Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E6FF72CA5E5411F0B357ECBADAE4EC9C.roa
File: E6FF72CA5E5411F0B357ECBADAE4EC9C.roa (raw, json)
Hash identifier: QbNfJKP6KfNjzGIe2eD1XysN6rOY1xfmJVLh8sZfgHQ=
Subject key identifier: C4:F8:2A:82:C3:5C:DC:70:D2:F1:FC:92:1B:D3:F6:DA:9B:C1:89:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E6FF72CA5E5411F0B357ECBADAE4EC9C.roa
Signing time: Fri 11 Jul 2025 12:45:20 +0000
ROA not before: Fri 11 Jul 2025 12:45:15 +0000
ROA not after: Sat 16 Aug 2025 12:45:15 +0000
asID: 22773
IP address blocks: 154.90.22.0/24 maxlen: 24
154.90.23.0/24 maxlen: 24
154.90.24.0/24 maxlen: 24
154.90.25.0/24 maxlen: 24
154.90.26.0/24 maxlen: 24
154.90.27.0/24 maxlen: 24
154.90.132.0/24 maxlen: 24
154.90.141.0/24 maxlen: 24
154.90.144.0/24 maxlen: 24
154.90.145.0/24 maxlen: 24
154.90.146.0/24 maxlen: 24
154.90.147.0/24 maxlen: 24
154.90.148.0/24 maxlen: 24
154.90.149.0/24 maxlen: 24
154.90.150.0/24 maxlen: 24
154.90.151.0/24 maxlen: 24
154.90.152.0/24 maxlen: 24
154.90.153.0/24 maxlen: 24
154.90.154.0/24 maxlen: 24
154.90.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101752 (0x18d78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 12:45:15 2025 GMT
Not After : Aug 16 12:45:15 2025 GMT
Subject: CN=68710760-4e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bc:c9:75:f9:fc:0f:ee:51:ec:63:8d:ab:1d:
06:20:bb:02:6c:4f:c6:e3:29:bc:76:16:93:5f:d5:
d1:dd:fa:76:ca:43:58:a3:db:1a:cf:a8:16:86:0e:
8b:56:d0:7f:ac:34:d1:ab:4f:2c:71:bc:ff:24:34:
b3:06:c2:ad:c4:13:3c:74:2d:21:e5:06:b2:23:81:
82:ca:11:9a:e3:2e:f1:d7:68:23:ed:8b:6f:82:67:
b0:33:c1:15:23:98:12:52:01:07:c9:4c:20:06:fa:
69:cb:8f:ae:5e:70:ca:ad:f3:ec:96:c3:a4:cc:b8:
46:33:b7:e2:db:2b:c5:cb:a1:15:1c:4d:e8:76:88:
ae:31:be:44:f8:c6:40:1e:7c:70:2b:48:47:a1:c2:
43:30:a1:ae:8d:aa:67:92:50:4c:8e:4d:5d:82:f3:
73:f8:a2:a0:ee:df:c7:5f:4a:9b:c4:e1:d1:48:09:
71:47:42:24:87:74:6d:6a:6b:4c:91:73:50:dd:27:
2a:84:9d:f4:9b:a8:29:0c:d9:57:f0:87:5b:e8:fc:
01:24:24:4e:8b:13:9d:bf:26:6b:c1:5b:29:cb:d1:
bd:b8:17:23:20:e7:c5:13:ac:ce:53:0b:53:6a:7d:
fc:73:74:21:8f:e2:76:4e:02:1c:37:6e:aa:98:01:
a9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F8:2A:82:C3:5C:DC:70:D2:F1:FC:92:1B:D3:F6:DA:9B:C1:89:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E6FF72CA5E5411F0B357ECBADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.22.0-154.90.27.255
