Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98CE8F96381B11F0B8C8DC98DAE4EC9C.roa
File: 98CE8F96381B11F0B8C8DC98DAE4EC9C.roa (raw, json)
Hash identifier: hm8+Ub35ORCgKTB7nJntnAQfZLvK09KZkGsuvDYSx7E=
Subject key identifier: 60:57:A4:46:A3:A2:FB:16:79:6B:FF:B6:98:B3:CC:18:57:9A:E8:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018267
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98CE8F96381B11F0B8C8DC98DAE4EC9C.roa
Signing time: Fri 23 May 2025 21:19:23 +0000
ROA not before: Fri 23 May 2025 21:19:18 +0000
ROA not after: Wed 17 Jun 2026 21:19:18 +0000
asID: 153706
IP address blocks: 154.193.208.0/24 maxlen: 24
154.193.209.0/24 maxlen: 24
154.193.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98919 (0x18267)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 21:19:18 2025 GMT
Not After : Jun 17 21:19:18 2026 GMT
Subject: CN=6830e65b-6308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:76:5d:04:9f:aa:52:fe:75:60:5f:82:07:de:
0f:f9:05:4a:39:0b:47:16:25:60:7a:5e:51:1c:61:
4b:ab:3e:10:1c:a8:6a:2c:bc:ad:e4:da:31:a9:a5:
0e:10:11:1a:bf:45:f5:85:63:62:76:79:47:f5:ec:
85:09:3b:6c:21:a1:2d:35:52:26:50:f8:9b:d9:59:
9f:0c:ab:d1:cc:c9:c9:fc:17:82:cc:bc:ba:b1:1d:
d7:d7:ac:3f:1e:a3:fa:c8:1f:1f:5a:ae:dd:d9:cb:
2f:6f:75:55:cb:ef:de:75:87:ac:e4:7e:ce:b0:f0:
87:69:15:dd:70:fc:67:ba:9f:04:bd:54:6c:29:b6:
c0:9d:79:96:61:23:05:f8:24:39:1d:fc:06:20:2b:
0e:af:ae:4b:94:77:f2:5c:6c:f4:80:be:ea:aa:63:
92:4a:b8:fa:9d:09:db:b4:2d:b1:47:75:40:bc:ac:
4f:98:f4:52:78:42:d5:a9:9c:00:41:9a:44:1a:0e:
a0:9d:4c:07:53:79:60:b6:80:d3:a1:76:bf:c0:ba:
73:f1:ff:4a:97:53:8f:8a:2e:12:6f:38:ed:3b:2f:
a2:b0:db:9e:58:fb:d3:b9:ab:33:0f:88:f2:e1:ab:
fc:7a:a4:27:16:5a:c9:62:1d:dc:45:f0:90:f0:8f:
c0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:57:A4:46:A3:A2:FB:16:79:6B:FF:B6:98:B3:CC:18:57:9A:E8:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98CE8F96381B11F0B8C8DC98DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.208.0-154.193.210.255
Signature Algorithm: sha256WithRSAEncryption
4a:b3:b4:5a:63:5f:2d:67:bd:6b:54:40:6a:dd:cb:e4:fa:85:
9e:c2:61:cb:4f:dd:9d:b4:73:11:2c:a6:63:d1:77:70:90:09:
fd:d3:a1:b2:eb:44:52:d9:c9:59:1a:11:ab:51:38:21:0b:92:
bb:39:9d:f1:16:1d:25:10:30:48:2f:2c:83:e3:e8:62:a2:b5:
28:b2:36:aa:84:0c:be:2f:d0:88:33:3d:a1:57:5c:c0:c1:13:
68:f5:64:fd:26:97:aa:46:c6:13:95:e9:61:6d:22:de:e6:ae:
7d:33:70:af:97:30:d4:21:77:ee:fc:f4:78:cc:48:7e:18:c3:
ea:7a:f4:14:ef:e1:78:fc:65:e4:4b:e3:0a:7c:3a:4b:9f:c1:
c9:67:92:ba:49:61:fe:45:74:0a:5f:56:c1:64:2e:c3:d7:3d:
5b:24:48:87:d5:93:6f:55:e8:6a:d4:dd:51:61:b6:3c:d9:71:
e2:d9:3b:b4:5b:a8:9b:db:e6:91:f0:9d:e6:96:79:0c:a8:ac:
21:57:64:d3:24:72:a9:26:05:f4:92:c2:d4:a6:b7:8f:a3:73:
45:2b:e8:5e:75:9a:6f:aa:d5:63:04:ee:86:3a:75:7d:3a:56:
81:58:b0:78:04:f7:51:b1:3d:73:cc:72:90:a3:4a:7d:51:e7:
9a:38:b9:86
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYJnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMjExOTE4WhcNMjYwNjE3MjExOTE4WjAYMRYw
FAYDVQQDEw02ODMwZTY1Yi02MzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2XZdBJ+qUv51YF+CB94P+QVKOQtHFiVgel5RHGFLqz4QHKhqLLyt5Nox
qaUOEBEav0X1hWNidnlH9eyFCTtsIaEtNVImUPib2VmfDKvRzMnJ/BeCzLy6sR3X
16w/HqP6yB8fWq7d2csvb3VVy+/edYes5H7OsPCHaRXdcPxnup8EvVRsKbbAnXmW
YSMF+CQ5HfwGICsOr65LlHfyXGz0gL7qqmOSSrj6nQnbtC2xR3VAvKxPmPRSeELV
qZwAQZpEGg6gnUwHU3lgtoDToXa/wLpz8f9Kl1OPii4SbzjtOy+isNueWPvTuasz
D4jy4av8eqQnFlrJYh3cRfCQ8I/AoQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGBX
pEajovsWeWv/tpizzBhXmugmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OENFOEY5NjM4MUIxMUYwQjhDOERDOThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASawdADBACawdIwDQYJ
KoZIhvcNAQELBQADggEBAEqztFpjXy1nvWtUQGrdy+T6hZ7CYctP3Z20cxEspmPR
d3CQCf3TobLrRFLZyVkaEatROCELkrs5nfEWHSUQMEgvLIPj6GKitSiyNqqEDL4v
0IgzPaFXXMDBE2j1ZP0ml6pGxhOV6WFtIt7mrn0zcK+XMNQhd+789HjMSH4Yw+p6
9BTv4Xj8ZeRL4wp8OkufwclnkrpJYf5FdApfVsFkLsPXPVskSIfVk29V6GrU3VFh
tjzZceLZO7RbqJvb5pHwneaWeQyorCFXZNMkcqkmBfSSwtSmt4+jc0Ur6F51mm+q
1WME7oY6dX06VoFYsHgE91GxPXPMcpCjSn1R55o4uYY=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:34:05 2025 by rpki-client