Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8CB961C58BD11F0BE210F89DAE4EC9C.roa
File: D8CB961C58BD11F0BE210F89DAE4EC9C.roa (raw, json)
Hash identifier: fctthwsZRnffDArpC1SUHW5YXah6Ns6Dvo09uFfVYjA=
Subject key identifier: C1:78:98:25:C7:F9:F6:26:56:60:98:70:E6:93:20:2E:60:A4:25:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A44
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8CB961C58BD11F0BE210F89DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 10:01:26 +0000
ROA not before: Fri 04 Jul 2025 10:01:21 +0000
ROA not after: Sat 09 Aug 2025 10:01:21 +0000
asID: 200373
IP address blocks: 154.193.152.0/22 maxlen: 24
154.193.158.0/23 maxlen: 24
154.199.14.0/23 maxlen: 24
154.199.68.0/23 maxlen: 24
154.213.160.0/21 maxlen: 24
154.213.193.0/24 maxlen: 24
154.213.194.0/24 maxlen: 24
154.213.195.0/24 maxlen: 24
154.213.196.0/24 maxlen: 24
154.213.197.0/24 maxlen: 24
154.213.198.0/24 maxlen: 24
154.213.199.0/24 maxlen: 24
154.213.202.0/24 maxlen: 24
154.213.203.0/24 maxlen: 24
154.213.204.0/24 maxlen: 24
154.214.1.0/24 maxlen: 24
154.222.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100932 (0x18a44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 10:01:21 2025 GMT
Not After : Aug 9 10:01:21 2025 GMT
Subject: CN=6867a676-0223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:79:ea:27:08:a0:9f:2d:cc:b3:57:07:2d:
a4:49:e5:5b:9c:2a:1c:18:19:84:d3:66:34:3b:28:
79:1c:94:fe:e6:4f:8a:50:1d:db:7f:05:b0:df:0f:
2c:fd:6e:08:df:67:2e:6e:ac:c5:88:b7:8b:c6:cc:
cd:74:33:0f:04:39:08:49:27:1c:16:f0:1c:44:5c:
c8:69:53:7c:58:f9:29:18:48:4b:13:5a:8f:69:7e:
d8:02:64:51:c0:bb:16:6e:e0:8d:af:46:ba:14:11:
ff:79:16:0e:cf:1b:1b:1f:84:e8:78:e4:cd:d0:23:
eb:95:ef:7c:03:9f:93:58:87:a9:50:1f:a6:f4:3b:
3c:43:88:a0:bb:0b:e6:1a:ae:f6:6e:58:68:32:7d:
9a:37:ef:59:fd:a4:b7:ef:05:52:23:e1:1a:57:3d:
c3:70:12:0a:7f:41:d4:4b:ed:c1:92:18:a3:81:de:
b0:c7:e7:a4:26:e2:0d:04:08:28:f4:e8:ec:53:46:
33:86:97:b8:4d:89:f0:38:35:f8:3b:64:33:b9:66:
7d:aa:7b:51:f9:3d:f4:8b:b0:e1:66:fc:0e:51:50:
be:e0:7f:c8:03:8d:75:e3:71:d5:99:64:ef:b4:1f:
48:fc:b9:b2:d6:b6:6a:80:a9:b0:1c:1c:f1:30:03:
5d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:78:98:25:C7:F9:F6:26:56:60:98:70:E6:93:20:2E:60:A4:25:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8CB961C58BD11F0BE210F89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.152.0/22
