Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BEB524E599811F0B01BC298DAE4EC9C.roa
File: 7BEB524E599811F0B01BC298DAE4EC9C.roa (raw, json)
Hash identifier: MV7WWheOLAa70Vrnk23zaZczI2krB/itXTCI2EOr4rw=
Subject key identifier: 11:F7:52:28:BC:77:97:E9:DF:55:97:AF:A4:95:CC:B0:34:A8:20:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AEE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BEB524E599811F0B01BC298DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 12:06:30 +0000
ROA not before: Sat 05 Jul 2025 12:06:25 +0000
ROA not after: Sat 16 Aug 2025 12:06:25 +0000
asID: 203020
IP address blocks: 154.201.37.0/24 maxlen: 24
154.201.38.0/24 maxlen: 24
154.202.91.0/24 maxlen: 24
154.202.101.0/24 maxlen: 24
154.202.103.0/24 maxlen: 24
154.202.104.0/24 maxlen: 24
154.202.106.0/24 maxlen: 24
154.203.32.0/21 maxlen: 24
154.203.40.0/22 maxlen: 24
154.207.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101102 (0x18aee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 12:06:25 2025 GMT
Not After : Aug 16 12:06:25 2025 GMT
Subject: CN=68691546-36df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:b7:6f:41:b4:9b:ee:93:be:8c:20:bc:fb:
86:42:bb:0a:97:36:46:e3:b8:8a:27:1f:f6:3c:63:
7f:79:cd:7f:87:df:48:c1:19:e5:82:81:31:68:ea:
d7:42:6f:6a:be:26:5f:75:85:32:aa:fc:3a:ee:c1:
d9:65:c1:fd:6e:f7:d7:c6:e9:c3:03:fc:0c:e6:0e:
d4:47:39:7a:5b:8d:a8:c3:77:4a:8c:9f:8b:91:f8:
a1:74:c6:7b:32:74:f7:fe:85:25:fe:09:4b:94:c3:
bf:76:70:3c:de:5d:d3:34:e0:e9:84:42:a4:61:41:
cc:03:a0:d6:03:12:c5:2b:9d:e3:9d:84:ac:ee:db:
dd:f8:15:62:6b:28:ba:42:6d:30:bd:52:36:8a:b0:
2a:e1:b8:6b:cd:fa:62:e3:7c:79:73:57:df:b5:b9:
de:e6:de:8c:fe:12:38:26:aa:b1:fe:24:20:5f:1d:
f1:fa:ae:52:b8:15:cd:4e:d2:24:fc:0d:73:9d:7c:
1d:9e:d2:f4:23:0e:15:c1:35:99:0a:6a:1d:2e:80:
63:a2:e6:53:a9:fe:77:32:f7:82:6c:45:5a:d0:e4:
2d:04:42:6f:89:65:a0:f3:31:e6:4a:8a:46:cf:a1:
2e:94:ef:2c:3e:34:58:61:cd:ab:35:ef:59:da:8e:
9d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F7:52:28:BC:77:97:E9:DF:55:97:AF:A4:95:CC:B0:34:A8:20:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BEB524E599811F0B01BC298DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.37.0-154.201.38.255
154.202.91.0/24
154.202.101.0/24
154.202.103.0-154.202.104.255
154.202.106.0/24
154.203.32.0-154.203.43.255
154.207.54.0/24
Signature Algorithm: sha256WithRSAEncryption
12:8e:74:5e:bf:d2:12:79:6e:8c:24:18:44:88:38:42:7f:64:
7d:95:e2:71:7f:a8:7c:ab:37:e6:b5:d9:88:c6:da:14:7d:0f:
44:57:67:da:2d:f1:38:3b:db:5d:0e:ab:5f:d6:4c:13:0b:f8:
23:d8:14:5f:81:ff:6a:6d:6b:a7:95:7e:40:af:22:c8:04:0e:
c4:fa:4f:ac:7d:5e:60:af:4d:57:e1:83:48:d4:10:89:84:a9:
25:37:51:b1:f3:3c:42:b3:53:f8:02:fb:32:a8:ea:fc:71:9e:
c8:4a:5c:8d:b8:c5:2d:57:1c:db:0a:cf:4b:5c:d6:fd:e1:7e:
48:c6:dc:da:58:2b:0c:e7:68:3b:b3:63:fe:d8:5a:39:9c:30:
cb:f5:b8:0b:da:c1:e8:b7:63:76:93:93:06:dc:1a:e8:8d:13:
fb:6d:fa:22:8e:03:22:56:6c:d8:30:7a:51:60:ed:4a:5a:62:
05:13:82:52:9e:9b:18:3d:5d:55:e8:34:de:69:de:1e:22:3c:
38:8e:05:8d:dd:39:b7:0f:3c:d1:75:80:64:7c:84:77:8b:1d:
f2:ef:68:95:e6:75:50:bb:5e:48:4f:85:a2:1e:3a:85:cb:45:
25:9e:c0:34:58:56:8f:db:e5:4e:c5:f3:8c:13:1c:4d:a3:2c:
f1:af:b9:90
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAYruMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTIwNjI1WhcNMjUwODE2MTIwNjI1WjAYMRYw
FAYDVQQDEw02ODY5MTU0Ni0zNmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUG3b0G0m+6TvowgvPuGQrsKlzZG47iKJx/2PGN/ec1/h99IwRnlgoEx
aOrXQm9qviZfdYUyqvw67sHZZcH9bvfXxunDA/wM5g7URzl6W42ow3dKjJ+Lkfih
dMZ7MnT3/oUl/glLlMO/dnA83l3TNODphEKkYUHMA6DWAxLFK53jnYSs7tvd+BVi
ayi6Qm0wvVI2irAq4bhrzfpi43x5c1fftbne5t6M/hI4Jqqx/iQgXx3x+q5SuBXN
TtIk/A1znXwdntL0Iw4VwTWZCmodLoBjouZTqf53MveCbEVa0OQtBEJviWWg8zHm
SopGz6EulO8sPjRYYc2rNe9Z2o6dDwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFBH3
Uii8d5fp31WXr6SVzLA0qCC1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QkVCNTI0RTU5OTgxMUYwQjAxQkMyOThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBACaySUDBACaySYDBACa
ylsDBACaymUwDAMEAJrKZwMEAJrKaAMEAJrKajAMAwQFmssgAwQCmssoAwQAms82
MA0GCSqGSIb3DQEBCwUAA4IBAQASjnRev9ISeW6MJBhEiDhCf2R9leJxf6h8qzfm
tdmIxtoUfQ9EV2faLfE4O9tdDqtf1kwTC/gj2BRfgf9qbWunlX5AryLIBA7E+k+s
fV5gr01X4YNI1BCJhKklN1Gx8zxCs1P4AvsyqOr8cZ7ISlyNuMUtVxzbCs9LXNb9
4X5IxtzaWCsM52g7s2P+2Fo5nDDL9bgL2sHot2N2k5MG3BrojRP7bfoijgMiVmzY
MHpRYO1KWmIFE4JSnpsYPV1V6DTead4eIjw4jgWN3Tm3DzzRdYBkfIR3ix3y72iV
5nVQu15IT4WiHjqFy0UlnsA0WFaP2+VOxfOMExxNoyzxr7mQ
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:32:12 2025 by rpki-client