Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/565BDD425AB411F0A84D60C1DAE4EC9C.roa
File: 565BDD425AB411F0A84D60C1DAE4EC9C.roa (raw, json)
Hash identifier: 2fidCDfSMLw9LkxBgap27rsbHaFMa89XFrjcmIXM0/w=
Subject key identifier: A2:FE:4B:C4:D3:07:F0:E8:A4:04:26:4E:B7:5C:76:45:A4:05:62:25
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BC8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/565BDD425AB411F0A84D60C1DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 21:58:24 +0000
ROA not before: Sun 06 Jul 2025 21:58:19 +0000
ROA not after: Wed 03 Sep 2025 21:58:19 +0000
asID: 18229
IP address blocks: 154.206.23.0/24 maxlen: 24
154.210.177.0/24 maxlen: 24
154.210.178.0/24 maxlen: 24
154.210.179.0/24 maxlen: 24
154.210.180.0/24 maxlen: 24
154.210.181.0/24 maxlen: 24
154.210.183.0/24 maxlen: 24
154.210.184.0/24 maxlen: 24
154.210.185.0/24 maxlen: 24
154.210.190.0/24 maxlen: 24
154.210.204.0/24 maxlen: 24
154.210.205.0/24 maxlen: 24
154.210.206.0/24 maxlen: 24
154.210.207.0/24 maxlen: 24
154.210.208.0/24 maxlen: 24
154.210.209.0/24 maxlen: 24
154.210.210.0/24 maxlen: 24
154.210.211.0/24 maxlen: 24
154.210.212.0/24 maxlen: 24
154.210.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101320 (0x18bc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 21:58:19 2025 GMT
Not After : Sep 3 21:58:19 2025 GMT
Subject: CN=686af180-e4c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bc:20:43:2e:73:49:b0:ed:a3:7b:bc:72:b9:
1c:7c:a6:7b:21:c7:f3:32:09:f7:10:60:20:d0:6f:
89:bb:d8:3a:b1:9f:65:cf:e6:ca:0c:2c:0d:cb:af:
32:d3:f4:41:13:8c:0e:a3:cc:02:41:7f:a2:50:3d:
df:1b:b7:51:45:0d:d6:96:65:2d:5c:4d:7f:00:c6:
74:04:c7:3f:57:47:41:32:9e:8f:b4:c6:78:f1:6a:
73:cd:de:21:08:20:59:e1:b8:9e:19:89:2b:5e:45:
f3:88:23:a5:f9:2c:f7:90:25:db:2e:b4:06:11:65:
d4:ba:66:58:bd:2f:45:30:75:59:34:4c:23:15:c9:
39:f4:e2:1e:74:e6:a9:40:f3:a4:aa:21:f7:a1:2f:
fd:2d:d6:a4:64:70:71:f5:68:bc:e8:58:6d:b4:ba:
dc:36:60:19:65:6e:c4:5a:a1:a6:42:57:85:70:65:
91:c1:68:4e:16:b8:dd:79:eb:8b:18:1e:cb:52:ef:
be:47:37:7f:1f:d0:cc:a1:95:09:d8:3e:13:4b:3b:
31:ab:a3:f4:82:33:75:3f:de:ba:56:11:92:a6:b8:
8f:5c:79:f4:d0:55:a2:d5:ca:6a:48:fa:5e:f4:e4:
ac:2f:61:a5:94:81:1b:99:c8:55:24:4a:7e:1f:ec:
91:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:FE:4B:C4:D3:07:F0:E8:A4:04:26:4E:B7:5C:76:45:A4:05:62:25
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/565BDD425AB411F0A84D60C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.23.0/24
154.210.177.0-154.210.181.255
154.210.183.0-154.210.185.255
154.210.190.0/24
154.210.204.0-154.210.212.255
154.210.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:84:80:18:e9:ed:dc:a2:78:ac:09:c5:c3:e6:57:4f:f7:f8:
dc:42:8e:36:3a:32:9c:3a:21:33:26:92:c3:82:22:f8:d1:49:
87:ea:bf:84:a3:83:81:79:ff:fb:7b:7a:cb:93:44:f9:4f:6c:
29:47:a6:35:71:05:a2:99:e0:cd:07:3c:24:92:78:aa:7c:e7:
dd:87:95:04:4a:c1:fe:53:ae:75:7d:68:34:4f:cd:60:fc:95:
4f:d6:79:99:80:82:c4:30:0c:5a:43:6d:00:0d:c8:67:ce:26:
4d:96:f5:09:fe:33:67:f1:d9:39:b3:70:ff:61:78:a0:78:3f:
52:b4:ae:c9:2e:7d:27:2d:6f:82:90:f4:68:77:6c:89:84:44:
6a:34:2f:28:de:34:2c:53:91:08:ef:ba:9f:e6:2b:91:b8:fb:
66:0e:46:26:09:0c:02:24:bb:06:93:82:bb:d5:fd:57:90:2f:
5e:08:36:96:ee:19:ae:29:b2:b3:64:d3:69:ab:ef:12:4b:3d:
5d:cf:37:af:e2:17:77:13:1a:8e:18:15:3c:f7:69:0d:c3:15:
32:a3:29:18:d3:48:c8:80:26:59:1f:c8:38:b3:c6:e6:95:e8:
e6:fb:e2:96:cc:3f:fe:a9:ff:db:7f:66:46:69:21:bd:90:94:
58:fe:79:80
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAYvIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MjE1ODE5WhcNMjUwOTAzMjE1ODE5WjAYMRYw
FAYDVQQDEw02ODZhZjE4MC1lNGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvrwgQy5zSbDto3u8crkcfKZ7IcfzMgn3EGAg0G+Ju9g6sZ9lz+bKDCwN
y68y0/RBE4wOo8wCQX+iUD3fG7dRRQ3WlmUtXE1/AMZ0BMc/V0dBMp6PtMZ48Wpz
zd4hCCBZ4bieGYkrXkXziCOl+Sz3kCXbLrQGEWXUumZYvS9FMHVZNEwjFck59OIe
dOapQPOkqiH3oS/9LdakZHBx9Wi86FhttLrcNmAZZW7EWqGmQleFcGWRwWhOFrjd
eeuLGB7LUu++Rzd/H9DMoZUJ2D4TSzsxq6P0gjN1P966VhGSpriPXHn00FWi1cpq
SPpe9OSsL2GllIEbmchVJEp+H+yRJQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFKL+
S8TTB/DopAQmTrdcdkWkBWIlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjVCREQ0MjVBQjQxMUYwQTg0RDYwQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAms4XMAwDBACa0rEDBAGa
0rQwDAMEAJrStwMEAZrSuAMEAJrSvjAMAwQCmtLMAwQAmtLUAwQAmtLXMA0GCSqG
SIb3DQEBCwUAA4IBAQAfhIAY6e3conisCcXD5ldP9/jcQo42OjKcOiEzJpLDgiL4
0UmH6r+Eo4OBef/7e3rLk0T5T2wpR6Y1cQWimeDNBzwkkniqfOfdh5UESsH+U651
fWg0T81g/JVP1nmZgILEMAxaQ20ADchnziZNlvUJ/jNn8dk5s3D/YXigeD9StK7J
Ln0nLW+CkPRod2yJhERqNC8o3jQsU5EI77qf5iuRuPtmDkYmCQwCJLsGk4K71f1X
kC9eCDaW7hmuKbKzZNNpq+8SSz1dzzev4hd3ExqOGBU892kNwxUyoykY00jIgCZZ
H8g4s8bmlejm++KWzD/+qf/bf2ZGaSG9kJRY/nmA
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:05:39 2025 by rpki-client