Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59E0FD0A58FA11F0BEE8D089DAE4EC9C.roa
File: 59E0FD0A58FA11F0BEE8D089DAE4EC9C.roa (raw, json)
Hash identifier: sZeynbGUrwI/v/U9jgYcljPAWSXyaVNKaqe6szr8Pck=
Subject key identifier: A3:55:30:F8:C9:8D:A0:94:B4:1C:AB:4B:52:3C:21:78:90:2A:B7:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A86
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59E0FD0A58FA11F0BEE8D089DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 17:14:33 +0000
ROA not before: Fri 04 Jul 2025 17:14:28 +0000
ROA not after: Wed 03 Sep 2025 17:14:28 +0000
asID: 18229
IP address blocks: 154.210.128.0/24 maxlen: 24
154.210.129.0/24 maxlen: 24
154.210.150.0/24 maxlen: 24
154.210.151.0/24 maxlen: 24
154.210.152.0/24 maxlen: 24
154.210.153.0/24 maxlen: 24
154.210.154.0/24 maxlen: 24
154.210.155.0/24 maxlen: 24
154.210.156.0/24 maxlen: 24
154.210.159.0/24 maxlen: 24
154.210.186.0/24 maxlen: 24
154.210.187.0/24 maxlen: 24
154.210.188.0/24 maxlen: 24
154.210.189.0/24 maxlen: 24
154.210.214.0/24 maxlen: 24
154.210.216.0/24 maxlen: 24
154.210.217.0/24 maxlen: 24
154.210.218.0/24 maxlen: 24
154.210.219.0/24 maxlen: 24
154.210.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 01:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100998 (0x18a86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 17:14:28 2025 GMT
Not After : Sep 3 17:14:28 2025 GMT
Subject: CN=68680bf8-370d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:49:4e:a8:ae:df:f4:68:7b:ee:53:6e:3d:e5:
23:b6:54:88:30:98:88:4c:1a:fb:b8:e2:ac:4d:c7:
96:e3:61:c5:72:c2:19:34:d8:8b:65:00:ec:d4:5b:
49:38:88:ce:25:7f:9b:e8:cc:8c:93:55:d5:52:3f:
d0:35:30:f0:19:96:1d:f7:5e:2c:e9:a6:38:80:ea:
ae:d0:a9:c7:b1:cb:81:fe:60:38:d8:71:f6:12:71:
79:bf:19:25:d8:fa:f7:a4:9e:3a:91:a1:94:88:c1:
bb:23:ec:17:1f:e6:29:84:c2:ba:2e:26:8b:38:b5:
e5:17:39:65:d4:00:c7:a1:19:8e:83:bd:58:12:21:
66:14:2e:f7:f3:0d:2e:7f:65:e4:96:42:db:6b:34:
81:86:6f:49:17:37:7f:87:1a:dd:df:79:bf:25:e7:
51:a0:90:2b:78:e1:21:6a:22:ad:31:94:95:0e:4b:
01:ed:6f:6e:c9:b9:a8:56:88:2c:94:8c:d9:88:f1:
5e:ac:37:24:d5:c0:08:ac:f4:5f:4a:b5:bd:fc:be:
1e:d3:62:a4:5c:3d:a4:37:d5:bd:60:1a:d5:c8:aa:
a3:c6:f7:07:eb:6d:b8:d5:10:f1:7d:4f:7b:d3:1c:
88:d1:b3:92:9e:f6:f9:1a:28:bb:d3:90:97:bd:9f:
37:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:55:30:F8:C9:8D:A0:94:B4:1C:AB:4B:52:3C:21:78:90:2A:B7:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59E0FD0A58FA11F0BEE8D089DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.128.0/23