154.90.132.0/24
154.90.141.0/24
154.90.144.0-154.90.155.255
Signature Algorithm: sha256WithRSAEncryption
53:92:b2:c3:6d:d4:6c:3f:39:e6:96:bc:e0:cf:81:ec:51:0d:
57:91:f4:5e:4c:66:3c:86:d6:94:f6:f5:39:ad:51:b4:fd:de:
db:84:cd:ae:ef:07:46:8b:6e:76:e0:6a:d0:9a:30:88:4c:ec:
a7:68:5f:1f:46:5b:27:b3:43:d7:1b:ae:7a:55:ae:7b:29:b0:
6f:f9:5d:c4:44:58:17:22:56:01:a6:a0:9e:2f:61:0a:ea:34:
1f:6f:2f:88:bc:37:7e:f8:94:57:8a:1d:ad:12:c1:f4:eb:62:
59:39:91:87:d9:5d:bf:4e:ed:a4:ca:8d:cf:50:22:3f:0e:6f:
ab:4e:8e:f3:c4:7c:2d:6c:70:cb:ba:cb:59:ac:cf:36:1a:a2:
a5:64:82:2f:e4:38:fc:88:41:31:1e:73:d2:a0:53:e5:3e:16:
ca:72:74:2d:ea:d4:ef:3f:f5:05:4a:a8:83:7b:c1:4a:24:86:
5f:c1:68:75:ac:f0:c2:a3:84:97:18:7d:98:bc:3b:fd:69:98:
50:75:91:28:41:13:63:ef:43:96:87:88:94:8f:8d:71:cb:e6:
fc:8c:f7:22:c9:96:b4:3a:ed:51:3f:2e:74:19:2b:31:b7:c3:
01:26:ac:b5:28:83:86:37:f1:46:dc:89:0e:ee:95:e8:33:a3:
2c:1c:fa:4c
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAY14MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTI0NTE1WhcNMjUwODE2MTI0NTE1WjAYMRYw
FAYDVQQDEw02ODcxMDc2MC00ZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5bzJdfn8D+5R7GONqx0GILsCbE/G4ym8dhaTX9XR3fp2ykNYo9saz6gW
hg6LVtB/rDTRq08scbz/JDSzBsKtxBM8dC0h5QayI4GCyhGa4y7x12gj7Ytvgmew
M8EVI5gSUgEHyUwgBvppy4+uXnDKrfPslsOkzLhGM7fi2yvFy6EVHE3odoiuMb5E
+MZAHnxwK0hHocJDMKGujapnklBMjk1dgvNz+KKg7t/HX0qbxOHRSAlxR0Ikh3Rt
amtMkXNQ3ScqhJ30m6gpDNlX8Idb6PwBJCROixOdvyZrwVspy9G9uBcjIOfFE6zO
UwtTan38c3Qhj+J2TgIcN26qmAGpgQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFMT4
KoLDXNxw0vH8khvT9tqbwYlnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNkZGNzJDQTVFNTQxMUYwQjM1N0VDQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAGaWhYDBAKaWhgDBACa
WoQDBACaWo0wDAMEBJpakAMEAppamDANBgkqhkiG9w0BAQsFAAOCAQEAU5Kyw23U
bD855pa84M+B7FENV5H0XkxmPIbWlPb1Oa1RtP3e24TNru8HRotuduBq0JowiEzs
p2hfH0ZbJ7ND1xuuelWueymwb/ldxERYFyJWAaagni9hCuo0H28viLw3fviUV4od
rRLB9OtiWTmRh9ldv07tpMqNz1AiPw5vq06O88R8LWxwy7rLWazPNhqipWSCL+Q4
/IhBMR5z0qBT5T4WynJ0LerU7z/1BUqog3vBSiSGX8FodazwwqOElxh9mLw7/WmY
UHWRKEETY+9DloeIlI+Nccvm/Iz3IsmWtDrtUT8udBkrMbfDASastSiDhjfxRtyJ
Du6V6DOjLBz6TA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:09 2025 by rpki-client