Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B45F8C825B6C11F0B6A82EF5DAE4EC9C.roa
File: B45F8C825B6C11F0B6A82EF5DAE4EC9C.roa (raw, json)
Hash identifier: YHs13TUF9B9YmmDaNpmTXjKXeACd73dh5yI5c2aF6Ck=
Subject key identifier: 55:9F:26:1A:27:48:32:B7:C9:EE:AD:25:EA:C1:DA:47:79:FD:19:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C56
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B45F8C825B6C11F0B6A82EF5DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 19:58:09 +0000
ROA not before: Mon 07 Jul 2025 19:58:04 +0000
ROA not after: Wed 03 Sep 2025 19:58:04 +0000
asID: 18229
IP address blocks: 154.210.128.0/24 maxlen: 24
154.210.129.0/24 maxlen: 24
154.210.150.0/24 maxlen: 24
154.210.151.0/24 maxlen: 24
154.210.152.0/24 maxlen: 24
154.210.153.0/24 maxlen: 24
154.210.154.0/24 maxlen: 24
154.210.155.0/24 maxlen: 24
154.210.156.0/24 maxlen: 24
154.210.159.0/24 maxlen: 24
154.210.186.0/24 maxlen: 24
154.210.187.0/24 maxlen: 24
154.210.188.0/24 maxlen: 24
154.210.189.0/24 maxlen: 24
154.210.214.0/24 maxlen: 24
154.210.216.0/24 maxlen: 24
154.210.217.0/24 maxlen: 24
154.210.218.0/24 maxlen: 24
154.210.219.0/24 maxlen: 24
154.210.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101462 (0x18c56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 19:58:04 2025 GMT
Not After : Sep 3 19:58:04 2025 GMT
Subject: CN=686c26d1-d894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9e:57:e4:19:d4:fd:83:95:22:da:85:67:0d:
db:6e:1c:7b:0f:57:9a:cb:e0:dd:53:f9:33:bb:0a:
f7:36:44:6a:d3:25:17:8a:d5:bb:27:0a:55:14:a6:
41:24:64:02:4c:cc:a4:35:b3:ee:fa:44:8c:c9:41:
67:1c:55:e9:ca:0d:53:79:3c:ea:5e:02:b3:47:d2:
3b:34:b8:12:15:32:6e:96:4d:52:f6:f5:8b:9a:c4:
f3:64:e6:26:c9:e9:94:04:a3:61:c0:a3:6b:15:74:
1e:3d:52:8e:3a:de:f5:e3:12:a3:62:66:4d:8b:6a:
62:5a:8b:3c:36:39:88:8e:51:75:1b:06:37:91:5d:
f8:2b:05:f4:8c:14:53:67:f7:fe:d7:b6:7a:ae:17:
b4:83:69:8f:d6:1e:4c:66:a0:e8:f5:e9:55:18:25:
16:3a:ba:8a:06:1d:5e:dc:29:20:bd:65:c3:9c:d8:
49:40:fd:1d:fd:09:ae:f2:00:a2:e2:5f:cc:ac:13:
48:2e:40:a0:0c:8f:c4:e0:32:24:21:c6:5b:5c:79:
d7:87:7b:d6:e5:45:e2:d5:d8:73:0c:17:b8:44:2f:
28:e7:c2:96:10:bc:95:dd:a6:a6:61:12:38:e7:06:
52:3b:1f:6f:50:d9:b7:b7:7f:cb:a8:ac:e4:d4:9a:
18:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9F:26:1A:27:48:32:B7:C9:EE:AD:25:EA:C1:DA:47:79:FD:19:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B45F8C825B6C11F0B6A82EF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.128.0/23
