Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31A8A60E58F911F0853DFE84DAE4EC9C.roa
File: 31A8A60E58F911F0853DFE84DAE4EC9C.roa (raw, json)
Hash identifier: i0IRLDVwyYFLumIan7rgEpWE95FcBgMPkTfERq8M9HA=
Subject key identifier: D3:0D:A9:0B:55:A1:6E:C0:A5:48:A7:9D:21:01:25:31:BC:B2:7B:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A84
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31A8A60E58F911F0853DFE84DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 17:06:16 +0000
ROA not before: Fri 04 Jul 2025 17:06:11 +0000
ROA not after: Wed 03 Sep 2025 17:06:11 +0000
asID: 18229
IP address blocks: 154.206.23.0/24 maxlen: 24
154.210.177.0/24 maxlen: 24
154.210.178.0/24 maxlen: 24
154.210.179.0/24 maxlen: 24
154.210.180.0/24 maxlen: 24
154.210.181.0/24 maxlen: 24
154.210.183.0/24 maxlen: 24
154.210.184.0/24 maxlen: 24
154.210.185.0/24 maxlen: 24
154.210.190.0/24 maxlen: 24
154.210.204.0/24 maxlen: 24
154.210.205.0/24 maxlen: 24
154.210.206.0/24 maxlen: 24
154.210.207.0/24 maxlen: 24
154.210.208.0/24 maxlen: 24
154.210.209.0/24 maxlen: 24
154.210.210.0/24 maxlen: 24
154.210.211.0/24 maxlen: 24
154.210.212.0/24 maxlen: 24
154.210.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100996 (0x18a84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 17:06:11 2025 GMT
Not After : Sep 3 17:06:11 2025 GMT
Subject: CN=68680a07-1f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:2e:86:fe:29:46:29:47:bd:07:33:59:3c:
22:d0:cb:79:15:d2:77:35:44:a1:91:92:19:49:85:
9b:ca:1a:d2:0e:1c:3d:81:73:a9:5d:0f:f9:52:cf:
82:90:4f:13:b8:e5:25:44:f1:df:5f:06:ec:c1:56:
11:b8:7d:83:6a:db:5b:4a:25:00:f2:23:2a:1f:68:
97:e8:6e:d9:88:9b:73:ca:99:4e:a7:c6:dc:6c:0e:
25:6a:81:ef:02:78:dd:d7:8c:b5:1c:97:cb:b2:07:
7b:b1:a8:72:2a:98:9e:22:d3:0c:67:04:8b:b4:f6:
98:eb:69:3c:75:85:d7:ae:ef:a3:da:23:15:cb:3d:
3b:a7:bc:69:5a:ef:a7:48:38:d5:bb:42:1b:09:79:
81:6e:67:e8:db:58:21:2c:8b:db:03:ec:a0:1d:84:
e7:c4:41:a6:60:c8:17:92:49:c6:b4:1f:e4:f2:19:
fb:15:07:73:dc:da:7d:83:c4:cf:a7:e3:4b:1c:1a:
69:26:16:9b:1b:87:94:80:53:01:0a:7d:88:c3:2b:
e2:34:88:96:fa:10:32:f6:1c:23:df:46:a2:5f:9b:
53:33:63:7b:72:95:b9:9c:8c:ab:92:25:8c:74:ef:
2e:ca:15:5b:c3:10:9a:82:e7:2a:5e:fd:1f:f6:52:
1a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0D:A9:0B:55:A1:6E:C0:A5:48:A7:9D:21:01:25:31:BC:B2:7B:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31A8A60E58F911F0853DFE84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.23.0/24
