Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F71901AA59C511F09C0A9DBADAE4EC9C.roa
File: F71901AA59C511F09C0A9DBADAE4EC9C.roa (raw, json)
Hash identifier: ldXA3OnWsRuIbGZqJJD4WpUysCVwx9LbUnoxkm5vgDs=
Subject key identifier: 23:9C:17:35:D1:25:29:35:36:5E:F8:A6:46:49:B3:3C:AB:8A:FF:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018B32
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F71901AA59C511F09C0A9DBADAE4EC9C.roa
Signing time: Sat 05 Jul 2025 17:32:04 +0000
ROA not before: Sat 05 Jul 2025 17:31:59 +0000
ROA not after: Wed 03 Sep 2025 17:31:59 +0000
asID: 46071
IP address blocks: 154.209.6.0/24 maxlen: 24
154.209.7.0/24 maxlen: 24
154.210.203.0/24 maxlen: 24
154.210.204.0/24 maxlen: 24
154.210.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101170 (0x18b32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 17:31:59 2025 GMT
Not After : Sep 3 17:31:59 2025 GMT
Subject: CN=68696194-003b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:55:6b:0a:6e:a9:14:09:c2:44:c2:4b:96:95:
c9:b4:83:8f:a6:54:c2:e5:6e:89:b6:96:9d:57:10:
82:48:3b:38:c4:51:e7:5a:ab:74:13:26:09:a8:79:
09:cc:5d:e7:b7:a3:d5:af:ec:ae:75:82:56:f8:73:
c0:98:93:06:1f:0e:04:93:50:6d:79:0d:3b:87:c1:
0a:d4:4d:5c:a1:62:14:40:34:dc:99:ca:85:38:37:
db:8a:3f:c8:54:4a:02:79:72:a6:b5:d4:d6:1c:22:
52:31:b5:68:f9:2c:98:8f:a9:12:e2:af:45:54:1f:
f9:87:a8:01:20:19:18:d6:c1:92:dd:f1:77:38:00:
bf:ea:ce:54:21:6c:6d:1f:6f:44:bf:b5:a0:20:cc:
46:3e:f4:05:52:96:af:13:e9:2b:8d:1e:12:e6:f2:
f8:70:b4:cc:80:dd:7b:87:41:ed:04:42:84:ee:e9:
4c:30:d7:b5:cc:ab:18:ba:1e:d7:73:fb:cf:16:ad:
53:86:05:3e:b4:f1:d0:7f:f7:07:0f:da:42:d2:03:
5c:c5:54:2f:64:3c:26:e2:c7:12:73:97:1e:be:29:
a0:2e:d3:db:18:9c:20:65:c2:aa:e3:55:6f:d8:c6:
58:a4:7e:a5:5a:b7:fc:ed:d8:5d:60:53:f1:27:e7:
7f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9C:17:35:D1:25:29:35:36:5E:F8:A6:46:49:B3:3C:AB:8A:FF:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F71901AA59C511F09C0A9DBADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.6.0/23
154.210.203.0-154.210.204.255
154.210.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:e3:8d:a4:32:e0:a4:d5:00:fa:5c:24:84:57:41:b1:cd:af:
b0:5a:c7:b0:d3:2b:7a:35:6d:c0:16:38:f6:42:09:0d:d3:3b:
a9:03:66:29:01:ab:7e:7c:57:e5:45:12:cf:29:51:8b:89:d1:
4b:d1:8d:06:f0:61:1d:d9:3a:ba:83:29:d3:ef:33:4d:cb:70:
6e:89:34:e0:8a:e9:38:4a:1e:1c:68:55:25:ab:1a:3d:93:a1:
44:4c:f9:7b:ff:c7:c6:99:70:28:16:99:81:14:01:e5:a2:7a:
92:e4:42:82:ca:0a:e8:44:42:ea:5c:21:24:cc:d5:88:fc:7f:
3f:aa:55:05:fb:c0:0e:b2:c2:c1:0a:48:75:7c:7a:b7:af:9c:
a9:71:45:fc:70:f6:12:90:4f:0f:ea:64:fc:bd:e8:41:b9:59:
2e:54:50:61:62:b3:57:ba:bc:dd:2b:ff:81:ca:56:44:0f:27:
a3:c1:7e:9d:e8:49:03:5a:32:51:80:f6:57:ba:3a:fd:43:e0:
c8:6b:8f:a3:f2:d0:ca:55:58:61:a4:27:e8:a7:31:84:b8:7f:
d7:b1:53:87:25:0f:c7:a6:7f:42:a1:63:4e:c7:17:67:94:45:
44:8e:7a:88:59:70:85:3f:04:f4:e9:b8:ab:f4:46:dc:ab:23:
da:86:83:e1
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYsyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTczMTU5WhcNMjUwOTAzMTczMTU5WjAYMRYw
FAYDVQQDEw02ODY5NjE5NC0wMDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFVrCm6pFAnCRMJLlpXJtIOPplTC5W6JtpadVxCCSDs4xFHnWqt0EyYJ
qHkJzF3nt6PVr+yudYJW+HPAmJMGHw4Ek1BteQ07h8EK1E1coWIUQDTcmcqFODfb
ij/IVEoCeXKmtdTWHCJSMbVo+SyYj6kS4q9FVB/5h6gBIBkY1sGS3fF3OAC/6s5U
IWxtH29Ev7WgIMxGPvQFUpavE+krjR4S5vL4cLTMgN17h0HtBEKE7ulMMNe1zKsY
uh7Xc/vPFq1ThgU+tPHQf/cHD9pC0gNcxVQvZDwm4scSc5cevimgLtPbGJwgZcKq
41Vv2MZYpH6lWrf87dhdYFPxJ+d/sQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFCOc
FzXRJSk1Nl74pkZJszyriv97MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNzE5MDFBQTU5QzUxMUYwOUMwQTlEQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBmtEGMAwDBACa0ssDBACa
0swDBACa0t4wDQYJKoZIhvcNAQELBQADggEBAIrjjaQy4KTVAPpcJIRXQbHNr7Ba
x7DTK3o1bcAWOPZCCQ3TO6kDZikBq358V+VFEs8pUYuJ0UvRjQbwYR3ZOrqDKdPv
M03LcG6JNOCK6ThKHhxoVSWrGj2ToURM+Xv/x8aZcCgWmYEUAeWiepLkQoLKCuhE
QupcISTM1Yj8fz+qVQX7wA6ywsEKSHV8erevnKlxRfxw9hKQTw/qZPy96EG5WS5U
UGFis1e6vN0r/4HKVkQPJ6PBfp3oSQNaMlGA9le6Ov1D4Mhrj6Py0MpVWGGkJ+in
MYS4f9exU4clD8emf0KhY07HF2eURUSOeohZcIU/BPTpuKv0RtyrI9qGg+E=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:43 2025 by rpki-client