Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/600727CA59A611F0921C48EFDAE4EC9C.roa
File: 600727CA59A611F0921C48EFDAE4EC9C.roa (raw, json)
Hash identifier: OPZLcRvUECdQcS9zGJnWRJWjL/tjarcmBM7rpImdvJs=
Subject key identifier: 18:8C:8F:85:FE:78:88:03:C9:3F:E8:30:7F:A2:A4:C1:67:D9:F7:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AFC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/600727CA59A611F0921C48EFDAE4EC9C.roa
Signing time: Sat 05 Jul 2025 13:45:56 +0000
ROA not before: Sat 05 Jul 2025 13:45:51 +0000
ROA not after: Sun 24 Aug 2025 13:45:51 +0000
asID: 139923
IP address blocks: 154.89.151.0/24 maxlen: 24
154.89.152.0/23 maxlen: 24
154.89.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101116 (0x18afc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 13:45:51 2025 GMT
Not After : Aug 24 13:45:51 2025 GMT
Subject: CN=68692c94-71ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6f:f0:f4:da:8a:18:e8:d8:80:8d:6e:59:e1:
cf:1a:d0:90:77:6d:52:ae:93:db:14:83:4f:cd:10:
d5:49:02:2b:af:a3:45:54:b1:2c:78:eb:b9:50:5d:
19:e0:cb:55:0c:f9:0c:5c:48:e4:01:ee:ef:22:db:
30:11:db:dc:ea:a1:f8:c5:9e:7a:78:34:1f:ee:2e:
2d:09:9b:bf:74:20:3b:5a:84:e0:e4:fe:3a:b0:52:
a2:9a:8f:95:86:8b:0d:50:2d:76:ad:c6:c0:84:b9:
f6:1e:dd:e8:a6:85:a6:de:82:a6:14:5a:f6:53:f1:
d9:4e:99:ec:4a:a4:cd:82:8e:dc:85:fd:1a:e5:89:
39:70:27:c5:93:38:32:bc:c9:5a:1d:5a:c7:6f:a5:
b3:c3:7e:d6:3b:21:58:51:e4:f2:fd:17:f5:bd:d2:
b2:13:5f:f5:75:67:b2:7e:b4:21:c8:20:dd:cd:94:
e0:7b:ac:07:29:01:5e:71:12:e8:e2:c0:66:81:2d:
e6:51:8d:57:8a:05:b4:42:20:df:fd:c1:bb:d3:ac:
17:6a:61:c3:31:47:bd:46:60:7d:27:b3:c7:30:18:
c1:84:a2:ed:84:04:4b:f1:bc:80:72:14:8a:09:24:
95:e6:81:70:06:b4:62:43:4f:49:18:aa:5f:b5:84:
21:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8C:8F:85:FE:78:88:03:C9:3F:E8:30:7F:A2:A4:C1:67:D9:F7:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/600727CA59A611F0921C48EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.151.0-154.89.153.255
154.89.157.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:e4:47:1b:b2:8d:20:7b:73:6a:01:1c:d0:ab:9b:8d:5d:44:
ea:88:5a:6f:2e:c7:f9:b0:c6:39:12:6a:60:8f:b4:2a:97:67:
01:00:d5:8b:33:9a:08:01:92:ee:29:fe:8a:98:a8:5d:41:85:
16:f1:29:66:ab:d5:50:ba:17:60:c3:13:95:68:e3:fe:77:21:
70:ef:d8:c9:12:e0:f7:f3:0e:c3:f1:53:fa:bf:3b:32:2e:f5:
90:c8:08:ec:bf:54:4a:1e:85:cd:23:ff:de:a5:15:06:59:a6:
80:9b:54:48:4d:26:85:a6:60:b1:e7:05:03:ac:96:1a:21:7e:
f7:89:32:c0:76:25:8f:8c:ff:7d:0e:15:83:ce:37:0c:e7:06:
bc:60:db:ce:bb:5f:be:8b:28:20:f2:9c:74:f4:dd:df:7c:2c:
91:50:ff:72:0a:41:19:f4:6b:4e:7e:7a:a1:ea:9c:6e:0c:6b:
a8:66:ca:3b:3c:67:c8:fc:f2:40:0b:57:b2:e5:85:ed:29:b8:
30:97:43:b7:00:6f:c4:00:10:68:ee:56:42:79:b6:6f:0c:e3:
26:28:20:dd:5e:ee:2b:e7:3c:6b:13:62:3b:c2:e1:cc:a9:50:
6e:ee:37:e1:9f:fb:24:aa:06:8e:8e:89:d6:45:e9:66:72:79:
87:18:1f:38
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYr8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTM0NTUxWhcNMjUwODI0MTM0NTUxWjAYMRYw
FAYDVQQDEw02ODY5MmM5NC03MWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxm/w9NqKGOjYgI1uWeHPGtCQd21SrpPbFINPzRDVSQIrr6NFVLEseOu5
UF0Z4MtVDPkMXEjkAe7vItswEdvc6qH4xZ56eDQf7i4tCZu/dCA7WoTg5P46sFKi
mo+VhosNUC12rcbAhLn2Ht3opoWm3oKmFFr2U/HZTpnsSqTNgo7chf0a5Yk5cCfF
kzgyvMlaHVrHb6Wzw37WOyFYUeTy/Rf1vdKyE1/1dWeyfrQhyCDdzZTge6wHKQFe
cRLo4sBmgS3mUY1XigW0QiDf/cG706wXamHDMUe9RmB9J7PHMBjBhKLthARL8byA
chSKCSSV5oFwBrRiQ09JGKpftYQhZwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBiM
j4X+eIgDyT/oMH+ipMFn2fdNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDA3MjdDQTU5QTYxMUYwOTIxQzQ4RUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACaWZcDBAGaWZgDBACa
WZ0wDQYJKoZIhvcNAQELBQADggEBALrkRxuyjSB7c2oBHNCrm41dROqIWm8ux/mw
xjkSamCPtCqXZwEA1YszmggBku4p/oqYqF1BhRbxKWar1VC6F2DDE5Vo4/53IXDv
2MkS4PfzDsPxU/q/OzIu9ZDICOy/VEoehc0j/96lFQZZpoCbVEhNJoWmYLHnBQOs
lhohfveJMsB2JY+M/30OFYPONwznBrxg2867X76LKCDynHT03d98LJFQ/3IKQRn0
a05+eqHqnG4Ma6hmyjs8Z8j88kALV7Llhe0puDCXQ7cAb8QAEGjuVkJ5tm8M4yYo
IN1e7ivnPGsTYjvC4cypUG7uN+Gf+ySqBo6OidZF6WZyeYcYHzg=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:34:11 2025 by rpki-client