154.210.150.0-154.210.156.255
154.210.159.0/24
154.210.186.0-154.210.189.255
154.210.214.0/24
154.210.216.0/22
154.210.221.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:be:95:0d:fc:35:ba:0b:ea:40:73:e1:aa:ca:12:1d:c7:19:
ae:8c:60:a7:73:b5:dd:7c:69:04:71:81:8f:9a:08:ce:d5:5b:
5b:90:9e:e8:53:f2:2e:b7:32:8a:48:e8:fc:d2:c5:71:8c:48:
ab:c8:28:1d:44:89:36:b1:75:6e:62:6c:80:1d:8b:7d:c9:02:
28:0e:64:17:fd:32:74:d9:53:76:fe:82:0f:23:64:1d:f3:48:
d6:ac:79:21:8f:0f:85:3c:a1:40:2f:55:37:c7:50:2f:f5:29:
c9:24:0e:e5:c0:54:b6:d8:93:24:92:4f:64:cb:e7:a9:a1:e4:
ca:0f:91:85:4c:6a:2c:0e:61:a1:41:d4:b3:08:0b:0d:36:07:
19:93:d3:d9:79:51:21:cb:4c:64:02:35:7a:83:55:15:36:e0:
0d:f9:54:7e:ee:60:45:c6:12:70:e4:0e:d5:3c:96:c7:5f:79:
35:a4:20:a9:ef:ea:d2:56:92:4f:c4:87:1a:e3:29:c8:32:0d:
93:0e:15:84:91:9a:b5:57:57:fe:87:76:4b:e6:2c:66:b6:e5:
6b:52:29:70:78:bb:b3:00:93:79:21:d4:72:f5:19:ae:2b:06:
06:ce:28:d7:5b:c8:9f:ad:49:2f:9f:22:77:f1:ae:44:96:de:
74:00:18:e3
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDAYxWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTk1ODA0WhcNMjUwOTAzMTk1ODA0WjAYMRYw
FAYDVQQDEw02ODZjMjZkMS1kODk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2J5X5BnU/YOVItqFZw3bbhx7D1eay+DdU/kzuwr3NkRq0yUXitW7JwpV
FKZBJGQCTMykNbPu+kSMyUFnHFXpyg1TeTzqXgKzR9I7NLgSFTJulk1S9vWLmsTz
ZOYmyemUBKNhwKNrFXQePVKOOt714xKjYmZNi2piWos8NjmIjlF1GwY3kV34KwX0
jBRTZ/f+17Z6rhe0g2mP1h5MZqDo9elVGCUWOrqKBh1e3CkgvWXDnNhJQP0d/Qmu
8gCi4l/MrBNILkCgDI/E4DIkIcZbXHnXh3vW5UXi1dhzDBe4RC8o58KWELyV3aam
YRI45wZSOx9vUNm3t3/LqKzk1JoYEQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFFWf
JhonSDK3ye6tJerB2kd5/RmhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNDVGOEM4MjVCNkMxMUYwQjZBODJFRjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQBmtKAMAwDBAGa0pYDBACa
0pwDBACa0p8wDAMEAZrSugMEAZrSvAMEAJrS1gMEAprS2AMEAJrS3TANBgkqhkiG
9w0BAQsFAAOCAQEAqL6VDfw1ugvqQHPhqsoSHccZroxgp3O13XxpBHGBj5oIztVb
W5Ce6FPyLrcyikjo/NLFcYxIq8goHUSJNrF1bmJsgB2LfckCKA5kF/0ydNlTdv6C
DyNkHfNI1qx5IY8PhTyhQC9VN8dQL/UpySQO5cBUttiTJJJPZMvnqaHkyg+RhUxq
LA5hoUHUswgLDTYHGZPT2XlRIctMZAI1eoNVFTbgDflUfu5gRcYScOQO1TyWx195
NaQgqe/q0laST8SHGuMpyDINkw4VhJGatVdX/od2S+YsZrbla1IpcHi7swCTeSHU
cvUZrisGBs4o11vIn61JL58id/GuRJbedAAY4w==
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:08 2025 by rpki-client