:0b:0a:bf:25:ad:95:5d:ae:38:b9:
5b:1d:4b:4f:00:01:0c:87:5b:38:73:c9:30:d3:a1:b8:a6:ac:
fa:f8:0d:80:67:46:e5:64:8a:e4:e1:82:51:1e:7a:7a:b3:5d:
cc:4a:f7:15:c0:9f:b8:d4:58:e8:32:08:e3:6e:87:0c:06:bb:
a3:26:41:cc:da:fe:2a:29:0b:af:be:9d:af:6c:e1:34:9c:99:
6c:b6:0b:ca:3e:f4:71:bb:15:47:b2:b3:10:6a:f7:4d:5e:ec:
bc:11:dc:71:b1:65:7a:aa:16:16:7a:43:3b:9d:03:42:0a:ac:
7e:f9:a6:18:a5:f1:2f:8a:36:66:12:d7:9c:16:72:d4:45:f6:
1e:90:cd:a0:1c:68:d6:5a:09:61:85:3a:51:92:8b:79:35:89:
72:4d:81:ad:9a:73:5e:6b:7a:da:14:3d:d5:fb:fa:c0:3c:5e:
f3:22:65:1a:c8:cf:c7:79:43:ba:65:0a:b0:6c:04:fb:9b:88:
44:65:9c:05:8c:07:a2:ce:ef:e5:33:f9:b0:6a:19:19:20:bf:
c0:42:05:b5:4b:0c:61:71:4e:23:44:a9:e6:77:9e:40:3e:50:
16:51:77:2c
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAYioMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTk0ODEwWhcNMjUwODA5MTk0ODEwWjAYMRYw
FAYDVQQDEw02ODViMDBmZi1kYmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2P3YreHZvKdUprWM4hoSz7ziwMcromFHkMBrMLrhElJUCcfv/mTtGomg
lfBeS4ZAFjjhyCF5RQPV9Zzv2PTJFMzZEDl5G7HG56S0tzeCcEscWsd0nqDlQ926
aWvYX5laKmgds0E4C6Z7v0+3TUBgeAfIwYu/UEBMbYqYOaLG/n3phRlWuQ/DoEuz
Si2hscjiPWTaWF1cw+cnKNaX0IN3fNV3A5g04bcoLSawVkPHpGgi1LlHCB/7v71I
Nuvf4tAw93mwVuGZXCLVdGbbS/vpyBJgFj18jBlSTfdfF5aKDjbqL8RbG3zoKjmX
JsV8JXzJ6gr8bBxIl42WvSsOO9+6KQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFL4X
ZOBQHrMe0RhEP2FrOoAv5WbQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQUI2QkE2MDUxMzQxMUYwQTZENUI0RjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAWaWiADBAKaWigDBAGa
WjAwDAMEAppaNAMEAZpaODANBgkqhkiG9w0BAQsFAAOCAQEAXQzP6MY8QEmY/pi7
z3BrBbb6HHbr9Jp6emMLCr8lrZVdrji5Wx1LTwABDIdbOHPJMNOhuKas+vgNgGdG
5WSK5OGCUR56erNdzEr3FcCfuNRY6DII426HDAa7oyZBzNr+KikLr76dr2zhNJyZ
bLYLyj70cbsVR7KzEGr3TV7svBHccbFleqoWFnpDO50DQgqsfvmmGKXxL4o2ZhLX
nBZy1EX2HpDNoBxo1loJYYU6UZKLeTWJck2BrZpzXmt62hQ91fv6wDxe8yJlGsjP
x3lDumUKsGwE+5uIRGWcBYwHos7v5TP5sGoZGSC/wEIFtUsMYXFOI0Sp5neeQD5Q
FlF3LA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:45:35 2025 by rpki-client