Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A6B433A5B6A11F0A5C4D1E7DAE4EC9C.roa
File: 5A6B433A5B6A11F0A5C4D1E7DAE4EC9C.roa (raw, json)
Hash identifier: 3M4DWRAHmvrJJM+s/Gmk+AJyUY7cHTWXvWxOh9ZC85Y=
Subject key identifier: 26:65:A9:EC:C8:8B:9D:D0:63:9F:ED:5A:1B:91:2A:6E:89:45:BF:0B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A6B433A5B6A11F0A5C4D1E7DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 19:41:19 +0000
ROA not before: Mon 07 Jul 2025 19:41:14 +0000
ROA not after: Wed 03 Sep 2025 19:41:14 +0000
asID: 18229
IP address blocks: 154.206.22.0/24 maxlen: 24
154.206.29.0/24 maxlen: 24
154.210.172.0/24 maxlen: 24
154.210.173.0/24 maxlen: 24
154.210.174.0/24 maxlen: 24
154.210.175.0/24 maxlen: 24
154.210.176.0/24 maxlen: 24
154.210.182.0/24 maxlen: 24
154.210.191.0/24 maxlen: 24
154.210.192.0/24 maxlen: 24
154.210.193.0/24 maxlen: 24
154.210.194.0/24 maxlen: 24
154.210.195.0/24 maxlen: 24
154.210.196.0/24 maxlen: 24
154.210.197.0/24 maxlen: 24
154.210.198.0/24 maxlen: 24
154.210.199.0/24 maxlen: 24
154.210.200.0/24 maxlen: 24
154.210.201.0/24 maxlen: 24
154.210.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101458 (0x18c52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 19:41:14 2025 GMT
Not After : Sep 3 19:41:14 2025 GMT
Subject: CN=686c22df-815d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:52:c8:c3:52:07:2f:38:e0:94:c7:bb:d6:
97:bd:fc:cf:c3:a6:b5:45:41:86:95:ab:30:7c:2e:
8f:cb:3a:df:b5:68:d8:24:30:fb:80:a7:d0:eb:7c:
ad:b7:5a:49:77:a4:60:99:e1:01:c0:fb:a5:56:a5:
45:18:aa:d3:6e:e2:43:de:1d:95:b0:db:f3:46:5d:
0e:56:28:e9:01:df:9a:99:d7:41:f0:eb:eb:30:45:
5e:e6:b0:ff:16:1c:1a:ef:a6:7a:86:45:6f:d7:60:
d4:4f:f6:db:b3:b3:ef:da:bc:cf:89:6c:5d:a2:f7:
c6:f0:3e:f9:13:7c:8e:e4:91:95:8c:f0:a2:ba:6c:
c6:fb:69:87:1b:20:da:3d:e5:49:40:22:57:7c:4c:
c3:c7:49:38:d1:ae:b5:7d:69:45:52:43:97:cb:55:
76:ac:d6:e3:38:d8:10:de:9d:38:37:14:f0:35:f5:
fe:87:1e:91:92:65:5e:84:22:ba:4e:41:43:05:f7:
49:ca:52:f5:43:38:5e:4b:2f:db:88:63:31:0f:d3:
fe:2c:07:eb:12:2c:75:f4:08:87:89:2b:03:ea:82:
b4:1a:6c:32:30:c5:bb:5c:9f:51:2b:ee:cd:f8:2d:
69:e0:6e:cf:8b:d2:c8:a6:a0:95:45:82:db:e8:7d:
78:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:65:A9:EC:C8:8B:9D:D0:63:9F:ED:5A:1B:91:2A:6E:89:45:BF:0B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A6B433A5B6A11F0A5C4D1E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.22.0/24
