Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/137E0BD258E111F0A4F2C3E7DAE4EC9C.roa
File: 137E0BD258E111F0A4F2C3E7DAE4EC9C.roa (raw, json)
Hash identifier: 5RR0h8aBDNtKY5Mh/SDpKm43y7FEkqoib+cR61yZ1Ws=
Subject key identifier: C6:04:6F:84:59:76:FF:43:3C:76:BD:49:6D:79:CA:B8:E4:C0:92:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/137E0BD258E111F0A4F2C3E7DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 14:13:37 +0000
ROA not before: Fri 04 Jul 2025 14:13:31 +0000
ROA not after: Sat 23 Aug 2025 14:13:31 +0000
asID: 21859
IP address blocks: 154.198.164.0/24 maxlen: 24
154.202.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100964 (0x18a64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 14:13:31 2025 GMT
Not After : Aug 23 14:13:31 2025 GMT
Subject: CN=6867e191-2802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3c:5d:43:49:22:33:7a:f6:7d:a9:a5:f4:3e:
59:f9:78:99:a3:a2:22:0d:53:3a:12:d6:14:a0:92:
bf:b7:b0:ba:11:52:0f:5a:70:fe:cd:93:3d:e1:f6:
10:d5:17:a2:ac:e4:e8:65:c6:bb:0f:4a:ee:0d:c2:
3a:24:4a:04:a4:23:b6:f1:98:2a:b2:fb:b3:1d:29:
e2:05:4a:42:28:fa:3d:e0:c0:56:6d:3b:38:77:e5:
b9:55:06:8b:c3:8b:45:bf:7a:45:0e:0b:04:fe:10:
91:83:3f:60:a5:d3:1b:59:cf:fd:cf:5d:b1:0f:09:
cf:c7:81:24:62:88:ae:92:6c:ac:22:54:05:ea:6e:
a1:cf:dd:f8:b7:08:f8:96:31:00:ab:c1:ca:b9:1b:
00:24:10:b5:67:c9:59:26:b0:a3:f5:74:7b:d1:2e:
67:0f:aa:cc:30:26:ae:f6:ed:8c:fa:89:55:bc:2a:
58:c9:48:35:74:87:ed:db:32:ae:43:4a:f3:68:e7:
ce:ab:d8:b4:80:88:6a:7a:07:94:12:1e:9b:5e:1d:
0d:f1:56:94:f6:2c:7a:6e:8b:37:67:35:af:cc:ba:
84:af:15:7b:f6:a4:d4:2e:72:cb:f2:6d:7a:91:de:
d2:d1:f1:f2:1f:65:82:01:e7:1d:98:e2:1b:76:66:
8e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:04:6F:84:59:76:FF:43:3C:76:BD:49:6D:79:CA:B8:E4:C0:92:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/137E0BD258E111F0A4F2C3E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.164.0/24
154.202.115.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ac:bb:d7:3e:07:6f:fa:de:07:7b:6f:c0:2a:c9:ee:ed:35:
eb:5e:ef:5d:d9:75:2f:a2:89:b3:3f:04:77:5f:04:8d:c0:27:
e5:1c:b6:b8:39:40:72:8e:fe:21:03:dc:f6:20:ff:22:ec:6b:
03:ea:be:9c:78:27:91:13:26:7d:76:4c:cf:41:dd:b3:2b:ac:
00:85:59:f3:12:77:82:f5:55:d6:61:45:f5:cf:e5:48:e4:9f:
ab:5c:7b:0d:4a:58:80:7d:b6:46:9a:e1:87:7b:be:b2:79:e2:
32:d5:c0:4b:ca:ac:80:c9:66:fe:2d:be:af:a6:64:d2:eb:b3:
d4:e8:18:4d:04:59:97:f3:c9:ca:5d:14:ac:d2:a4:fc:c8:55:
e8:36:72:00:8d:3f:e5:d0:11:88:6b:19:e2:b3:20:b2:b2:b0:
48:44:9c:65:c6:f3:56:8f:93:90:98:b2:16:8d:ca:f0:b4:a9:
e0:23:5b:cf:48:9a:42:25:da:0c:47:d3:c7:95:81:c6:97:59:
6e:bf:03:0d:40:d5:55:02:c0:4d:da:61:c8:21:c7:72:f8:9d:
4e:e1:95:30:c8:7e:3e:1f:46:e3:2d:27:86:1a:1e:28:15:88:
c5:e7:4e:57:89:c0:a1:2c:58:fb:12:99:de:3a:55:1d:d1:3f:
2f:0d:e1:12
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYpkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTQxMzMxWhcNMjUwODIzMTQxMzMxWjAYMRYw
FAYDVQQDEw02ODY3ZTE5MS0yODAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0TxdQ0kiM3r2faml9D5Z+XiZo6IiDVM6EtYUoJK/t7C6EVIPWnD+zZM9
4fYQ1ReirOToZca7D0ruDcI6JEoEpCO28ZgqsvuzHSniBUpCKPo94MBWbTs4d+W5
VQaLw4tFv3pFDgsE/hCRgz9gpdMbWc/9z12xDwnPx4EkYoiukmysIlQF6m6hz934
twj4ljEAq8HKuRsAJBC1Z8lZJrCj9XR70S5nD6rMMCau9u2M+olVvCpYyUg1dIft
2zKuQ0rzaOfOq9i0gIhqegeUEh6bXh0N8VaU9ix6bos3ZzWvzLqErxV79qTULnLL
8m16kd7S0fHyH2WCAecdmOIbdmaO0QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMYE
b4RZdv9DPHa9SW15yrjkwJJOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzdFMEJEMjU4RTExMUYwQTRGMkMzRTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsakAwQAmspzMA0GCSqG
SIb3DQEBCwUAA4IBAQAorLvXPgdv+t4He2/AKsnu7TXrXu9d2XUvoomzPwR3XwSN
wCflHLa4OUByjv4hA9z2IP8i7GsD6r6ceCeREyZ9dkzPQd2zK6wAhVnzEneC9VXW
YUX1z+VI5J+rXHsNSliAfbZGmuGHe76yeeIy1cBLyqyAyWb+Lb6vpmTS67PU6BhN
BFmX88nKXRSs0qT8yFXoNnIAjT/l0BGIaxnisyCysrBIRJxlxvNWj5OQmLIWjcrw
tKngI1vPSJpCJdoMR9PHlYHGl1luvwMNQNVVAsBN2mHIIcdy+J1O4ZUwyH4+H0bj
LSeGGh4oFYjF505XicChLFj7EpneOlUd0T8vDeES
-----END CERTIFICATE-----
Generated at Mon Jul 7 02:45:34 2025 by rpki-client