Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27500D3637F811F0BA03ADB6DAE4EC9C.roa
File: 27500D3637F811F0BA03ADB6DAE4EC9C.roa (raw, json)
Hash identifier: Xw1EGbY97fDiXhnp1DyzLWQzvwNt64zEFzBn5JR0laA=
Subject key identifier: A4:0E:D9:16:9F:3E:9D:2F:CF:CF:D0:79:72:A0:21:E4:32:B6:8E:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018239
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27500D3637F811F0BA03ADB6DAE4EC9C.roa
Signing time: Fri 23 May 2025 17:05:40 +0000
ROA not before: Fri 23 May 2025 17:05:35 +0000
ROA not after: Tue 01 Jul 2025 17:05:35 +0000
asID: 49505
IP address blocks: 154.223.204.0/24 maxlen: 24
154.223.205.0/24 maxlen: 24
154.223.206.0/24 maxlen: 24
154.223.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98873 (0x18239)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 17:05:35 2025 GMT
Not After : Jul 1 17:05:35 2025 GMT
Subject: CN=6830aae4-b12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f8:46:8a:26:70:5a:e1:d6:b0:16:81:68:20:
1c:43:58:80:be:10:43:be:33:63:b9:9a:59:f8:92:
26:f4:fa:8a:a3:2f:d3:03:bf:b9:a6:1e:55:8c:91:
e0:a5:d2:cf:dd:35:ab:bd:c9:5a:75:9f:33:da:af:
d1:44:2e:45:95:38:78:e6:42:07:7a:ee:a4:6e:e8:
7f:45:b1:63:0f:fa:49:da:58:f5:c1:dc:db:7a:42:
fc:75:7a:18:c5:9b:bc:43:54:eb:d5:7a:c4:99:95:
7a:aa:c3:94:a4:47:2c:32:6d:00:e6:cf:fb:e0:5d:
4f:56:e1:40:a1:de:81:7a:58:f6:be:77:a5:f1:37:
db:1e:05:3a:06:b4:51:39:2e:1d:ce:71:82:5b:46:
65:88:84:87:62:bb:b1:d4:67:86:f7:d9:14:f7:b3:
0d:07:e2:d0:ef:8f:2e:1d:a7:1f:7c:9b:a3:36:35:
12:c3:3e:88:7a:9b:14:b7:1b:52:d7:3a:4e:44:78:
62:02:da:ec:06:7b:bd:9e:66:38:35:94:ba:2c:9b:
03:1e:ad:b4:e9:dc:39:be:6d:6e:1b:68:9c:c2:cc:
3d:2d:8b:fa:20:15:ff:b2:49:1f:b1:00:03:54:67:
af:93:34:8c:31:ac:de:05:b0:fe:65:81:a0:a4:94:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0E:D9:16:9F:3E:9D:2F:CF:CF:D0:79:72:A0:21:E4:32:B6:8E:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/27500D3637F811F0BA03ADB6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.204.0/22
Signature Algorithm: sha256WithRSAEncryption
02:9c:2e:97:c9:be:42:a4:3f:68:d0:cc:d7:e2:4d:90:fc:9a:
8a:f2:35:8d:13:9f:6c:33:a3:60:3f:49:90:08:5a:52:52:ae:
7b:6a:08:01:ab:33:d3:87:b3:63:dc:1e:7a:77:c5:e6:bc:68:
97:49:49:27:5f:ce:a9:27:fd:e6:ac:69:7d:b5:b7:52:ad:0e:
c6:d0:b3:df:90:67:28:c6:9a:6a:a2:bd:f1:7c:c8:42:1e:32:
88:3a:49:78:9d:2b:46:88:11:e8:0f:37:54:f3:11:76:bf:cd:
e3:1c:28:64:c6:52:79:96:a4:52:c0:8a:43:57:e3:8d:36:8a:
d3:2b:33:f3:be:f9:1e:47:04:5f:07:07:1f:c0:d1:4f:96:86:
d5:62:13:ee:c2:e8:14:0c:2b:99:b2:5f:32:2d:e7:74:c0:7c:
6f:2d:71:54:b7:35:42:e5:ea:75:2f:ea:cf:15:81:6a:69:6f:
8b:95:14:e4:2a:80:81:0c:7b:0e:c6:07:ee:fc:a6:91:d9:9b:
10:fb:55:8c:ad:2b:71:9f:7f:3c:aa:b9:90:df:66:15:aa:d8:
5f:ca:ee:05:13:6f:6d:39:e5:e3:d0:00:3e:15:0e:41:20:e9:
83:8e:7c:fc:f8:ba:08:17:61:fb:5c:04:5b:51:5c:6e:e9:9a:
0a:f4:5a:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYI5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMTcwNTM1WhcNMjUwNzAxMTcwNTM1WjAYMRYw
FAYDVQQDEw02ODMwYWFlNC1iMTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3/hGiiZwWuHWsBaBaCAcQ1iAvhBDvjNjuZpZ+JIm9PqKoy/TA7+5ph5V
jJHgpdLP3TWrvcladZ8z2q/RRC5FlTh45kIHeu6kbuh/RbFjD/pJ2lj1wdzbekL8
dXoYxZu8Q1Tr1XrEmZV6qsOUpEcsMm0A5s/74F1PVuFAod6Belj2vnel8TfbHgU6
BrRROS4dznGCW0ZliISHYrux1GeG99kU97MNB+LQ748uHacffJujNjUSwz6IepsU
txtS1zpORHhiAtrsBnu9nmY4NZS6LJsDHq206dw5vm1uG2icwsw9LYv6IBX/skkf
sQADVGevkzSMMazeBbD+ZYGgpJSqlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKQO
2RafPp0vz8/QeXKgIeQyto4VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNzUwMEQzNjM3RjgxMUYwQkEwM0FEQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt/MMA0GCSqGSIb3DQEB
CwUAA4IBAQACnC6Xyb5CpD9o0MzX4k2Q/JqK8jWNE59sM6NgP0mQCFpSUq57aggB
qzPTh7Nj3B56d8XmvGiXSUknX86pJ/3mrGl9tbdSrQ7G0LPfkGcoxppqor3xfMhC
HjKIOkl4nStGiBHoDzdU8xF2v83jHChkxlJ5lqRSwIpDV+ONNorTKzPzvvkeRwRf
BwcfwNFPlobVYhPuwugUDCuZsl8yLed0wHxvLXFUtzVC5ep1L+rPFYFqaW+LlRTk
KoCBDHsOxgfu/KaR2ZsQ+1WMrStxn388qrmQ32YVqthfyu4FE29tOeXj0AA+FQ5B
IOmDjnz8+LoIF2H7XARbUVxu6ZoK9FqU
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:28:11 2025 by rpki-client