Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68E58EF8357B11F0977717C9DAE4EC9C.roa
File: 68E58EF8357B11F0977717C9DAE4EC9C.roa (raw, json)
Hash identifier: mQX7i4XCTODk56FJrlq5JKzkkHfIl2x0pSvVxFEJbOE=
Subject key identifier: 57:9A:62:47:68:B9:89:C5:42:BF:4E:5A:F4:64:7B:ED:0C:BA:23:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0181B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68E58EF8357B11F0977717C9DAE4EC9C.roa
Signing time: Tue 20 May 2025 13:07:41 +0000
ROA not before: Tue 20 May 2025 13:07:36 +0000
ROA not after: Mon 30 Jun 2025 13:07:36 +0000
asID: 62240
IP address blocks: 154.194.4.0/24 maxlen: 24
154.194.7.0/24 maxlen: 24
154.194.38.0/24 maxlen: 24
154.194.70.0/24 maxlen: 24
154.194.71.0/24 maxlen: 24
154.194.86.0/24 maxlen: 24
154.194.87.0/24 maxlen: 24
154.194.88.0/24 maxlen: 24
154.194.90.0/24 maxlen: 24
154.194.91.0/24 maxlen: 24
154.195.0.0/24 maxlen: 24
154.195.1.0/24 maxlen: 24
154.195.100.0/24 maxlen: 24
154.195.126.0/24 maxlen: 24
154.196.16.0/24 maxlen: 24
154.196.17.0/24 maxlen: 24
154.196.19.0/24 maxlen: 24
154.196.47.0/24 maxlen: 24
154.196.48.0/24 maxlen: 24
154.196.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98739 (0x181b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 20 13:07:36 2025 GMT
Not After : Jun 30 13:07:36 2025 GMT
Subject: CN=682c7e9d-36c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ce:1d:ed:be:b6:4d:04:e2:e9:2f:00:58:bf:
f8:33:fa:d4:a8:dc:72:25:4e:bf:f3:d2:ac:b9:a4:
f4:59:12:ed:70:6b:c8:ed:70:67:bc:38:c0:59:a5:
92:84:2c:06:3b:3d:1e:0e:7a:be:47:36:b5:28:25:
e6:d3:f3:5e:68:e1:0e:fe:0b:9b:2d:99:d0:59:7a:
d0:d3:88:10:b0:6a:9e:25:93:22:34:4a:a7:c9:b8:
f9:ae:46:f5:31:fe:6e:29:91:57:df:ff:d5:70:7d:
27:bd:1d:e3:3b:55:71:bb:5e:84:51:ac:4e:1c:79:
9b:2d:b5:21:14:e8:3a:d4:12:de:b3:2e:2f:10:44:
20:8b:00:be:54:90:2f:ee:86:f1:36:a3:82:d7:32:
d7:cb:63:8a:ce:7b:ce:f3:2f:cb:8c:12:b9:7b:d0:
de:7f:dd:4d:cc:1e:25:b9:11:8f:ef:0a:17:0f:8a:
ff:d4:27:37:9e:22:8e:ab:7d:1d:a4:7f:dd:ef:dc:
20:12:3b:e1:d7:4a:74:7b:ac:64:48:ea:31:f9:05:
db:16:69:52:23:c2:37:92:cb:5f:d0:82:9a:39:f0:
23:58:14:ab:ba:78:6c:e5:11:db:86:f0:6a:2e:e8:
d0:4c:7f:50:24:38:cd:f0:c1:55:cc:72:b7:03:4e:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9A:62:47:68:B9:89:C5:42:BF:4E:5A:F4:64:7B:ED:0C:BA:23:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68E58EF8357B11F0977717C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.4.0/24
