Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/963D209E632211F0BE275591DAE4EC9C.roa
File: 963D209E632211F0BE275591DAE4EC9C.roa (raw, json)
Hash identifier: Q14JZS7h7hZLVOpKB5gL3RSMa+2qomtlrMQk3sKZ6Xw=
Subject key identifier: 4A:D8:8A:9B:95:BE:C9:70:A5:32:D7:9D:70:D9:CA:ED:A9:D2:B7:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E48
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/963D209E632211F0BE275591DAE4EC9C.roa
Signing time: Thu 17 Jul 2025 15:27:45 +0000
ROA not before: Thu 17 Jul 2025 15:27:40 +0000
ROA not after: Sun 31 Aug 2025 15:27:40 +0000
asID: 62240
IP address blocks: 154.85.26.0/24 maxlen: 24
154.85.97.0/24 maxlen: 24
154.85.99.0/24 maxlen: 24
154.90.1.0/24 maxlen: 24
154.90.129.0/24 maxlen: 24
154.90.130.0/24 maxlen: 24
154.90.131.0/24 maxlen: 24
154.90.142.0/24 maxlen: 24
154.90.143.0/24 maxlen: 24
154.90.172.0/24 maxlen: 24
154.90.173.0/24 maxlen: 24
154.94.34.0/24 maxlen: 24
154.94.39.0/24 maxlen: 24
154.94.42.0/24 maxlen: 24
154.94.45.0/24 maxlen: 24
154.94.57.0/24 maxlen: 24
154.94.58.0/24 maxlen: 24
154.94.61.0/24 maxlen: 24
154.94.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101960 (0x18e48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 15:27:40 2025 GMT
Not After : Aug 31 15:27:40 2025 GMT
Subject: CN=68791671-ca9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d1:b6:a3:49:06:61:db:ac:03:7c:f5:4a:17:
81:8a:82:43:90:fe:be:6c:4a:06:b3:d1:be:15:2a:
81:f3:34:d8:e6:e1:b2:1c:2b:bd:28:86:49:fd:f6:
00:0f:e0:22:c8:76:c3:ac:60:8b:3e:b1:f1:cc:89:
c3:82:8f:56:78:fa:31:9c:cc:f4:e8:ac:21:50:d4:
00:bb:47:7f:2a:65:c0:a7:65:39:8c:31:4c:e7:16:
46:66:f0:92:9f:7e:28:6b:93:df:12:87:e7:df:1d:
2a:d5:05:17:97:8e:13:82:77:dc:8c:f5:01:bf:40:
2a:23:bc:8e:6f:ea:54:97:8d:22:1f:03:0c:17:ce:
40:db:c8:c5:a3:26:ee:9a:a4:07:65:1c:b0:11:dc:
7c:0e:dc:43:ec:30:f4:d8:d3:0a:56:af:c3:31:d9:
fa:6d:fe:66:e9:20:81:d8:51:a2:f2:8d:a0:d6:21:
f9:43:b8:87:00:f7:e4:37:86:e1:81:39:f6:41:75:
1f:bd:44:ef:cb:0d:67:04:0e:e3:30:3c:dc:1f:a3:
78:5a:5c:d9:2b:fa:21:72:0d:46:fb:22:42:49:7e:
f0:fb:14:af:77:08:3a:33:2d:7a:8f:78:8f:f9:dd:
74:45:a0:40:d3:66:92:9a:40:be:3b:1a:77:d9:89:
9f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D8:8A:9B:95:BE:C9:70:A5:32:D7:9D:70:D9:CA:ED:A9:D2:B7:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/963D209E632211F0BE275591DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.26.0/24
154.85.97.0/24
154.85.99.0/24
