Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCB53B88632811F093D18BB8DAE4EC9C.roa
File: CCB53B88632811F093D18BB8DAE4EC9C.roa (raw, json)
Hash identifier: Kg5o15O3FmpyVrb/Z/uKb5bmLK2CWLnIV6kY9qo9/O0=
Subject key identifier: 8E:36:CA:F8:4C:44:6C:E5:79:D1:79:21:BC:5E:E2:0F:B4:39:F3:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E54
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCB53B88632811F093D18BB8DAE4EC9C.roa
Signing time: Thu 17 Jul 2025 16:12:14 +0000
ROA not before: Thu 17 Jul 2025 16:12:09 +0000
ROA not after: Sun 31 Aug 2025 16:12:09 +0000
asID: 44559
IP address blocks: 154.81.40.0/24 maxlen: 24
154.81.41.0/24 maxlen: 24
154.81.42.0/24 maxlen: 24
154.81.43.0/24 maxlen: 24
154.81.44.0/24 maxlen: 24
154.81.45.0/24 maxlen: 24
154.81.46.0/24 maxlen: 24
154.81.47.0/24 maxlen: 24
154.81.52.0/24 maxlen: 24
154.81.53.0/24 maxlen: 24
154.81.54.0/24 maxlen: 24
154.81.55.0/24 maxlen: 24
154.81.192.0/24 maxlen: 24
154.81.193.0/24 maxlen: 24
154.81.195.0/24 maxlen: 24
154.81.196.0/24 maxlen: 24
154.81.197.0/24 maxlen: 24
154.81.198.0/24 maxlen: 24
154.81.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101972 (0x18e54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 16:12:09 2025 GMT
Not After : Aug 31 16:12:09 2025 GMT
Subject: CN=687920de-7d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c5:49:76:7d:a7:2f:fe:31:97:e1:a8:93:da:
ee:d9:bb:fa:38:06:cc:e4:cd:a3:91:56:4c:59:46:
42:59:30:95:ee:70:ed:ce:1a:84:db:a0:c3:3d:66:
82:c1:74:05:33:d1:5e:c6:c8:79:8a:f8:95:2f:d6:
5f:4d:8e:4a:86:c7:2e:16:ea:94:8a:4c:aa:7e:31:
17:88:4b:04:62:dc:3d:74:63:52:63:ed:76:06:1b:
e2:23:cc:15:6c:db:01:af:a7:89:44:fe:65:22:5b:
c0:d2:1b:62:22:53:4e:7e:3a:96:84:ab:ab:c3:02:
be:48:d6:1f:e6:36:5a:bc:bf:85:8a:da:ca:f5:62:
cb:4f:79:a2:ed:3f:55:cf:01:48:07:58:93:7d:07:
25:e6:92:9c:af:fa:e0:d5:92:91:5f:dd:34:4c:0d:
75:48:c2:41:39:24:4f:70:bb:7a:ff:f0:e6:a6:3c:
fe:f5:ac:73:b0:4d:5c:2e:66:f8:59:69:55:2d:d2:
d7:e7:5f:66:f8:bf:46:09:a6:0e:df:8c:18:8c:5c:
b4:22:c7:7e:b3:9f:bd:0d:11:8d:9e:18:e0:d0:1f:
a4:f7:f2:aa:01:13:36:9e:28:e0:a5:8c:3f:90:38:
b4:2d:22:6d:76:dd:20:24:e8:d5:fd:7e:a8:64:eb:
9f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:CA:F8:4C:44:6C:E5:79:D1:79:21:BC:5E:E2:0F:B4:39:F3:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCB53B88632811F093D18BB8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.40.0/21
