Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33B6BEA238A311F0A4F1CE95DAE4EC9C.roa
File: 33B6BEA238A311F0A4F1CE95DAE4EC9C.roa (raw, json)
Hash identifier: PJ/TjCuOoUoMuCJOwCkwWFsJGnzNtcL96wY2G54eEbo=
Subject key identifier: B6:2B:EB:C2:A4:03:18:08:6C:E4:B2:18:BA:C9:59:F5:A2:62:73:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018288
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33B6BEA238A311F0A4F1CE95DAE4EC9C.roa
Signing time: Sat 24 May 2025 13:30:05 +0000
ROA not before: Sat 24 May 2025 13:30:00 +0000
ROA not after: Sun 29 Jun 2025 13:30:00 +0000
asID: 214143
IP address blocks: 154.196.214.0/24 maxlen: 24
154.203.196.0/22 maxlen: 24
154.203.208.0/22 maxlen: 24
154.206.11.0/24 maxlen: 24
154.208.88.0/22 maxlen: 24
154.212.144.0/23 maxlen: 24
154.212.146.0/23 maxlen: 24
154.222.80.0/23 maxlen: 24
154.222.82.0/23 maxlen: 24
154.222.84.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98952 (0x18288)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 24 13:30:00 2025 GMT
Not After : Jun 29 13:30:00 2025 GMT
Subject: CN=6831c9dd-3d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:06:eb:cc:ab:1c:0b:39:88:19:81:fe:6d:07:
67:8c:e5:d9:3e:b9:1b:62:1c:b4:b5:22:04:dc:ba:
b2:72:45:c5:76:7f:f6:ef:64:e2:6b:48:23:89:fd:
c1:76:a1:eb:ef:be:06:c3:5b:19:5f:65:f1:4a:52:
1a:9a:e2:b1:cd:e5:12:e3:0c:d3:5d:e7:3f:ae:0c:
5d:a4:83:6d:fb:68:53:a5:fe:ef:3d:a8:6e:48:89:
bb:5c:cc:07:68:2a:7d:db:d5:0e:12:9d:31:8b:b7:
4e:31:b0:7c:62:d9:5e:a7:ca:54:34:e1:45:20:da:
da:cd:ab:e9:09:b4:ce:9b:1d:00:4c:f9:b0:5a:5c:
61:93:31:ea:67:17:8e:ba:9b:b9:ec:f6:3a:77:52:
63:df:c4:63:7e:f4:5f:6b:97:8c:c3:b3:02:12:e8:
9a:ee:1e:f3:a4:5e:9d:53:0c:d5:94:23:63:d4:51:
17:90:ac:36:e1:3b:ea:3a:8c:fe:c8:13:05:90:b0:
e6:3e:64:47:fb:a7:f3:d3:96:3b:fc:96:f7:3b:d4:
b4:74:62:3e:08:de:95:10:bb:3f:db:92:65:1f:b9:
bc:07:43:41:7c:d7:22:6d:c7:d5:46:b0:08:3a:3d:
c4:a8:e8:b1:2d:64:5b:36:83:f2:55:46:79:1b:ce:
8a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2B:EB:C2:A4:03:18:08:6C:E4:B2:18:BA:C9:59:F5:A2:62:73:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33B6BEA238A311F0A4F1CE95DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.214.0/24
154.203.196.0/22
154.203.208.0/22
154.206.11.0/24
154.208.88.0/22
154.212.144.0/22
154.222.80.0-154.222.85.255
Signature Algorithm: sha256WithRSAEncryption
0a:dc:ef:a8:ef:e6:13:3e:8e:16:d7:76:3e:7b:25:f8:a1:cb:
8f:76:78:23:c4:7d:fe:a4:f0:3f:e4:79:7f:6b:5e:7c:5d:57:
4a:ee:5a:41:71:e2:fd:fa:df:f4:f8:fc:99:6b:b6:3c:9f:5f:
1e:ba:4a:c2:ba:7a:39:16:33:69:36:a3:a3:e3:65:9c:36:fc:
40:fd:68:f7:11:08:a2:a1:d6:dc:5e:a5:40:24:e2:df:2b:5a:
5d:2b:2d:ca:80:97:e6:bf:a3:53:d9:02:fb:a2:49:a4:28:31:
da:53:28:2a:48:dd:57:93:23:b3:fd:4f:80:fa:7a:8b:62:1b:
30:c3:e1:34:5c:1b:3f:de:fc:e3:96:98:6f:ce:85:11:c4:55:
60:b7:0d:bb:50:36:7c:cb:4d:bd:68:e1:e0:f1:c9:01:30:ec:
8c:62:42:59:90:fd:dd:d7:49:20:36:31:a0:8c:a6:3a:37:0c:
c9:fd:85:e8:6f:34:4f:a4:76:99:2a:a8:d1:a2:a6:bf:cf:fb:
6f:a0:a7:74:85:a4:50:99:b7:9c:6f:33:bc:eb:cd:af:ab:a9:
a1:c4:7f:e3:fe:a7:2d:dd:eb:75:06:9a:de:e3:cd:48:e8:4b:
c2:09:01:ac:a9:2c:6f:4b:ef:e3:2b:45:ec:71:72:8b:7b:8c:
b2:0b:c7:e9
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIDAYKIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI0MTMzMDAwWhcNMjUwNjI5MTMzMDAwWjAYMRYw
FAYDVQQDEw02ODMxYzlkZC0zZDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQbrzKscCzmIGYH+bQdnjOXZPrkbYhy0tSIE3LqyckXFdn/272Tia0gj
if3BdqHr774Gw1sZX2XxSlIamuKxzeUS4wzTXec/rgxdpINt+2hTpf7vPahuSIm7
XMwHaCp929UOEp0xi7dOMbB8Ytlep8pUNOFFINrazavpCbTOmx0ATPmwWlxhkzHq
ZxeOupu57PY6d1Jj38RjfvRfa5eMw7MCEuia7h7zpF6dUwzVlCNj1FEXkKw24Tvq
Ooz+yBMFkLDmPmRH+6fz05Y7/Jb3O9S0dGI+CN6VELs/25JlH7m8B0NBfNcibcfV
RrAIOj3EqOixLWRbNoPyVUZ5G86KHQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFLYr
68KkAxgIbOSyGLrJWfWiYnNjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0I2QkVBMjM4QTMxMUYwQTRGMUNFOTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAmsTWAwQCmsvEAwQCmsvQ
AwQAms4LAwQCmtBYAwQCmtSQMAwDBASa3lADBAGa3lQwDQYJKoZIhvcNAQELBQAD
ggEBAArc76jv5hM+jhbXdj57Jfihy492eCPEff6k8D/keX9rXnxdV0ruWkFx4v36
3/T4/JlrtjyfXx66SsK6ejkWM2k2o6PjZZw2/ED9aPcRCKKh1txepUAk4t8rWl0r
LcqAl+a/o1PZAvuiSaQoMdpTKCpI3VeTI7P9T4D6eotiGzDD4TRcGz/e/OOWmG/O
hRHEVWC3DbtQNnzLTb1o4eDxyQEw7IxiQlmQ/d3XSSA2MaCMpjo3DMn9hehvNE+k
dpkqqNGipr/P+2+gp3SFpFCZt5xvM7zrza+rqaHEf+P+py3d63UGmt7jzUjoS8IJ
AaypLG9L7+MrRexxcot7jLILx+k=
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:25:45 2025 by rpki-client