154.90.1.0/24
154.90.129.0-154.90.131.255
154.90.142.0/23
154.90.172.0/23
154.94.34.0/24
154.94.39.0/24
154.94.42.0/24
154.94.45.0/24
154.94.57.0-154.94.58.255
154.94.61.0-154.94.62.255
Signature Algorithm: sha256WithRSAEncryption
29:15:31:e1:9a:70:3c:7e:d2:93:62:05:b4:de:97:45:43:f0:
be:65:2f:27:53:d9:ed:f2:6f:df:f1:72:0a:b0:16:0d:d8:0c:
04:e9:40:56:fd:3c:92:2e:62:de:89:0c:89:14:99:fc:52:39:
60:50:44:4b:89:94:80:3d:fc:44:8f:5d:77:6d:89:a8:10:43:
3c:81:81:69:20:95:c2:a0:bf:ce:60:02:f7:10:7d:50:92:6c:
b4:8f:81:30:a6:23:75:1d:35:a1:42:6a:78:c6:14:87:6d:87:
75:c0:85:31:da:1a:46:8e:6f:74:ee:9e:d6:2e:5d:0a:64:94:
26:ad:90:40:e8:3c:bc:f2:69:5a:34:a4:03:6b:10:86:76:d4:
ce:6d:68:b3:a5:b9:69:96:79:34:99:fe:2a:2d:6f:ec:7a:a5:
e3:1f:ef:86:66:74:ee:f9:37:74:75:1a:e2:f6:ae:a9:79:c9:
69:25:43:ae:6f:57:e0:db:26:3c:5d:0e:cc:a2:9d:07:9f:dc:
74:3c:f9:1a:81:a0:53:72:36:7e:fe:1a:30:9d:46:2d:25:c5:
60:e5:6b:36:ca:16:64:c1:9d:15:59:91:03:6c:31:3f:11:6a:
1b:68:3f:1d:1d:c4:12:c1:ef:14:f4:d8:1d:a4:3a:49:39:7c:
88:fe:5c:5c
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgIDAY5IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTUyNzQwWhcNMjUwODMxMTUyNzQwWjAYMRYw
FAYDVQQDEw02ODc5MTY3MS1jYTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2tG2o0kGYdusA3z1SheBioJDkP6+bEoGs9G+FSqB8zTY5uGyHCu9KIZJ
/fYAD+AiyHbDrGCLPrHxzInDgo9WePoxnMz06KwhUNQAu0d/KmXAp2U5jDFM5xZG
ZvCSn34oa5PfEofn3x0q1QUXl44TgnfcjPUBv0AqI7yOb+pUl40iHwMMF85A28jF
oybumqQHZRywEdx8DtxD7DD02NMKVq/DMdn6bf5m6SCB2FGi8o2g1iH5Q7iHAPfk
N4bhgTn2QXUfvUTvyw1nBA7jMDzcH6N4WlzZK/ohcg1G+yJCSX7w+xSvdwg6My16
j3iP+d10RaBA02aSmkC+Oxp32YmfDwIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFErY
ipuVvslwpTLXnXDZyu2p0rdMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NjNEMjA5RTYzMjIxMUYwQkUyNzU1OTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAmlUaAwQAmlVhAwQAmlVj
AwQAmloBMAwDBACaWoEDBAKaWoADBAGaWo4DBAGaWqwDBACaXiIDBACaXicDBACa
XioDBACaXi0wDAMEAJpeOQMEAJpeOjAMAwQAml49AwQAml4+MA0GCSqGSIb3DQEB
CwUAA4IBAQApFTHhmnA8ftKTYgW03pdFQ/C+ZS8nU9nt8m/f8XIKsBYN2AwE6UBW
/TySLmLeiQyJFJn8UjlgUERLiZSAPfxEj113bYmoEEM8gYFpIJXCoL/OYAL3EH1Q
kmy0j4EwpiN1HTWhQmp4xhSHbYd1wIUx2hpGjm907p7WLl0KZJQmrZBA6Dy88mla
NKQDaxCGdtTObWizpblplnk0mf4qLW/seqXjH++GZnTu+Td0dRri9q6peclpJUOu
b1fg2yY8XQ7Mop0Hn9x0PPkagaBTcjZ+/hownUYtJcVg5Ws2yhZkwZ0VWZEDbDE/
EWobaD8dHcQSwe8U9NgdpDpJOXyI/lxc
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:37:55 2025 by rpki-client