Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44C5733A512311F093960A88DAE4EC9C.roa
File: 44C5733A512311F093960A88DAE4EC9C.roa (raw, json)
Hash identifier: 8W9sCpSFJ5ZNOkwJSOdchrwXE+adDCCt3HLfjcFdJaU=
Subject key identifier: 96:25:BB:87:2F:DE:5E:17:AE:CB:60:F2:10:32:E5:94:06:22:19:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018884
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44C5733A512311F093960A88DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 17:47:17 +0000
ROA not before: Tue 24 Jun 2025 17:47:12 +0000
ROA not after: Sat 09 Aug 2025 17:47:12 +0000
asID: 138915
IP address blocks: 154.223.46.0/24 maxlen: 24
154.223.47.0/24 maxlen: 24
154.223.48.0/24 maxlen: 24
154.223.49.0/24 maxlen: 24
154.223.51.0/24 maxlen: 24
154.223.52.0/23 maxlen: 24
154.223.54.0/23 maxlen: 24
154.223.56.0/23 maxlen: 24
154.223.58.0/23 maxlen: 24
154.223.60.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100484 (0x18884)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 17:47:12 2025 GMT
Not After : Aug 9 17:47:12 2025 GMT
Subject: CN=685ae4a5-141d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:db:f1:09:0f:2c:d9:48:ac:55:98:84:f4:18:
d8:b6:46:82:c9:22:81:35:44:bf:2e:59:f6:78:f8:
de:2e:76:13:e0:50:97:0d:8b:89:7c:43:7f:2a:e7:
5b:86:c1:a7:2b:2b:62:cd:1b:d2:48:31:95:10:09:
e3:d5:be:54:30:18:20:98:e1:b3:ee:a0:7c:66:82:
f7:05:46:6b:47:1c:f2:38:03:a2:92:2d:49:3b:9d:
72:26:53:c1:05:8e:96:a3:bd:26:21:95:59:da:bb:
15:93:60:7c:83:dd:02:15:d3:37:f8:b3:1b:fa:7d:
7d:72:51:31:1d:2f:13:6c:dc:d0:94:0d:23:e0:5c:
73:d2:c4:8f:75:00:07:08:4a:6c:00:9a:ce:90:a4:
1c:ed:76:3c:0b:75:66:09:cc:ef:3f:7e:f6:6b:cf:
59:c8:a9:71:c7:86:ad:f7:ca:41:a0:45:d2:22:c5:
bc:d9:7f:27:90:a8:eb:a2:9a:1c:be:4f:bb:59:7e:
a7:be:24:e8:76:6f:6f:89:e5:f1:1a:33:7c:bb:27:
9b:54:18:5d:0f:20:70:ee:af:0e:b2:f7:de:51:d6:
e3:06:86:3d:0e:6a:5c:ba:8e:65:15:a7:20:82:cf:
bc:00:e3:89:51:b7:92:af:32:28:5a:64:23:b6:c2:
81:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:25:BB:87:2F:DE:5E:17:AE:CB:60:F2:10:32:E5:94:06:22:19:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44C5733A512311F093960A88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.46.0-154.223.49.255
154.223.51.0-154.223.61.255
Signature Algorithm: sha256WithRSAEncryption
30:53:89:86:6c:c6:79:74:42:32:86:1d:b0:78:5e:13:e9:94:
43:0e:22:eb:95:eb:df:6e:6e:27:14:13:2d:df:cc:49:41:7f:
e5:31:57:ce:7b:c7:0f:ba:67:de:d2:61:36:7f:5d:65:43:32:
ff:8f:1c:a4:cd:81:a6:e2:45:ea:a4:39:28:af:32:ea:98:ba:
e3:c3:7c:2c:04:d6:8f:55:d9:d2:40:4e:5b:96:23:22:3b:67:
d8:9d:31:7a:e5:49:a3:59:59:a7:d7:1b:ec:c4:6c:d3:ae:1a:
6c:d7:bb:35:72:4c:db:66:78:75:f4:88:ca:24:ee:25:fe:27:
11:ac:cb:bd:65:39:a9:c3:3f:fc:95:2d:56:1c:5c:0b:a1:ab:
ec:c3:9b:57:96:95:51:7e:fd:55:cb:ff:45:f5:04:ed:7e:95:
5f:c2:f9:76:57:fd:95:5b:44:82:1b:e8:67:ac:41:5b:5c:f5:
50:14:24:b4:92:30:c0:95:09:38:0e:8a:58:fb:b5:1c:ad:39:
af:48:8c:ef:f5:a7:cc:b3:3c:bf:bf:ae:21:ca:95:bb:e4:63:
fb:66:d9:09:89:aa:d4:50:09:e2:97:20:cc:04:67:b2:84:e2:
23:a9:47:ab:36:24:92:bc:3f:99:dc:b5:93:c6:f8:8b:3d:ee:
d0:9d:05:68
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAYiEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTc0NzEyWhcNMjUwODA5MTc0NzEyWjAYMRYw
FAYDVQQDEw02ODVhZTRhNS0xNDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1NvxCQ8s2UisVZiE9BjYtkaCySKBNUS/Lln2ePjeLnYT4FCXDYuJfEN/
KudbhsGnKytizRvSSDGVEAnj1b5UMBggmOGz7qB8ZoL3BUZrRxzyOAOiki1JO51y
JlPBBY6Wo70mIZVZ2rsVk2B8g90CFdM3+LMb+n19clExHS8TbNzQlA0j4Fxz0sSP
dQAHCEpsAJrOkKQc7XY8C3VmCczvP372a89ZyKlxx4at98pBoEXSIsW82X8nkKjr
opocvk+7WX6nviTodm9vieXxGjN8uyebVBhdDyBw7q8OsvfeUdbjBoY9Dmpcuo5l
Facggs+8AOOJUbeSrzIoWmQjtsKBWQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFJYl
u4cv3l4Xrstg8hAy5ZQGIhlFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NEM1NzMzQTUxMjMxMUYwOTM5NjBBODhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAGa3y4DBAGa3zAwDAME
AJrfMwMEAZrfPDANBgkqhkiG9w0BAQsFAAOCAQEAMFOJhmzGeXRCMoYdsHheE+mU
Qw4i65Xr325uJxQTLd/MSUF/5TFXznvHD7pn3tJhNn9dZUMy/48cpM2BpuJF6qQ5
KK8y6pi648N8LATWj1XZ0kBOW5YjIjtn2J0xeuVJo1lZp9cb7MRs064abNe7NXJM
22Z4dfSIyiTuJf4nEazLvWU5qcM//JUtVhxcC6Gr7MObV5aVUX79Vcv/RfUE7X6V
X8L5dlf9lVtEghvoZ6xBW1z1UBQktJIwwJUJOA6KWPu1HK05r0iM7/WnzLM8v7+u
IcqVu+Rj+2bZCYmq1FAJ4pcgzARnsoTiI6lHqzYkkrw/mdy1k8b4iz3u0J0FaA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:27:48 2025 by rpki-client