154.210.177.0-154.210.181.255
154.210.183.0-154.210.185.255
154.210.190.0/24
154.210.204.0-154.210.212.255
154.210.215.0/24
Signature Algorithm: sha256WithRSAEncryption
33:ba:18:cb:91:98:08:33:f0:51:92:08:84:84:40:14:dd:46:
70:ed:d6:5e:60:91:9c:07:eb:cb:a3:ff:c6:1d:43:15:db:48:
1c:19:d6:c5:26:81:7c:4a:12:a5:a7:de:53:81:de:24:f2:9b:
40:a3:74:0f:96:de:4f:5e:af:46:05:cc:88:b3:3b:d9:6e:f9:
5a:83:5b:3a:7e:80:8a:e6:ff:51:fb:0a:a6:21:32:ce:ba:43:
2c:75:60:57:d4:30:46:ae:b8:66:e5:2d:3c:44:7f:b5:ba:a0:
29:f7:a0:32:75:ca:9d:0b:15:0b:34:5a:92:35:bc:46:35:09:
00:e1:84:3a:89:90:a7:77:dc:26:f4:06:23:f2:6a:99:3b:14:
f8:46:fb:fe:6f:ee:21:af:89:b9:a2:cf:c4:d4:49:35:f0:6d:
67:2b:c3:20:a2:cc:4b:93:da:e3:5f:d2:3e:32:dc:04:6f:47:
c4:c7:a7:35:fd:28:f1:cd:69:93:0e:a9:cf:de:2c:52:1d:63:
c3:87:57:07:60:58:38:04:62:35:35:69:5c:60:c6:42:22:07:
d3:47:b3:52:12:fd:2b:7b:4f:af:72:d4:bd:6b:0a:53:e0:65:
23:92:c9:2a:89:7e:94:14:23:04:aa:d4:1d:46:e8:24:22:39:
9b:de:13:99
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAYqEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTcwNjExWhcNMjUwOTAzMTcwNjExWjAYMRYw
FAYDVQQDEw02ODY4MGEwNy0xZjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0eYuhv4pRilHvQczWTwi0Mt5FdJ3NUShkZIZSYWbyhrSDhw9gXOpXQ/5
Us+CkE8TuOUlRPHfXwbswVYRuH2DattbSiUA8iMqH2iX6G7ZiJtzyplOp8bcbA4l
aoHvAnjd14y1HJfLsgd7sahyKpieItMMZwSLtPaY62k8dYXXru+j2iMVyz07p7xp
Wu+nSDjVu0IbCXmBbmfo21ghLIvbA+ygHYTnxEGmYMgXkknGtB/k8hn7FQdz3Np9
g8TPp+NLHBppJhabG4eUgFMBCn2IwyviNIiW+hAy9hwj30aiX5tTM2N7cpW5nIyr
kiWMdO8uyhVbwxCagucqXv0f9lIa6wIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFNMN
qQtVoW7ApUinnSEBJTG8snupMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMUE4QTYwRTU4RjkxMUYwODUzREZFODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAms4XMAwDBACa0rEDBAGa
0rQwDAMEAJrStwMEAZrSuAMEAJrSvjAMAwQCmtLMAwQAmtLUAwQAmtLXMA0GCSqG
SIb3DQEBCwUAA4IBAQAzuhjLkZgIM/BRkgiEhEAU3UZw7dZeYJGcB+vLo//GHUMV
20gcGdbFJoF8ShKlp95Tgd4k8ptAo3QPlt5PXq9GBcyIszvZbvlag1s6foCK5v9R
+wqmITLOukMsdWBX1DBGrrhm5S08RH+1uqAp96AydcqdCxULNFqSNbxGNQkA4YQ6
iZCnd9wm9AYj8mqZOxT4Rvv+b+4hr4m5os/E1Ek18G1nK8MgosxLk9rjX9I+MtwE
b0fEx6c1/SjxzWmTDqnP3ixSHWPDh1cHYFg4BGI1NWlcYMZCIgfTR7NSEv0re0+v
ctS9awpT4GUjkskqiX6UFCMEqtQdRugkIjmb3hOZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:58 2025 by rpki-client