154.194.7.0/24
154.194.38.0/24
154.194.70.0/23
154.194.86.0-154.194.88.255
154.194.90.0/23
154.195.0.0/23
154.195.100.0/24
154.195.126.0/24
154.196.16.0/23
154.196.19.0/24
154.196.47.0-154.196.49.255
Signature Algorithm: sha256WithRSAEncryption
21:9e:2b:8b:80:99:7d:af:81:4b:8d:ec:59:ee:0c:1e:d0:4c:
38:1a:9a:f9:d9:81:3e:89:9c:11:94:bf:49:6d:45:3e:fd:4b:
92:67:0f:bb:e9:10:d0:bf:63:7e:0c:fe:92:73:72:b9:7e:a7:
1c:8a:9e:a1:8a:09:6b:50:5f:d1:f0:73:07:82:d3:62:7a:fa:
09:3e:f3:1b:be:69:4f:9b:e4:5d:85:5d:07:68:a3:2b:2f:91:
9b:1b:c6:9a:b1:3a:9a:be:c4:ee:43:ca:37:53:c3:73:41:88:
a4:ce:05:96:5b:2f:bc:e1:02:db:a2:9a:8b:0e:3f:fb:31:52:
67:0d:73:14:f1:e5:39:9e:68:b7:31:f2:6f:b7:d3:80:94:2b:
31:8e:de:c0:28:37:2e:c4:64:0c:61:03:9b:45:09:b3:85:0c:
fc:c6:b3:74:a5:80:ff:f2:19:c3:46:cf:d8:0d:9a:f0:2d:db:
0f:88:c3:ae:3c:47:28:0e:e7:0c:8d:40:02:82:5d:76:14:23:
4a:23:1b:4a:9d:7f:05:96:fe:85:74:94:1b:2f:c2:66:b1:94:
47:49:2e:28:05:62:35:03:31:0a:22:c6:f1:04:2a:0f:9c:9e:
6b:ea:17:a2:11:34:80:8b:74:06:d3:5f:12:b3:b9:76:b0:8d:
fe:54:6f:f2
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIDAYGzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIwMTMwNzM2WhcNMjUwNjMwMTMwNzM2WjAYMRYw
FAYDVQQDEw02ODJjN2U5ZC0zNmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApc4d7b62TQTi6S8AWL/4M/rUqNxyJU6/89KsuaT0WRLtcGvI7XBnvDjA
WaWShCwGOz0eDnq+Rza1KCXm0/NeaOEO/gubLZnQWXrQ04gQsGqeJZMiNEqnybj5
rkb1Mf5uKZFX3//VcH0nvR3jO1Vxu16EUaxOHHmbLbUhFOg61BLesy4vEEQgiwC+
VJAv7obxNqOC1zLXy2OKznvO8y/LjBK5e9Def91NzB4luRGP7woXD4r/1Cc3niKO
q30dpH/d79wgEjvh10p0e6xkSOox+QXbFmlSI8I3kstf0IKaOfAjWBSrunhs5RHb
hvBqLujQTH9QJDjN8MFVzHK3A0419QIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFFea
YkdouYnFQr9OWvRke+0MuiMVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OEU1OEVGODM1N0IxMUYwOTc3NzE3QzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAmsIEAwQAmsIHAwQAmsIm
AwQBmsJGMAwDBAGawlYDBACawlgDBAGawloDBAGawwADBACaw2QDBACaw34DBAGa
xBADBACaxBMwDAMEAJrELwMEAZrEMDANBgkqhkiG9w0BAQsFAAOCAQEAIZ4ri4CZ
fa+BS43sWe4MHtBMOBqa+dmBPomcEZS/SW1FPv1LkmcPu+kQ0L9jfgz+knNyuX6n
HIqeoYoJa1Bf0fBzB4LTYnr6CT7zG75pT5vkXYVdB2ijKy+RmxvGmrE6mr7E7kPK
N1PDc0GIpM4FllsvvOEC26Kaiw4/+zFSZw1zFPHlOZ5otzHyb7fTgJQrMY7ewCg3
LsRkDGEDm0UJs4UM/MazdKWA//IZw0bP2A2a8C3bD4jDrjxHKA7nDI1AAoJddhQj
SiMbSp1/BZb+hXSUGy/CZrGUR0kuKAViNQMxCiLG8QQqD5yea+oXohE0gIt0BtNf
ErO5drCN/lRv8g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:34:05 2025 by rpki-client