154.193.158.0/23
154.199.14.0/23
154.199.68.0/23
154.213.160.0/21
154.213.193.0-154.213.199.255
154.213.202.0-154.213.204.255
154.214.1.0/24
154.222.132.0/24
Signature Algorithm: sha256WithRSAEncryption
74:1a:77:0f:e1:b5:00:93:40:5a:c4:4a:be:a8:ae:63:b9:86:
f4:c0:91:6e:77:d6:4a:4b:1f:bd:97:34:cd:d4:78:cc:f3:84:
bd:38:f0:ef:39:20:42:0a:d0:4b:ea:ef:3c:4b:d0:67:8f:fc:
66:23:cb:84:8f:08:46:47:66:2b:6b:c5:09:b3:4b:e8:82:c7:
17:36:aa:e2:cf:3b:3b:e5:5f:5a:a5:0a:7f:59:9c:fc:d1:7e:
d9:16:17:f4:bd:9a:c8:a7:b6:fc:b9:8f:53:8a:dc:70:c9:c5:
14:cb:03:e8:be:b6:54:ce:88:a9:f8:b3:93:ca:54:88:9e:48:
bf:04:ff:e8:7d:9c:6d:22:be:f8:87:ca:fc:cc:e3:cd:09:90:
e0:2b:6f:f4:30:b4:79:7a:b0:34:db:54:c6:89:a8:2f:0b:1a:
0e:fd:1a:95:a4:83:58:2d:a3:0a:ef:c8:b1:55:99:bb:48:77:
2a:1b:db:fa:0a:49:f2:38:cc:0a:df:cb:ad:a9:e5:b9:c9:27:
bb:af:02:a3:27:f6:97:50:fa:18:0d:fb:ba:cb:ce:25:81:34:
8f:c5:94:bb:2d:1c:c6:19:c8:7d:4d:f7:b3:6a:1e:01:e8:b7:
24:b6:9e:d2:60:3a:d0:87:3c:07:98:1b:ca:18:96:33:c7:a7:
e5:99:a4:8a
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIDAYpEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTAwMTIxWhcNMjUwODA5MTAwMTIxWjAYMRYw
FAYDVQQDEw02ODY3YTY3Ni0wMjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAted56icIoJ8tzLNXBy2kSeVbnCocGBmE02Y0Oyh5HJT+5k+KUB3bfwWw
3w8s/W4I32cubqzFiLeLxszNdDMPBDkISSccFvAcRFzIaVN8WPkpGEhLE1qPaX7Y
AmRRwLsWbuCNr0a6FBH/eRYOzxsbH4ToeOTN0CPrle98A5+TWIepUB+m9Ds8Q4ig
uwvmGq72blhoMn2aN+9Z/aS37wVSI+EaVz3DcBIKf0HUS+3Bkhijgd6wx+ekJuIN
BAgo9OjsU0Yzhpe4TYnwODX4O2QzuWZ9qntR+T30i7DhZvwOUVC+4H/IA41143HV
mWTvtB9I/Lmy1rZqgKmwHBzxMANd5wIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFMF4
mCXH+fYmVmCYcOaTIC5gpCVHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOENCOTYxQzU4QkQxMUYwQkUyMTBGODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCmsGYAwQBmsGeAwQBmscO
AwQBmsdEAwQDmtWgMAwDBACa1cEDBAOa1cAwDAMEAZrVygMEAJrVzAMEAJrWAQME
AJrehDANBgkqhkiG9w0BAQsFAAOCAQEAdBp3D+G1AJNAWsRKvqiuY7mG9MCRbnfW
SksfvZc0zdR4zPOEvTjw7zkgQgrQS+rvPEvQZ4/8ZiPLhI8IRkdmK2vFCbNL6ILH
Fzaq4s87O+VfWqUKf1mc/NF+2RYX9L2ayKe2/LmPU4rccMnFFMsD6L62VM6Iqfiz
k8pUiJ5IvwT/6H2cbSK++IfK/MzjzQmQ4Ctv9DC0eXqwNNtUxomoLwsaDv0alaSD
WC2jCu/IsVWZu0h3Khvb+gpJ8jjMCt/Lranlucknu68Coyf2l1D6GA37usvOJYE0
j8WUuy0cxhnIfU33s2oeAei3JLae0mA60Ic8B5gbyhiWM8en5Zmkig==
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:35:36 2025 by rpki-client