154.210.150.0-154.210.156.255
154.210.159.0/24
154.210.186.0-154.210.189.255
154.210.214.0/24
154.210.216.0/22
154.210.221.0/24
Signature Algorithm: sha256WithRSAEncryption
71:c9:9f:f8:62:06:ee:fb:81:ff:0b:23:c3:de:b1:70:8f:5d:
c2:f8:73:d1:6e:e7:19:dc:34:90:dc:cc:a2:45:44:60:63:41:
74:39:0e:2b:58:a7:5f:ba:8e:cc:a1:63:17:42:b7:7f:26:c0:
15:ff:ec:27:e7:b2:85:b5:0c:0a:bc:ab:7d:c4:bb:12:f2:99:
cc:bb:d4:6f:94:f6:f6:a7:1d:c8:e0:6a:2b:42:5a:10:17:1e:
36:c6:e1:18:1c:74:36:b3:c2:f0:30:8b:4c:e8:cc:08:1c:03:
30:37:71:f4:a0:ce:dc:dd:65:25:60:39:5b:49:c5:1b:5b:43:
79:60:ae:2c:71:18:15:2c:ce:07:ef:8b:a0:5d:ca:15:34:f4:
7f:d9:39:c1:f7:c7:6e:54:13:4d:d3:6b:fb:c0:cd:d8:3a:f9:
2d:25:db:57:f3:02:cb:d3:fe:32:36:3e:54:46:ab:78:9a:fd:
29:c4:e7:1d:21:12:9c:76:9c:68:d1:ee:f0:a5:c8:ec:ee:ec:
99:61:26:a0:40:a2:f4:03:04:01:11:f2:d5:01:81:4a:48:41:
6f:d2:3e:5b:45:10:6d:9b:de:c8:cf:13:cf:29:2f:2f:14:20:
d0:93:fd:c6:f5:5a:8b:5f:53:99:11:11:d3:1a:52:95:73:5a:
07:5f:4a:e5
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDAYqGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTcxNDI4WhcNMjUwOTAzMTcxNDI4WjAYMRYw
FAYDVQQDEw02ODY4MGJmOC0zNzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20lOqK7f9Gh77lNuPeUjtlSIMJiITBr7uOKsTceW42HFcsIZNNiLZQDs
1FtJOIjOJX+b6MyMk1XVUj/QNTDwGZYd914s6aY4gOqu0KnHscuB/mA42HH2EnF5
vxkl2Pr3pJ46kaGUiMG7I+wXH+YphMK6LiaLOLXlFzll1ADHoRmOg71YEiFmFC73
8w0uf2XklkLbazSBhm9JFzd/hxrd33m/JedRoJAreOEhaiKtMZSVDksB7W9uybmo
VogslIzZiPFerDck1cAIrPRfSrW9/L4e02KkXD2kN9W9YBrVyKqjxvcH62241RDx
fU970xyI0bOSnvb5Gii705CXvZ83kwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFKNV
MPjJjaCUtByrS1I8IXiQKredMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OUUwRkQwQTU4RkExMUYwQkVFOEQwODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQBmtKAMAwDBAGa0pYDBACa
0pwDBACa0p8wDAMEAZrSugMEAZrSvAMEAJrS1gMEAprS2AMEAJrS3TANBgkqhkiG
9w0BAQsFAAOCAQEAccmf+GIG7vuB/wsjw96xcI9dwvhz0W7nGdw0kNzMokVEYGNB
dDkOK1inX7qOzKFjF0K3fybAFf/sJ+eyhbUMCryrfcS7EvKZzLvUb5T29qcdyOBq
K0JaEBceNsbhGBx0NrPC8DCLTOjMCBwDMDdx9KDO3N1lJWA5W0nFG1tDeWCuLHEY
FSzOB++LoF3KFTT0f9k5wffHblQTTdNr+8DN2Dr5LSXbV/MCy9P+MjY+VEareJr9
KcTnHSESnHacaNHu8KXI7O7smWEmoECi9AMEARHy1QGBSkhBb9I+W0UQbZveyM8T
zykvLxQg0JP9xvVai19TmRER0xpSlXNaB19K5Q==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:44:06 2025 by rpki-client