Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/441EE0245CA911F0A089D991DAE4EC9C.roa
File: 441EE0245CA911F0A089D991DAE4EC9C.roa (raw, json)
Hash identifier: 740mc6YD3r/OR2ZlVtMF0gA+pknu2XokN4W9zAdKXrE=
Subject key identifier: D4:03:ED:78:25:1B:C5:EA:C1:1E:CA:80:E3:63:33:32:21:87:0A:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C9E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/441EE0245CA911F0A089D991DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 09:44:11 +0000
ROA not before: Wed 09 Jul 2025 09:44:06 +0000
ROA not after: Sat 09 Aug 2025 09:44:06 +0000
asID: 200373
IP address blocks: 154.193.152.0/22 maxlen: 24
154.193.158.0/23 maxlen: 24
154.199.14.0/23 maxlen: 24
154.199.68.0/23 maxlen: 24
154.213.160.0/21 maxlen: 24
154.213.193.0/24 maxlen: 24
154.213.194.0/24 maxlen: 24
154.213.195.0/24 maxlen: 24
154.213.196.0/24 maxlen: 24
154.213.197.0/24 maxlen: 24
154.213.198.0/24 maxlen: 24
154.213.199.0/24 maxlen: 24
154.213.202.0/24 maxlen: 24
154.213.203.0/24 maxlen: 24
154.213.204.0/24 maxlen: 24
154.214.1.0/24 maxlen: 24
154.222.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101534 (0x18c9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 09:44:06 2025 GMT
Not After : Aug 9 09:44:06 2025 GMT
Subject: CN=686e39eb-da25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:14:0d:9a:8f:0a:bb:e3:9f:a2:b4:ce:ce:c7:
16:91:13:bd:93:58:ff:e0:81:c3:46:d3:f5:3a:9b:
cc:f3:8c:ab:e8:be:9d:da:36:c7:89:e9:9e:fe:ff:
d2:fd:d7:8b:fb:af:94:79:04:90:ca:10:07:d2:7f:
5a:fc:6a:a9:1f:f5:cf:26:ab:64:10:92:7b:71:bf:
bb:25:ff:bf:14:b9:e3:b1:cd:e4:2f:49:89:32:a6:
dc:0e:30:a4:5b:58:c4:ca:b4:a3:14:2a:aa:6c:e0:
37:27:99:10:1c:a6:46:6f:73:19:7f:4f:15:91:1d:
02:1f:09:1b:db:46:d4:fc:53:91:bb:4f:3b:1d:6e:
b3:24:e7:99:ce:fe:15:1d:93:73:4a:bd:d3:ea:65:
77:59:15:7e:35:db:dc:b3:26:54:ef:c8:20:66:46:
e8:a9:df:90:41:bf:da:17:2a:fb:c7:c3:49:8c:41:
0a:d4:df:be:cb:08:84:90:dc:5c:b7:14:6b:0e:f1:
a3:68:40:3e:7a:2b:f2:6a:d9:25:6e:c5:9c:64:38:
65:7e:62:c9:8f:0a:d5:2b:7a:57:43:50:c6:be:00:
b8:db:fb:44:3b:92:cd:e9:69:90:72:3a:9b:09:55:
90:b2:6e:c4:7a:cc:00:38:7c:52:ab:29:3a:d0:80:
dd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:03:ED:78:25:1B:C5:EA:C1:1E:CA:80:E3:63:33:32:21:87:0A:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/441EE0245CA911F0A089D991DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.152.0/22
154.193.158.0/23
154.199.14.0/23
154.199.68.0/23
154.213.160.0/21
154.213.193.0-154.213.199.255
154.213.202.0-154.213.204.255
154.214.1.0/24
154.222.132.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:81:bb:ca:18:37:57:84:08:fa:2c:55:0c:db:ff:10:84:b1:
92:e8:21:63:37:5a:ee:db:38:e7:76:78:ff:4e:22:20:68:2b:
be:b5:5d:56:51:4a:b3:b1:ba:ad:01:bc:17:6d:92:c6:bb:3e:
94:43:5b:9b:a6:d6:b3:f7:a5:61:50:01:88:cb:83:b4:bf:2a:
a8:ee:a9:fc:e8:e3:30:c1:89:f3:3f:b4:bd:bb:8d:99:5e:c4:
1e:35:cf:d3:2d:bf:40:92:2b:a9:a0:23:46:19:ac:4d:45:dd:
c1:5b:db:19:26:de:aa:a2:a7:11:a6:c4:41:45:d1:5a:1f:e6:
f7:85:d8:4c:fd:4b:7a:9b:53:4d:b7:7f:3f:c7:92:a5:2e:cb:
a0:fe:7b:05:b8:c9:a4:0c:e5:4a:7c:cb:0f:53:4b:a7:df:76:
44:91:bf:e8:24:01:3b:00:e3:04:63:6a:2c:91:02:59:64:2a:
f5:c7:2e:6e:05:1c:56:8a:12:1a:e8:53:17:af:f6:c5:e1:e9:
37:21:19:d0:dc:2c:65:e1:77:43:7c:26:2a:9f:41:d6:99:20:
1c:97:55:e9:59:6e:ed:66:0e:d9:aa:63:ca:e8:2d:69:bc:73:
71:bd:33:c7:15:67:00:23:60:49:8a:eb:2f:c4:e9:4d:dd:95:
16:e7:34:5c
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIDAYyeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MDk0NDA2WhcNMjUwODA5MDk0NDA2WjAYMRYw
FAYDVQQDEw02ODZlMzllYi1kYTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxRQNmo8Ku+OforTOzscWkRO9k1j/4IHDRtP1OpvM84yr6L6d2jbHieme
/v/S/deL+6+UeQSQyhAH0n9a/GqpH/XPJqtkEJJ7cb+7Jf+/FLnjsc3kL0mJMqbc
DjCkW1jEyrSjFCqqbOA3J5kQHKZGb3MZf08VkR0CHwkb20bU/FORu087HW6zJOeZ
zv4VHZNzSr3T6mV3WRV+NdvcsyZU78ggZkboqd+QQb/aFyr7x8NJjEEK1N++ywiE
kNxctxRrDvGjaEA+eivyatklbsWcZDhlfmLJjwrVK3pXQ1DGvgC42/tEO5LN6WmQ
cjqbCVWQsm7EeswAOHxSqyk60IDdQQIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFNQD
7XglG8XqwR7KgONjMzIhhwqhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDFFRTAyNDVDQTkxMUYwQTA4OUQ5OTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCmsGYAwQBmsGeAwQBmscO
AwQBmsdEAwQDmtWgMAwDBACa1cEDBAOa1cAwDAMEAZrVygMEAJrVzAMEAJrWAQME
AJrehDANBgkqhkiG9w0BAQsFAAOCAQEAo4G7yhg3V4QI+ixVDNv/EISxkughYzda
7ts453Z4/04iIGgrvrVdVlFKs7G6rQG8F22Sxrs+lENbm6bWs/elYVABiMuDtL8q
qO6p/OjjMMGJ8z+0vbuNmV7EHjXP0y2/QJIrqaAjRhmsTUXdwVvbGSbeqqKnEabE
QUXRWh/m94XYTP1LeptTTbd/P8eSpS7LoP57BbjJpAzlSnzLD1NLp992RJG/6CQB
OwDjBGNqLJECWWQq9ccubgUcVooSGuhTF6/2xeHpNyEZ0NwsZeF3Q3wmKp9B1pkg
HJdV6Vlu7WYO2apjyugtabxzcb0zxxVnACNgSYrrL8TpTd2VFuc0XA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:55:55 2025 by rpki-client