154.206.29.0/24
154.210.172.0-154.210.176.255
154.210.182.0/24
154.210.191.0-154.210.202.255
Signature Algorithm: sha256WithRSAEncryption
54:52:a0:88:19:d7:81:d2:24:bb:3d:f7:64:42:11:32:e5:f9:
84:67:5b:8a:d8:c5:94:f0:49:1e:1d:cb:b3:7d:51:32:4f:27:
ae:f9:92:82:ff:49:2e:f3:c8:90:59:d9:23:05:1f:02:67:9d:
54:be:8e:c1:40:7f:f3:ce:97:e4:a6:99:ee:c7:24:34:f1:d5:
f5:17:81:5f:52:fe:98:5c:e1:a1:c3:fb:5d:59:66:74:01:69:
c1:65:47:93:e0:f3:3a:52:93:2e:dd:82:2a:b3:34:c0:6a:15:
fd:34:c5:63:bc:98:e1:3a:16:e4:e2:66:66:63:82:ec:d8:38:
55:12:dc:d7:93:0f:2d:23:fb:28:8e:c7:1b:3d:75:77:ff:f3:
de:c8:5e:b6:9f:64:3e:1b:6c:79:ed:28:ca:00:fc:ad:b7:7c:
24:90:e9:d9:fd:b3:d6:86:cd:0a:df:8a:3c:b8:7a:6b:7a:a4:
e1:3a:89:44:98:44:fc:52:78:52:d4:fa:20:cf:98:0a:a5:39:
93:6e:c5:4c:da:54:bc:50:13:bf:a4:60:e6:0f:a2:b9:43:78:
1f:4d:ba:be:d9:9a:f4:18:9a:ce:3e:28:d8:43:4a:2f:47:20:
2a:b0:3f:cc:1b:90:d5:c9:da:87:0c:12:7a:af:01:36:e4:97:
44:72:de:43
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAYxSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTk0MTE0WhcNMjUwOTAzMTk0MTE0WjAYMRYw
FAYDVQQDEw02ODZjMjJkZi04MTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw/FSyMNSBy844JTHu9aXvfzPw6a1RUGGlaswfC6PyzrftWjYJDD7gKfQ
63ytt1pJd6RgmeEBwPulVqVFGKrTbuJD3h2VsNvzRl0OVijpAd+amddB8OvrMEVe
5rD/Fhwa76Z6hkVv12DUT/bbs7Pv2rzPiWxdovfG8D75E3yO5JGVjPCiumzG+2mH
GyDaPeVJQCJXfEzDx0k40a61fWlFUkOXy1V2rNbjONgQ3p04NxTwNfX+hx6RkmVe
hCK6TkFDBfdJylL1QzheSy/biGMxD9P+LAfrEix19AiHiSsD6oK0GmwyMMW7XJ9R
K+7N+C1p4G7Pi9LIpqCVRYLb6H14zwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFCZl
qezIi53QY5/tWhuRKm6JRb8LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QTZCNDMzQTVCNkExMUYwQTVDNEQxRTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAms4WAwQAms4dMAwDBAKa
0qwDBACa0rADBACa0rYwDAMEAJrSvwMEAJrSyjANBgkqhkiG9w0BAQsFAAOCAQEA
VFKgiBnXgdIkuz33ZEIRMuX5hGdbitjFlPBJHh3Ls31RMk8nrvmSgv9JLvPIkFnZ
IwUfAmedVL6OwUB/886X5KaZ7sckNPHV9ReBX1L+mFzhocP7XVlmdAFpwWVHk+Dz
OlKTLt2CKrM0wGoV/TTFY7yY4ToW5OJmZmOC7Ng4VRLc15MPLSP7KI7HGz11d//z
3shetp9kPhtsee0oygD8rbd8JJDp2f2z1obNCt+KPLh6a3qk4TqJRJhE/FJ4UtT6
IM+YCqU5k27FTNpUvFATv6Rg5g+iuUN4H026vtma9Biazj4o2ENKL0cgKrA/zBuQ
1cnahwwSeq8BNuSXRHLeQw==
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:28:55 2025 by rpki-client