Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/559C30EE406C11F0B5F691BCDAE4EC9C.roa
File: 559C30EE406C11F0B5F691BCDAE4EC9C.roa (raw, json)
Hash identifier: osot7lS+lCCqgws1KYHcpFlzd/PyATag7MzeMkdi4BE=
Subject key identifier: F0:F9:76:BE:B2:98:AF:42:8C:CD:7D:4B:37:62:46:35:BF:DC:40:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018469
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/559C30EE406C11F0B5F691BCDAE4EC9C.roa
Signing time: Tue 03 Jun 2025 11:17:29 +0000
ROA not before: Tue 03 Jun 2025 11:17:24 +0000
ROA not after: Fri 11 Jul 2025 11:17:24 +0000
asID: 150698
IP address blocks: 154.197.72.0/24 maxlen: 24
154.197.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99433 (0x18469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 3 11:17:24 2025 GMT
Not After : Jul 11 11:17:24 2025 GMT
Subject: CN=683ed9c9-93fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a1:72:ff:cf:d0:35:c5:1e:b7:25:28:62:98:
0c:6f:4a:76:ee:59:11:d4:d2:4c:2b:21:d0:10:a5:
04:9b:77:f0:23:65:39:05:3c:20:88:14:8c:b1:06:
cb:0f:26:3c:b1:e6:c2:2f:58:19:6a:0e:03:fb:bb:
f7:d0:f9:31:fe:26:10:4e:c2:a4:dc:83:fa:29:cb:
2b:10:2e:73:33:b2:ef:41:13:83:a1:1f:9e:ba:e9:
ad:a0:fa:58:7c:64:54:05:26:4d:42:1f:40:f1:f2:
ad:2b:9b:ca:05:96:60:8a:ee:cd:8d:b4:c9:43:d0:
5f:8e:25:49:83:a8:11:a5:39:97:bc:24:51:2e:88:
af:f2:06:6d:31:ac:3e:28:ff:f7:a0:6a:ee:5b:ea:
95:e7:6e:40:f3:fa:fa:96:97:0b:7d:5c:28:01:ce:
27:9e:b8:78:fa:e7:77:6b:de:df:cf:97:54:82:20:
4e:88:d7:c9:52:fd:55:f1:d4:be:3b:be:af:22:33:
02:23:65:c3:e6:60:a9:00:d6:5d:aa:a9:a9:22:80:
0c:35:d7:90:34:f0:2f:8f:63:24:23:3f:24:64:b0:
20:d4:ec:8d:4b:2f:68:82:54:81:20:f6:10:39:5b:
8f:77:7a:ac:86:87:75:48:14:9e:a3:e9:22:d5:a3:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F9:76:BE:B2:98:AF:42:8C:CD:7D:4B:37:62:46:35:BF:DC:40:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/559C30EE406C11F0B5F691BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.72.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:4a:5d:8d:31:6a:02:15:4d:8c:03:70:49:35:fc:fb:02:c7:
e5:69:3d:cf:3c:c0:3c:b2:b7:d4:b7:f7:71:5c:fa:c1:08:e9:
13:8a:4b:2a:2c:0b:a1:95:11:a7:d7:7e:2b:89:8c:97:93:42:
e9:ec:fb:51:ef:2d:96:5b:e4:8c:d4:8e:a0:34:ab:49:75:07:
54:17:64:54:5e:a1:a5:16:a0:c6:92:57:7e:a0:27:3c:37:24:
8f:bb:74:3f:ac:07:0a:08:fa:62:35:e9:45:b3:45:53:df:e9:
86:5c:bf:3e:81:43:b9:d6:28:a8:a0:d0:5e:00:c5:a1:36:22:
fc:e9:9c:49:ca:49:d1:86:2c:3a:eb:cc:8d:2b:9a:c3:85:3d:
8d:c1:9c:d8:be:54:c3:46:af:40:a0:0c:b2:06:b9:f0:fd:3a:
5b:cb:01:e0:15:c4:9a:1e:93:6c:32:2d:a5:a5:e9:61:bf:28:
0c:0c:48:99:5b:44:20:6f:53:2b:81:cb:41:28:d3:af:bf:09:
6c:46:ed:57:d2:61:b7:ea:db:59:c6:ec:af:b6:e6:fd:fd:40:
8c:b2:98:cb:6f:92:cb:27:88:45:17:a3:ed:18:70:54:48:c4:
2c:46:c2:88:18:d1:bf:0a:25:c6:97:d7:4f:7b:5c:c5:58:3b:
a9:d6:2e:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYRpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAzMTExNzI0WhcNMjUwNzExMTExNzI0WjAYMRYw
FAYDVQQDEw02ODNlZDljOS05M2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyKFy/8/QNcUetyUoYpgMb0p27lkR1NJMKyHQEKUEm3fwI2U5BTwgiBSM
sQbLDyY8sebCL1gZag4D+7v30Pkx/iYQTsKk3IP6KcsrEC5zM7LvQRODoR+euumt
oPpYfGRUBSZNQh9A8fKtK5vKBZZgiu7NjbTJQ9BfjiVJg6gRpTmXvCRRLoiv8gZt
Maw+KP/3oGruW+qV525A8/r6lpcLfVwoAc4nnrh4+ud3a97fz5dUgiBOiNfJUv1V
8dS+O76vIjMCI2XD5mCpANZdqqmpIoAMNdeQNPAvj2MkIz8kZLAg1OyNSy9oglSB
IPYQOVuPd3qshod1SBSeo+ki1aOx0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPD5
dr6ymK9CjM19SzdiRjW/3ECBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTlDMzBFRTQwNkMxMUYwQjVGNjkxQkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsVIMA0GCSqGSIb3DQEB
CwUAA4IBAQBqSl2NMWoCFU2MA3BJNfz7AsflaT3PPMA8srfUt/dxXPrBCOkTiksq
LAuhlRGn134riYyXk0Lp7PtR7y2WW+SM1I6gNKtJdQdUF2RUXqGlFqDGkld+oCc8
NySPu3Q/rAcKCPpiNelFs0VT3+mGXL8+gUO51iiooNBeAMWhNiL86ZxJyknRhiw6
68yNK5rDhT2NwZzYvlTDRq9AoAyyBrnw/TpbywHgFcSaHpNsMi2lpelhvygMDEiZ
W0Qgb1MrgctBKNOvvwlsRu1X0mG36ttZxuyvtub9/UCMspjLb5LLJ4hFF6PtGHBU
SMQsRsKIGNG/CiXGl9dPe1zFWDup1i71
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:12:20 2025 by rpki-client