Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66ED20665CEA11F0B3F0F0B1DAE4EC9C.roa
File: 66ED20665CEA11F0B3F0F0B1DAE4EC9C.roa (raw, json)
Hash identifier: QEge48K/ISH7K/SbqOIgX2MmQxJDHAI89wk70H1U7kY=
Subject key identifier: CD:B8:EA:A3:38:0B:69:F8:BF:55:DA:D5:73:60:C3:57:07:32:C4:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CF4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66ED20665CEA11F0B3F0F0B1DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 17:30:27 +0000
ROA not before: Wed 09 Jul 2025 17:30:22 +0000
ROA not after: Fri 15 Aug 2025 17:30:22 +0000
asID: 54801
IP address blocks: 154.81.136.0/24 maxlen: 24
154.81.166.0/24 maxlen: 24
154.81.181.0/24 maxlen: 24
154.81.191.0/24 maxlen: 24
154.82.18.0/24 maxlen: 24
154.82.20.0/24 maxlen: 24
154.83.158.0/24 maxlen: 24
154.83.187.0/24 maxlen: 24
154.83.190.0/24 maxlen: 24
154.83.191.0/24 maxlen: 24
154.83.209.0/24 maxlen: 24
154.83.211.0/24 maxlen: 24
154.83.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101620 (0x18cf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 17:30:22 2025 GMT
Not After : Aug 15 17:30:22 2025 GMT
Subject: CN=686ea733-9e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:70:d2:b3:d1:2c:97:5d:99:19:e7:57:f9:91:
bf:57:55:45:38:06:d5:f2:58:b3:e8:a7:db:f6:e0:
88:e4:9d:2f:83:0a:dc:8b:d7:8d:20:21:71:11:51:
b6:8c:7f:d3:0f:06:84:83:ae:78:32:fc:35:4f:e3:
3b:24:cb:69:73:5a:d6:b8:15:42:d7:7f:3a:5d:73:
dd:3f:c6:a6:32:07:36:f2:4a:ee:58:70:4c:cb:16:
e4:6f:72:e7:6f:06:47:38:73:07:61:7d:bd:15:42:
47:93:79:0e:7d:0c:45:69:88:5f:63:f0:88:45:80:
a7:a8:bd:58:3f:35:e9:d5:0a:2b:f2:d1:6e:48:43:
1c:54:29:cb:24:8d:d9:06:16:b8:28:2b:5f:3c:d6:
76:c1:c2:d0:e0:f8:37:a1:a5:c8:77:a3:31:a0:83:
56:5a:83:bd:24:9e:40:74:56:86:90:8f:44:db:66:
1d:4a:19:8e:fd:e0:a6:28:9b:a6:fb:a3:47:f6:05:
a4:04:75:dd:de:34:60:a0:21:a1:db:80:56:0d:5d:
cc:59:ae:13:cd:ad:94:ea:7c:94:d5:72:2d:2b:db:
ec:fe:e3:63:00:24:9c:ae:bf:df:3a:7d:0c:c6:ed:
2c:9e:6f:15:7b:7b:30:21:56:1f:a7:0b:9a:8e:ac:
64:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B8:EA:A3:38:0B:69:F8:BF:55:DA:D5:73:60:C3:57:07:32:C4:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66ED20665CEA11F0B3F0F0B1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.136.0/24
154.81.166.0/24
154.81.181.0/24
154.81.191.0/24
154.82.18.0/24
154.82.20.0/24
154.83.158.0/24
154.83.187.0/24
154.83.190.0/23
154.83.209.0/24
154.83.211.0/24
154.83.247.0/24
Signature Algorithm: sha256WithRSAEncryption
83:80:40:c9:a9:9e:4e:40:f5:58:bd:2a:28:b1:a6:1d:3c:85:
e3:41:cb:7d:2a:44:76:7c:91:10:9d:37:83:9d:34:c9:a7:ce:
5f:1c:70:26:45:a2:f4:38:25:cd:80:5a:a9:33:10:b7:94:7f:
20:6a:b7:f9:e8:a8:b5:a9:59:ae:e0:92:7d:99:29:74:15:a2:
e7:47:50:1a:eb:d4:8e:93:75:a0:d6:dd:ae:0e:ea:d0:8f:35:
82:d3:ad:e0:c4:28:50:5f:59:47:91:bd:39:0a:d8:a7:d0:f0:
ff:a7:28:f6:9c:2c:b0:bb:e4:ed:26:9e:d9:91:a4:f5:2f:b5:
48:c8:12:05:92:bf:5f:86:54:af:cb:fe:b0:19:a8:74:df:52:
a2:07:93:bb:12:77:da:ff:c6:a1:7d:3e:24:7e:6b:69:6e:08:
e1:15:23:68:f9:d7:25:36:bc:9c:5e:47:d7:20:e9:f5:34:7e:
cf:58:26:af:41:be:83:9f:fb:22:d1:82:4d:38:15:bc:4f:bd:
59:95:4d:5c:1b:99:a3:d4:c4:81:8d:4c:b7:d2:02:bb:39:db:
c0:20:28:b8:69:2c:e9:1e:4d:6e:0f:c2:29:f3:25:9b:bb:44:
15:c9:80:a6:d0:94:82:c6:6d:51:e0:72:b1:0b:1f:ff:ac:28:
e2:4d:24:bc
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIDAYz0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTczMDIyWhcNMjUwODE1MTczMDIyWjAYMRYw
FAYDVQQDEw02ODZlYTczMy05ZTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0XDSs9Esl12ZGedX+ZG/V1VFOAbV8liz6Kfb9uCI5J0vgwrci9eNICFx
EVG2jH/TDwaEg654Mvw1T+M7JMtpc1rWuBVC1386XXPdP8amMgc28kruWHBMyxbk
b3LnbwZHOHMHYX29FUJHk3kOfQxFaYhfY/CIRYCnqL1YPzXp1Qor8tFuSEMcVCnL
JI3ZBha4KCtfPNZ2wcLQ4Pg3oaXId6MxoINWWoO9JJ5AdFaGkI9E22YdShmO/eCm
KJum+6NH9gWkBHXd3jRgoCGh24BWDV3MWa4Tza2U6nyU1XItK9vs/uNjACScrr/f
On0Mxu0snm8Ve3swIVYfpwuajqxk6wIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFM24
6qM4C2n4v1Xa1XNgw1cHMsTiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NkVEMjA2NjVDRUExMUYwQjNGMEYwQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAmlGIAwQAmlGmAwQAmlG1
AwQAmlG/AwQAmlISAwQAmlIUAwQAmlOeAwQAmlO7AwQBmlO+AwQAmlPRAwQAmlPT
AwQAmlP3MA0GCSqGSIb3DQEBCwUAA4IBAQCDgEDJqZ5OQPVYvSoosaYdPIXjQct9
KkR2fJEQnTeDnTTJp85fHHAmRaL0OCXNgFqpMxC3lH8garf56Ki1qVmu4JJ9mSl0
FaLnR1Aa69SOk3Wg1t2uDurQjzWC063gxChQX1lHkb05Ctin0PD/pyj2nCywu+Tt
Jp7ZkaT1L7VIyBIFkr9fhlSvy/6wGah031KiB5O7Enfa/8ahfT4kfmtpbgjhFSNo
+dclNrycXkfXIOn1NH7PWCavQb6Dn/si0YJNOBW8T71ZlU1cG5mj1MSBjUy30gK7
OdvAICi4aSzpHk1uD8Ip8yWbu0QVyYCm0JSCxm1R4HKxCx//rCjiTSS8
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:47:53 2025 by rpki-client