154.81.52.0/22
154.81.192.0/23
154.81.195.0-154.81.199.255
Signature Algorithm: sha256WithRSAEncryption
a9:37:c3:86:5e:77:72:8c:7d:0b:fa:a6:8a:4f:00:cf:7e:49:
6e:3d:c0:fe:72:e6:18:83:43:2d:a1:d5:97:ba:c1:90:4d:87:
87:e9:9e:cf:8e:db:4e:d6:a2:85:fa:fd:e3:38:40:d0:96:66:
cd:8c:66:69:6d:d0:d6:5c:27:86:08:5a:ff:c2:1f:2b:b6:de:
b2:6b:a7:1d:a6:ac:0d:6e:65:90:9f:df:4a:81:02:b2:6b:2c:
58:84:1d:9d:df:e6:a0:e8:ad:ca:d9:cc:8e:67:ec:09:4a:c4:
3c:bd:41:b4:91:50:62:98:e4:45:81:97:62:d0:35:5c:f0:80:
00:aa:30:c1:6a:cb:78:3a:9b:6b:3f:0b:76:9a:24:ef:c5:78:
5a:6d:99:fd:49:ed:86:af:58:5b:7d:1b:e8:b0:1b:e1:c0:ae:
46:da:6d:7e:a1:e1:19:ae:41:c6:65:89:47:5b:1a:1d:ad:45:
c1:36:44:21:79:ce:99:8c:b4:49:15:6a:97:8a:73:c4:dc:b4:
89:5b:fd:d4:3c:42:66:31:c1:20:00:3e:f9:16:50:27:00:53:
9b:ed:0f:dd:7d:27:d8:1c:80:0a:e2:5b:f4:27:47:64:cc:6f:
3b:cf:24:dc:0f:7b:08:18:6d:8b:3e:17:f6:37:7c:f7:22:0e:
c6:fb:0a:60
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAY5UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTYxMjA5WhcNMjUwODMxMTYxMjA5WjAYMRYw
FAYDVQQDEw02ODc5MjBkZS03ZDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvcVJdn2nL/4xl+Gok9ru2bv6OAbM5M2jkVZMWUZCWTCV7nDtzhqE26DD
PWaCwXQFM9Fexsh5iviVL9ZfTY5KhscuFuqUikyqfjEXiEsEYtw9dGNSY+12Bhvi
I8wVbNsBr6eJRP5lIlvA0htiIlNOfjqWhKurwwK+SNYf5jZavL+FitrK9WLLT3mi
7T9VzwFIB1iTfQcl5pKcr/rg1ZKRX900TA11SMJBOSRPcLt6//Dmpjz+9axzsE1c
Lmb4WWlVLdLX519m+L9GCaYO34wYjFy0Isd+s5+9DRGNnhjg0B+k9/KqARM2nijg
pYw/kDi0LSJtdt0gJOjV/X6oZOufZQIDAQABo4ICvzCCArswHQYDVR0OBBYEFI42
yvhMRGzledF5Ibxe4g+0OfOoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQ0I1M0I4ODYzMjgxMUYwOTNEMThCQjhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDmlEoAwQCmlE0AwQBmlHA
MAwDBACaUcMDBAOaUcAwDQYJKoZIhvcNAQELBQADggEBAKk3w4Zed3KMfQv6popP
AM9+SW49wP5y5hiDQy2h1Ze6wZBNh4fpns+O207WooX6/eM4QNCWZs2MZmlt0NZc
J4YIWv/CHyu23rJrpx2mrA1uZZCf30qBArJrLFiEHZ3f5qDorcrZzI5n7AlKxDy9
QbSRUGKY5EWBl2LQNVzwgACqMMFqy3g6m2s/C3aaJO/FeFptmf1J7YavWFt9G+iw
G+HArkbabX6h4RmuQcZliUdbGh2tRcE2RCF5zpmMtEkVapeKc8TctIlb/dQ8QmYx
wSAAPvkWUCcAU5vtD919J9gcgAriW/QnR2TMbzvPJNwPewgYbYs+F/Y3fPciDsb7
CmA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:45 2025 by rpki-client