Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E4F00A8413E11F080310792DAE4EC9C.roa
File: 6E4F00A8413E11F080310792DAE4EC9C.roa (raw, json)
Hash identifier: n189KnDSRuX15qp+OPUBIFA+B0pIHYdEIDQxPFFb0NI=
Subject key identifier: DF:0A:62:9F:BF:25:29:E3:09:5C:4F:B5:C1:12:95:8D:14:B2:56:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0184D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E4F00A8413E11F080310792DAE4EC9C.roa
Signing time: Wed 04 Jun 2025 12:21:25 +0000
ROA not before: Wed 04 Jun 2025 12:21:20 +0000
ROA not after: Mon 14 Jul 2025 12:21:20 +0000
asID: 397630
IP address blocks: 154.201.32.0/24 maxlen: 24
154.201.35.0/24 maxlen: 24
154.202.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99544 (0x184d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 4 12:21:20 2025 GMT
Not After : Jul 14 12:21:20 2025 GMT
Subject: CN=68403a45-680a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:77:8e:3a:82:a1:64:d7:c4:55:cd:42:54:fd:
99:ba:6d:3e:1e:34:05:29:cd:fc:f7:22:46:86:7e:
ce:0f:d2:30:2f:e8:d9:6f:12:44:7b:f7:63:d9:90:
03:49:79:76:8c:95:7b:cb:f6:84:89:b5:22:02:e1:
63:51:00:ad:3d:e0:77:fc:7e:dc:a3:1b:43:bf:65:
8d:75:65:7f:7a:a0:29:86:1e:3b:70:18:39:77:c5:
a7:f7:45:b2:ca:f1:a2:a3:7e:fe:02:a3:13:e0:d5:
66:57:96:71:96:ed:06:6b:b6:a3:7e:04:ce:39:19:
8c:f9:48:86:6f:43:69:3e:48:84:65:2f:19:c9:85:
6a:d5:31:b1:b7:ae:b9:59:f8:c2:69:d5:04:ae:1e:
e5:63:94:71:ef:03:39:8a:25:33:d4:28:fe:c1:d4:
9a:34:28:f4:d2:10:2c:45:8b:b8:a3:3a:f5:5c:13:
7e:2c:db:43:7f:21:f7:69:51:c8:a8:04:81:83:8a:
59:c8:72:49:cf:a5:07:b4:57:6a:0c:67:fb:52:dd:
19:99:52:6e:23:77:02:77:99:0f:ee:f3:c3:89:76:
1b:f0:00:b3:ae:52:79:73:d4:09:87:86:1b:7b:1e:
32:bc:d7:c6:7b:d6:6b:74:25:65:ed:5a:27:1c:4c:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0A:62:9F:BF:25:29:E3:09:5C:4F:B5:C1:12:95:8D:14:B2:56:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E4F00A8413E11F080310792DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.32.0/24
154.201.35.0/24
154.202.64.0/24
Signature Algorithm: sha256WithRSAEncryption
35:f2:e0:f1:53:6d:3b:82:33:e7:d5:47:e4:ac:b8:d8:e8:68:
f5:4d:5f:42:8f:9c:25:09:95:50:bb:65:6e:2e:98:b2:ca:50:
9e:d0:c1:b7:c8:20:d6:07:cf:d2:c4:1f:23:37:03:9b:17:c7:
c4:86:ba:7d:ca:d4:8d:d8:2a:df:98:f1:19:af:76:4d:25:21:
4b:42:8f:b6:6f:04:4f:75:37:e7:8a:ba:18:a2:38:a0:c8:d8:
6f:ee:b2:49:26:35:a0:b1:4f:30:88:83:66:93:42:07:82:67:
32:23:80:4c:8b:bc:23:4b:7f:f8:1c:61:7c:95:80:ac:29:65:
29:d9:50:55:9b:84:5c:e2:5b:9d:be:97:a5:61:5d:1b:bb:f1:
ee:71:25:89:47:28:ba:ec:01:8e:af:40:80:e0:9b:fb:18:89:
68:47:6a:72:55:97:a1:5b:df:56:d5:be:f2:3b:a2:d0:74:3e:
1e:bd:ba:c9:2d:ca:e2:fa:ca:3c:83:ad:dd:6e:73:60:eb:dd:
82:19:35:7d:97:65:99:6a:0e:f0:20:34:00:25:00:d9:36:13:
67:94:5f:d7:56:cb:02:85:a0:1b:14:b7:c5:79:b6:ab:62:53:
57:34:cd:b4:2d:ab:f7:d1:bc:9f:96:d1:2b:83:0e:15:11:cc:
ef:ee:07:5b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYTYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA0MTIyMTIwWhcNMjUwNzE0MTIyMTIwWjAYMRYw
FAYDVQQDEw02ODQwM2E0NS02ODBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7HeOOoKhZNfEVc1CVP2Zum0+HjQFKc389yJGhn7OD9IwL+jZbxJEe/dj
2ZADSXl2jJV7y/aEibUiAuFjUQCtPeB3/H7coxtDv2WNdWV/eqAphh47cBg5d8Wn
90WyyvGio37+AqMT4NVmV5Zxlu0Ga7ajfgTOORmM+UiGb0NpPkiEZS8ZyYVq1TGx
t665WfjCadUErh7lY5Rx7wM5iiUz1Cj+wdSaNCj00hAsRYu4ozr1XBN+LNtDfyH3
aVHIqASBg4pZyHJJz6UHtFdqDGf7Ut0ZmVJuI3cCd5kP7vPDiXYb8ACzrlJ5c9QJ
h4Ybex4yvNfGe9ZrdCVl7VonHEzPbQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFN8K
Yp+/JSnjCVxPtcESlY0UslaIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RTRGMDBBODQxM0UxMUYwODAzMTA3OTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmskgAwQAmskjAwQAmspA
MA0GCSqGSIb3DQEBCwUAA4IBAQA18uDxU207gjPn1UfkrLjY6Gj1TV9Cj5wlCZVQ
u2VuLpiyylCe0MG3yCDWB8/SxB8jNwObF8fEhrp9ytSN2CrfmPEZr3ZNJSFLQo+2
bwRPdTfniroYojigyNhv7rJJJjWgsU8wiINmk0IHgmcyI4BMi7wjS3/4HGF8lYCs
KWUp2VBVm4Rc4ludvpelYV0bu/HucSWJRyi67AGOr0CA4Jv7GIloR2pyVZehW99W
1b7yO6LQdD4evbrJLcri+so8g63dbnNg692CGTV9l2WZag7wIDQAJQDZNhNnlF/X
VssChaAbFLfFebarYlNXNM20Lav30byfltErgw4VEczv7gdb
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:57:25 2025 by rpki-client