Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68D990E2357311F0A6B3C394DAE4EC9C.roa
File: 68D990E2357311F0A6B3C394DAE4EC9C.roa (raw, json)
Hash identifier: eK+p5QUES8ANWs9Nc2hhoVeQlXdvfJQzKg+Kd2Edw5I=
Subject key identifier: E3:AE:3A:14:CE:2F:D0:31:C3:66:5A:3B:5E:E8:D2:A8:7D:CA:4F:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0181A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68D990E2357311F0A6B3C394DAE4EC9C.roa
Signing time: Tue 20 May 2025 12:10:25 +0000
ROA not before: Tue 20 May 2025 12:10:20 +0000
ROA not after: Mon 30 Jun 2025 12:10:20 +0000
asID: 62240
IP address blocks: 154.195.139.0/24 maxlen: 24
154.195.143.0/24 maxlen: 24
154.195.144.0/24 maxlen: 24
154.195.145.0/24 maxlen: 24
154.195.146.0/24 maxlen: 24
154.195.147.0/24 maxlen: 24
154.195.148.0/24 maxlen: 24
154.195.149.0/24 maxlen: 24
154.195.150.0/24 maxlen: 24
154.195.151.0/24 maxlen: 24
154.195.168.0/24 maxlen: 24
154.195.169.0/24 maxlen: 24
154.195.170.0/24 maxlen: 24
154.195.171.0/24 maxlen: 24
154.195.172.0/24 maxlen: 24
154.195.173.0/24 maxlen: 24
154.195.174.0/24 maxlen: 24
154.195.175.0/24 maxlen: 24
154.195.176.0/24 maxlen: 24
154.195.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 10 Jun 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98725 (0x181a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 12:10:20 2025 GMT
Not After : Jun 30 12:10:20 2025 GMT
Subject: CN=682c7131-6da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a8:a4:9b:1e:87:23:9d:d0:0e:71:d5:10:15:
10:d8:71:70:ea:b9:eb:19:dc:71:48:fa:a7:3e:8b:
1b:34:c3:4f:fe:3b:a0:0a:a7:ef:3f:a4:71:6a:56:
83:9b:bc:8b:d7:de:3e:cb:2a:26:08:63:79:5c:62:
22:61:ed:28:9a:96:dd:86:3e:df:31:71:fb:ea:43:
a7:8e:0f:b0:57:4d:20:29:95:49:8b:d9:f2:db:56:
d5:63:93:60:15:8b:b8:d3:28:b3:38:c0:da:b0:6e:
e0:44:1c:9f:35:5a:86:c4:91:03:3e:d3:bc:7d:82:
53:6d:31:e8:1a:37:7a:a7:42:9d:aa:1a:e1:c8:5d:
ba:2d:ec:13:04:ab:a9:45:52:d1:c1:f8:09:41:23:
83:8f:22:7a:d2:37:2d:cd:9d:5b:20:f1:44:6f:d1:
c1:55:72:ca:a3:d3:7e:d0:b3:e9:91:4d:f9:c2:53:
98:0a:6e:fc:0f:0d:60:77:1d:2b:f9:a6:1c:30:00:
64:52:03:3c:a0:3f:52:49:8f:ef:f3:2c:44:74:f2:
a2:77:4b:85:75:20:0f:28:6e:11:e3:f1:e4:ff:8f:
2e:b0:63:5e:1d:3c:f5:ce:75:8e:b8:b0:74:8c:72:
8f:2f:1b:96:84:28:db:a5:1b:b3:dd:ab:57:90:c0:
0a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:AE:3A:14:CE:2F:D0:31:C3:66:5A:3B:5E:E8:D2:A8:7D:CA:4F:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68D990E2357311F0A6B3C394DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.139.0/24
154.195.143.0-154.195.151.255
154.195.168.0-154.195.177.255
Signature Algorithm: sha256WithRSAEncryption
4d:fa:63:14:41:03:39:63:72:cb:d9:a8:c9:ac:df:b5:ce:cd:
15:0f:e0:8d:35:7f:57:0e:3e:fc:ee:6a:f9:2a:0e:ea:29:1b:
52:53:c7:0f:54:d0:fd:eb:12:3d:25:8f:27:38:ac:d1:8d:21:
5a:78:e8:6a:14:56:6c:ba:02:4a:fc:2e:16:02:fa:f5:64:3f:
86:da:5d:ce:d1:34:20:62:37:9b:a2:55:51:58:c3:cd:42:62:
20:51:fe:3e:ed:4d:1a:41:76:cd:a3:c9:02:11:36:62:dd:f7:
45:fa:40:02:4c:46:2a:f1:17:52:eb:e2:6e:e5:b8:97:f5:72:
19:e3:95:da:58:7f:7e:72:a0:a7:7d:63:90:2c:d3:09:24:17:
1d:0a:b0:7a:75:c7:bb:2d:81:78:82:cc:5b:da:38:55:ef:57:
7f:60:59:3e:c1:a4:be:1f:3d:e2:a3:34:bb:0b:be:7b:c3:09:
4b:52:39:11:45:32:33:9b:b2:72:07:49:9a:b4:41:a8:13:02:
2f:7f:a4:47:f5:06:b7:4d:39:6d:c1:15:f1:ad:95:54:64:67:
40:82:52:f8:be:bb:54:04:1d:a4:f5:25:c7:95:0c:6a:40:06:
ff:63:84:48:1d:07:dd:a4:af:42:ae:3a:5e:d0:49:75:92:4e:
c6:01:fe:e2
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAYGlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIwMTIxMDIwWhcNMjUwNjMwMTIxMDIwWjAYMRYw
FAYDVQQDEw02ODJjNzEzMS02ZGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqikmx6HI53QDnHVEBUQ2HFw6rnrGdxxSPqnPosbNMNP/jugCqfvP6Rx
alaDm7yL194+yyomCGN5XGIiYe0ompbdhj7fMXH76kOnjg+wV00gKZVJi9ny21bV
Y5NgFYu40yizOMDasG7gRByfNVqGxJEDPtO8fYJTbTHoGjd6p0KdqhrhyF26LewT
BKupRVLRwfgJQSODjyJ60jctzZ1bIPFEb9HBVXLKo9N+0LPpkU35wlOYCm78Dw1g
dx0r+aYcMABkUgM8oD9SSY/v8yxEdPKid0uFdSAPKG4R4/Hk/48usGNeHTz1znWO
uLB0jHKPLxuWhCjbpRuz3atXkMAK/QIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFOOu
OhTOL9Axw2ZaO17o0qh9yk++MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OEQ5OTBFMjM1NzMxMUYwQTZCM0MzOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAmsOLMAwDBACaw48DBAOa
w5AwDAMEA5rDqAMEAZrDsDANBgkqhkiG9w0BAQsFAAOCAQEATfpjFEEDOWNyy9mo
yazftc7NFQ/gjTV/Vw4+/O5q+SoO6ikbUlPHD1TQ/esSPSWPJzis0Y0hWnjoahRW
bLoCSvwuFgL69WQ/htpdztE0IGI3m6JVUVjDzUJiIFH+Pu1NGkF2zaPJAhE2Yt33
RfpAAkxGKvEXUuvibuW4l/VyGeOV2lh/fnKgp31jkCzTCSQXHQqwenXHuy2BeILM
W9o4Ve9Xf2BZPsGkvh894qM0uwu+e8MJS1I5EUUyM5uycgdJmrRBqBMCL3+kR/UG
t005bcEV8a2VVGRnQIJS+L67VAQdpPUlx5UMakAG/2OESB0H3aSvQq46XtBJdZJO
xgH+4g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:53:42 2025 by rpki-client