Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD19805C59BA11F08033E1F2DAE4EC9C.roa
File: BD19805C59BA11F08033E1F2DAE4EC9C.roa (raw, json)
Hash identifier: hZKz0+AS9vG5bcn5XPS0cbf6G5O3whkdXbVsut0sEMQ=
Subject key identifier: 02:7B:59:EB:BE:CE:D7:A5:9C:5B:3C:5A:C9:34:18:DE:B6:B5:A8:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018B1A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD19805C59BA11F08033E1F2DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 16:11:42 +0000
ROA not before: Sat 05 Jul 2025 16:11:37 +0000
ROA not after: Wed 03 Sep 2025 16:11:37 +0000
asID: 18229
IP address blocks: 154.206.22.0/24 maxlen: 24
154.210.194.0/24 maxlen: 24
154.210.195.0/24 maxlen: 24
154.210.196.0/24 maxlen: 24
154.210.197.0/24 maxlen: 24
154.210.198.0/24 maxlen: 24
154.210.199.0/24 maxlen: 24
154.210.200.0/24 maxlen: 24
154.210.201.0/24 maxlen: 24
154.210.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101146 (0x18b1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 16:11:37 2025 GMT
Not After : Sep 3 16:11:37 2025 GMT
Subject: CN=68694ebe-3032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fe:39:c7:67:29:59:e5:6c:3e:82:2e:3d:70:
62:7b:95:e0:35:bc:85:28:94:df:ab:5d:b8:3b:c1:
9f:bb:f7:9f:9a:e1:8e:dd:dd:6f:69:e0:a1:94:6c:
08:0f:18:e1:aa:5c:6a:8a:ad:e9:f6:f1:06:52:29:
aa:7b:b9:a4:80:c5:9c:31:df:2a:5d:7e:27:f1:14:
cc:e6:46:a2:fa:e1:c8:5c:9b:c8:0e:20:68:09:29:
85:de:21:0e:76:b3:16:03:bd:ee:ba:04:25:dd:3e:
4d:82:b5:a0:68:fb:8d:57:3f:bb:55:79:ff:81:34:
ca:a2:af:15:31:4a:1f:60:25:b6:e4:6e:fc:de:44:
e3:20:f4:5c:ce:07:5c:ca:a9:37:9f:e2:9e:2b:72:
a9:d7:11:d3:b0:49:47:71:a7:d1:ab:dc:ea:29:42:
de:e1:e6:ed:39:cb:ff:34:13:5a:a5:5d:56:29:0e:
a9:98:e5:f9:90:a2:f6:74:dc:70:0e:ba:57:f1:6c:
8d:4f:fb:af:34:33:54:60:9f:39:f6:0a:37:d5:ea:
67:73:61:d2:8b:57:0a:8d:dc:b9:a3:fa:19:66:c7:
48:5d:26:cc:27:c0:1f:ab:89:de:08:14:d5:eb:6c:
c9:af:6b:23:d0:75:a6:7a:1c:44:88:ff:78:76:72:
27:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7B:59:EB:BE:CE:D7:A5:9C:5B:3C:5A:C9:34:18:DE:B6:B5:A8:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD19805C59BA11F08033E1F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.22.0/24
154.210.194.0-154.210.202.255
Signature Algorithm: sha256WithRSAEncryption
4e:09:c6:a3:69:ad:64:5a:77:db:5f:24:ae:8d:8f:7e:e9:e9:
84:8d:2d:d5:75:9b:d4:b0:4c:2f:f4:52:08:fe:49:b5:61:0d:
be:06:dd:af:2d:ab:ec:4f:06:0a:5f:69:83:ce:33:53:47:04:
1b:e0:88:de:fb:c3:3a:ca:0b:06:74:85:54:c1:bc:18:51:1a:
98:62:c9:31:0d:0e:4c:9f:0f:d7:42:ba:07:83:64:d6:b1:e7:
c3:4e:b4:e2:1f:7e:89:10:60:db:1f:97:71:cb:d6:eb:d4:77:
ea:c6:35:45:2d:a9:0e:52:55:ec:5d:3a:de:ec:d2:89:57:22:
c3:9c:f4:e6:dd:03:18:e9:9a:65:40:d2:93:16:aa:72:4f:09:
f8:ee:88:f8:e5:fc:68:31:46:80:03:d8:ad:b9:3d:0a:42:eb:
f8:f1:ab:a5:e2:e4:4d:4c:31:16:d1:8b:d6:67:05:66:a0:05:
e6:8c:d8:a3:64:6f:36:10:3f:a7:29:0f:2d:8a:ee:6a:96:30:
16:bb:11:93:5a:99:9b:d0:ce:27:30:d2:5d:e9:8e:ca:a5:cc:
fa:54:d1:8d:25:bb:77:12:dc:40:91:48:c1:8e:ef:2e:6c:f3:
26:1a:91:c1:d2:a8:98:6c:82:be:7d:b4:49:10:10:99:a3:c8:
5f:ff:f7:61
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYsaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTYxMTM3WhcNMjUwOTAzMTYxMTM3WjAYMRYw
FAYDVQQDEw02ODY5NGViZS0zMDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/45x2cpWeVsPoIuPXBie5XgNbyFKJTfq124O8Gfu/efmuGO3d1vaeCh
lGwIDxjhqlxqiq3p9vEGUimqe7mkgMWcMd8qXX4n8RTM5kai+uHIXJvIDiBoCSmF
3iEOdrMWA73uugQl3T5NgrWgaPuNVz+7VXn/gTTKoq8VMUofYCW25G783kTjIPRc
zgdcyqk3n+KeK3Kp1xHTsElHcafRq9zqKULe4ebtOcv/NBNapV1WKQ6pmOX5kKL2
dNxwDrpX8WyNT/uvNDNUYJ859go31epnc2HSi1cKjdy5o/oZZsdIXSbMJ8Afq4ne
CBTV62zJr2sj0HWmehxEiP94dnIn/QIDAQABo4ICszCCAq8wHQYDVR0OBBYEFAJ7
Weu+ztelnFs8Wsk0GN62taicMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDE5ODA1QzU5QkExMUYwODAzM0UxRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAms4WMAwDBAGa0sIDBACa
0sowDQYJKoZIhvcNAQELBQADggEBAE4JxqNprWRad9tfJK6Nj37p6YSNLdV1m9Sw
TC/0Ugj+SbVhDb4G3a8tq+xPBgpfaYPOM1NHBBvgiN77wzrKCwZ0hVTBvBhRGphi
yTENDkyfD9dCugeDZNax58NOtOIffokQYNsfl3HL1uvUd+rGNUUtqQ5SVexdOt7s
0olXIsOc9ObdAxjpmmVA0pMWqnJPCfjuiPjl/GgxRoAD2K25PQpC6/jxq6Xi5E1M
MRbRi9ZnBWagBeaM2KNkbzYQP6cpDy2K7mqWMBa7EZNamZvQzicw0l3pjsqlzPpU
0Y0lu3cS3ECRSMGO7y5s8yYakcHSqJhsgr59tEkQEJmjyF//92E=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:20 2025 by rpki-client