Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3961FD4E630F11F0909EDB97DAE4EC9C.roa
File: 3961FD4E630F11F0909EDB97DAE4EC9C.roa (raw, json)
Hash identifier: +Vne9p7gwZjTbhOU3ujTPKzfOSE+61ONWQGpJM+3j7w=
Subject key identifier: A3:70:DA:FD:71:9B:57:76:DA:9B:FA:2A:A1:77:37:E4:CB:08:C4:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E36
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3961FD4E630F11F0909EDB97DAE4EC9C.roa
Signing time: Thu 17 Jul 2025 13:09:09 +0000
ROA not before: Thu 17 Jul 2025 13:09:04 +0000
ROA not after: Sat 30 Aug 2025 13:09:04 +0000
asID: 62240
IP address blocks: 154.194.80.0/24 maxlen: 24
154.194.81.0/24 maxlen: 24
154.194.83.0/24 maxlen: 24
154.194.84.0/24 maxlen: 24
154.194.85.0/24 maxlen: 24
154.194.118.0/24 maxlen: 24
154.195.121.0/24 maxlen: 24
154.195.122.0/24 maxlen: 24
154.195.123.0/24 maxlen: 24
154.195.125.0/24 maxlen: 24
154.195.127.0/24 maxlen: 24
154.195.128.0/24 maxlen: 24
154.195.129.0/24 maxlen: 24
154.195.130.0/24 maxlen: 24
154.195.131.0/24 maxlen: 24
154.195.132.0/24 maxlen: 24
154.195.133.0/24 maxlen: 24
154.195.134.0/24 maxlen: 24
154.195.135.0/24 maxlen: 24
154.196.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101942 (0x18e36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 13:09:04 2025 GMT
Not After : Aug 30 13:09:04 2025 GMT
Subject: CN=6878f5f5-9613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:8d:94:ae:5e:be:ad:58:02:6e:30:31:20:
c8:01:6b:7f:b4:ab:71:e2:38:e2:52:4e:4a:03:9f:
e2:1b:20:48:b8:7b:09:49:30:57:00:26:47:d3:69:
b4:61:20:b2:cf:d3:bd:14:00:f6:9f:31:5c:8f:7b:
c9:81:55:6f:6b:d0:3d:75:8f:10:a8:41:db:58:a5:
e5:77:c2:04:8e:b9:6c:42:95:81:4e:21:24:7e:19:
15:a7:c1:c5:25:a8:fc:27:56:cc:85:90:45:fe:ad:
5c:2e:5b:89:a1:09:38:16:3b:ee:65:99:63:00:9d:
72:23:e4:12:42:9a:0c:46:d8:24:2e:ee:64:cb:9b:
7b:24:af:8c:c3:d2:8a:85:b4:69:0d:bd:a8:92:9a:
9d:10:96:ac:f0:63:db:3d:bd:c4:51:68:08:63:66:
9f:b5:a6:81:23:ca:a4:23:d7:97:1a:6f:1e:15:50:
eb:42:93:f4:d3:31:ff:21:c8:78:09:d4:fc:74:62:
74:23:bf:34:67:47:05:23:0c:94:1e:e0:64:a6:9f:
8f:65:49:21:b5:39:78:62:95:b5:0d:b4:52:47:7f:
4e:dd:4d:5d:15:31:4a:82:3f:c3:4e:da:03:19:f8:
d8:4d:ff:1c:f1:db:08:62:90:9c:ee:50:47:7b:73:
fb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:70:DA:FD:71:9B:57:76:DA:9B:FA:2A:A1:77:37:E4:CB:08:C4:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3961FD4E630F11F0909EDB97DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.80.0/23
