Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/554018B0591011F0B8F62498DAE4EC9C.roa
File: 554018B0591011F0B8F62498DAE4EC9C.roa (raw, json)
Hash identifier: C8U1ZsZ41JL8vTTDaopKDmXODdzWgZXw5EE1vID5jIE=
Subject key identifier: 02:92:1E:34:21:6A:55:D9:B9:D2:49:23:96:D6:30:06:C7:40:45:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AA8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/554018B0591011F0B8F62498DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 19:51:54 +0000
ROA not before: Fri 04 Jul 2025 19:51:49 +0000
ROA not after: Wed 10 Sep 2025 19:51:49 +0000
asID: 395793
IP address blocks: 154.196.208.0/24 maxlen: 24
154.196.209.0/24 maxlen: 24
154.196.210.0/24 maxlen: 24
154.196.211.0/24 maxlen: 24
154.196.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101032 (0x18aa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 19:51:49 2025 GMT
Not After : Sep 10 19:51:49 2025 GMT
Subject: CN=686830da-8a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6e:89:e3:5b:95:98:c5:b4:12:ba:26:81:00:
10:6e:e4:3c:4a:af:08:90:61:87:c1:28:79:e0:c5:
ca:9f:4e:4e:fe:26:1b:43:ed:46:34:a1:9a:ed:6a:
b0:ee:64:68:a3:d6:57:53:1a:a0:ed:04:33:d1:11:
e4:b3:e3:5e:4a:88:91:94:d7:f2:b2:0a:f0:71:96:
26:91:2d:71:9c:13:a0:a5:2e:97:fa:60:1b:04:09:
75:1c:29:9a:db:ba:a4:99:23:85:e2:0f:d6:20:c7:
06:ed:79:a7:17:a9:64:6f:87:0a:d3:40:fc:a7:1c:
83:c5:39:6b:fe:56:49:cd:d2:57:48:95:a6:5f:64:
ca:a4:80:db:a7:bd:8e:08:ad:72:80:db:2b:1a:a9:
fb:85:ba:4b:f4:ed:22:c1:c5:ec:7b:54:79:e7:65:
83:75:e4:9c:eb:dc:c6:e8:cd:a1:cd:1e:d7:ad:10:
7c:58:80:c1:4a:ad:1f:c0:fb:b0:74:46:05:97:94:
09:5c:fe:e2:8f:be:0e:43:a5:54:16:1d:1b:c9:c7:
7d:7a:a0:d7:5f:ab:dc:01:2f:d8:25:b2:26:69:dd:
4c:92:9c:79:3c:08:24:46:dd:3f:f9:65:18:a8:03:
f1:ba:6c:b3:db:9b:a7:bc:63:15:c0:54:03:ff:34:
0a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:92:1E:34:21:6A:55:D9:B9:D2:49:23:96:D6:30:06:C7:40:45:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/554018B0591011F0B8F62498DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.208.0-154.196.212.255
Signature Algorithm: sha256WithRSAEncryption
95:2b:e3:f6:cd:a3:fe:1f:02:f4:d7:90:20:7b:03:60:14:71:
37:34:03:cb:58:62:44:6c:c0:0c:4e:9d:19:7e:b3:b9:5f:6e:
18:07:ad:58:e2:8f:7d:3e:ee:28:aa:c3:dd:c8:89:94:59:71:
da:ca:b7:b0:1a:19:88:8c:e0:b3:75:40:2c:a7:8a:cb:08:04:
53:c3:f8:fe:82:0a:db:66:5d:a4:94:d0:3c:e0:61:43:18:a5:
a5:de:4f:81:cb:69:a7:97:33:60:42:1c:bc:79:d6:9d:06:1e:
49:5e:b5:94:1f:c9:d3:ba:e4:74:df:28:c2:7a:09:1a:4f:10:
34:e3:8a:5e:89:7d:8e:63:cc:f1:df:5b:7a:b0:7a:e0:6b:99:
bd:e4:f7:33:64:d4:7d:90:5a:b0:89:17:92:7b:7c:9a:10:8f:
05:9d:45:56:30:b5:52:ab:5a:93:1a:39:16:2d:71:c1:66:04:
c7:4d:bc:5c:75:65:84:67:c3:b2:72:f6:5f:22:31:88:d1:95:
07:6b:0d:5d:17:c7:f0:bd:a1:c6:a0:f6:bb:56:e5:1e:24:02:
64:30:4b:1d:0e:b4:96:11:eb:da:e2:a5:a6:c6:2a:6e:eb:7e:
ab:08:cc:d0:cb:33:85:41:84:1a:ff:28:62:20:24:fc:c3:9e:
74:59:6f:55
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYqoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTk1MTQ5WhcNMjUwOTEwMTk1MTQ5WjAYMRYw
FAYDVQQDEw02ODY4MzBkYS04YTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnG6J41uVmMW0EromgQAQbuQ8Sq8IkGGHwSh54MXKn05O/iYbQ+1GNKGa
7Wqw7mRoo9ZXUxqg7QQz0RHks+NeSoiRlNfysgrwcZYmkS1xnBOgpS6X+mAbBAl1
HCma27qkmSOF4g/WIMcG7XmnF6lkb4cK00D8pxyDxTlr/lZJzdJXSJWmX2TKpIDb
p72OCK1ygNsrGqn7hbpL9O0iwcXse1R552WDdeSc69zG6M2hzR7XrRB8WIDBSq0f
wPuwdEYFl5QJXP7ij74OQ6VUFh0bycd9eqDXX6vcAS/YJbImad1Mkpx5PAgkRt0/
+WUYqAPxumyz25unvGMVwFQD/zQKywIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAKS
HjQhalXZudJJI5bWMAbHQEWAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTQwMThCMDU5MTAxMUYwQjhGNjI0OThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaxNADBACaxNQwDQYJ
KoZIhvcNAQELBQADggEBAJUr4/bNo/4fAvTXkCB7A2AUcTc0A8tYYkRswAxOnRl+
s7lfbhgHrVjij30+7iiqw93IiZRZcdrKt7AaGYiM4LN1QCynissIBFPD+P6CCttm
XaSU0DzgYUMYpaXeT4HLaaeXM2BCHLx51p0GHkletZQfydO65HTfKMJ6CRpPEDTj
il6JfY5jzPHfW3qweuBrmb3k9zNk1H2QWrCJF5J7fJoQjwWdRVYwtVKrWpMaORYt
ccFmBMdNvFx1ZYRnw7Jy9l8iMYjRlQdrDV0Xx/C9ocag9rtW5R4kAmQwSx0OtJYR
69ripabGKm7rfqsIzNDLM4VBhBr/KGIgJPzDnnRZb1U=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:15:46 2025 by rpki-client