154.194.83.0-154.194.85.255
154.194.118.0/24
154.195.121.0-154.195.123.255
154.195.125.0/24
154.195.127.0-154.195.135.255
154.196.88.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0e:8a:d5:b3:07:6a:b1:d2:58:46:50:93:58:2c:42:d1:9f:
56:32:27:e4:1f:24:e8:ef:c1:01:47:aa:53:68:b6:2c:c7:89:
e2:b7:82:53:d9:2d:77:bb:7b:1b:75:32:d9:0c:de:ff:ae:d6:
7b:de:95:7d:78:58:22:bc:06:63:43:2b:5b:4e:78:ab:11:f7:
8f:38:55:4b:53:63:60:68:f8:2f:19:da:da:46:e1:1a:99:6c:
2e:4b:1e:49:13:8d:6b:fb:4a:58:d3:65:e0:56:42:bd:df:00:
56:fb:23:8b:d8:d4:78:a9:2f:76:ca:94:9b:aa:ad:36:bb:dd:
d6:a6:3a:46:6b:c5:7b:61:c4:24:6c:e1:19:0d:c2:21:79:ac:
e5:60:06:d6:5c:88:85:cd:a1:53:f2:10:a0:de:b7:0b:e5:e5:
63:88:82:e6:15:cf:d5:e7:1c:c7:f6:1c:12:89:25:2e:f1:a7:
5c:0a:c8:55:22:c3:ef:1c:bf:e2:30:65:54:ef:8b:b1:9a:de:
ca:33:ca:ea:9e:2e:8b:7d:2f:4b:af:51:22:13:05:bf:b5:ec:
97:27:34:09:7b:86:52:45:0c:90:d9:28:41:0d:fc:1d:d6:e9:
b1:c3:a0:93:1d:66:8f:1f:a1:15:37:75:2a:ec:10:d6:11:48:
53:9f:38:13
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAY42MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTMwOTA0WhcNMjUwODMwMTMwOTA0WjAYMRYw
FAYDVQQDEw02ODc4ZjVmNS05NjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvLSNlK5evq1YAm4wMSDIAWt/tKtx4jjiUk5KA5/iGyBIuHsJSTBXACZH
02m0YSCyz9O9FAD2nzFcj3vJgVVva9A9dY8QqEHbWKXld8IEjrlsQpWBTiEkfhkV
p8HFJaj8J1bMhZBF/q1cLluJoQk4FjvuZZljAJ1yI+QSQpoMRtgkLu5ky5t7JK+M
w9KKhbRpDb2okpqdEJas8GPbPb3EUWgIY2aftaaBI8qkI9eXGm8eFVDrQpP00zH/
Ich4CdT8dGJ0I780Z0cFIwyUHuBkpp+PZUkhtTl4YpW1DbRSR39O3U1dFTFKgj/D
TtoDGfjYTf8c8dsIYpCc7lBHe3P7QwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFKNw
2v1xm1d22pv6KqF3N+TLCMSAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOTYxRkQ0RTYzMEYxMUYwOTA5RURCOTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBmsJQMAwDBACawlMDBAGa
wlQDBACawnYwDAMEAJrDeQMEAprDeAMEAJrDfTAMAwQAmsN/AwQDmsOAAwQAmsRY
MA0GCSqGSIb3DQEBCwUAA4IBAQA4DorVswdqsdJYRlCTWCxC0Z9WMifkHyTo78EB
R6pTaLYsx4nit4JT2S13u3sbdTLZDN7/rtZ73pV9eFgivAZjQytbTnirEfePOFVL
U2NgaPgvGdraRuEamWwuSx5JE41r+0pY02XgVkK93wBW+yOL2NR4qS92ypSbqq02
u93WpjpGa8V7YcQkbOEZDcIheazlYAbWXIiFzaFT8hCg3rcL5eVjiILmFc/V5xzH
9hwSiSUu8adcCshVIsPvHL/iMGVU74uxmt7KM8rqni6LfS9Lr1EiEwW/teyXJzQJ
e4ZSRQyQ2ShBDfwd1umxw6CTHWaPH6EVN3Uq7BDWEUhTnzgT
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:44 2025 by rpki-client