Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0C2012C36F411F0A0C212A6DAE4EC9C.roa
File: C0C2012C36F411F0A0C212A6DAE4EC9C.roa (raw, json)
Hash identifier: i1oIJrW/vxM/Thw37+eK5OE9Fe+LUxUYUQww7DjVYlY=
Subject key identifier: FD:DC:F8:B9:E8:96:8F:AD:85:4C:21:78:B6:3E:A5:BA:65:B1:5D:13
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0181D1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0C2012C36F411F0A0C212A6DAE4EC9C.roa
Signing time: Thu 22 May 2025 10:08:49 +0000
ROA not before: Thu 22 May 2025 10:08:44 +0000
ROA not after: Wed 09 Jul 2025 10:08:44 +0000
asID: 138915
IP address blocks: 154.223.46.0/24 maxlen: 24
154.223.47.0/24 maxlen: 24
154.223.48.0/24 maxlen: 24
154.223.49.0/24 maxlen: 24
154.223.51.0/24 maxlen: 24
154.223.52.0/23 maxlen: 24
154.223.54.0/23 maxlen: 24
154.223.56.0/23 maxlen: 24
154.223.58.0/23 maxlen: 24
154.223.60.0/23 maxlen: 24
154.223.62.0/23 maxlen: 24
154.223.64.0/24 maxlen: 24
154.223.65.0/24 maxlen: 24
154.223.66.0/23 maxlen: 24
154.223.68.0/23 maxlen: 24
154.223.70.0/23 maxlen: 24
154.223.72.0/23 maxlen: 24
154.223.74.0/23 maxlen: 24
154.223.76.0/23 maxlen: 24
154.223.78.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98769 (0x181d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 22 10:08:44 2025 GMT
Not After : Jul 9 10:08:44 2025 GMT
Subject: CN=682ef7b0-96ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3e:80:7a:a1:28:cb:03:17:7a:80:c0:8f:25:
fa:f4:dd:4c:ab:29:67:31:b0:75:76:f6:e4:5e:ef:
38:eb:c1:04:67:25:53:b7:cb:56:24:d0:31:8c:4c:
7c:ec:de:a0:2c:6d:1e:f4:1c:e0:96:a9:7a:c4:98:
d5:ce:30:a9:00:1a:fd:c5:fe:d6:6e:9a:d3:27:3c:
87:1e:91:6f:c4:74:e8:9b:03:5e:ab:d9:dc:83:f8:
9f:ac:4d:e9:67:61:2b:8e:b2:30:72:0a:57:58:05:
1c:82:aa:76:03:9f:7e:6a:33:e7:5a:b4:c9:e2:4d:
38:4a:62:6a:9d:ff:53:85:bb:52:35:fd:2b:f1:75:
ab:fd:a8:f7:a9:dc:dc:46:10:f1:14:d6:70:23:48:
21:be:88:c2:a2:00:b7:65:dc:eb:f8:3b:92:b3:3a:
d5:d0:f6:b3:81:2d:e2:b7:a0:12:b9:75:fc:bd:ad:
6c:51:3d:f6:bb:49:02:18:31:be:3e:d8:f1:46:05:
e2:6d:07:a3:4b:0c:35:58:d0:00:80:8c:0a:c3:9a:
ba:ba:13:57:02:00:17:57:54:46:19:e6:0c:76:cd:
5b:7e:6c:cf:bc:83:39:00:ad:d3:80:7e:23:d5:47:
2d:78:09:d5:03:e9:12:f1:79:49:b9:2e:ad:5c:07:
e1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DC:F8:B9:E8:96:8F:AD:85:4C:21:78:B6:3E:A5:BA:65:B1:5D:13
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0C2012C36F411F0A0C212A6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.46.0-154.223.49.255
154.223.51.0-154.223.79.255
Signature Algorithm: sha256WithRSAEncryption
c5:41:1f:c2:cf:ec:7a:de:72:c4:2f:37:37:5e:b8:0f:5e:ad:
da:6e:c2:d9:61:9c:53:f2:50:b5:06:0a:25:96:80:04:be:11:
66:8d:63:b0:50:5e:f3:76:2a:01:3a:58:2b:6a:33:f1:20:d1:
82:0d:37:f1:95:fa:d1:42:11:e9:5d:2e:e5:7a:66:33:ce:b4:
50:8e:4b:51:ae:10:f7:9a:73:6e:46:0e:5a:be:0e:50:ea:a4:
82:2a:3d:76:ad:04:31:c5:02:6c:3d:3f:d7:2a:df:2a:32:d5:
59:21:f9:42:9d:d9:f9:69:bd:0e:65:2e:32:56:dc:34:82:16:
30:08:3b:99:b5:7a:6d:0b:80:46:f2:b8:3d:d8:6e:6d:ae:25:
d2:29:a0:4b:32:e9:21:25:95:5e:0e:a3:9a:34:19:01:d0:d6:
a3:fe:29:3e:7c:7f:56:c0:7c:22:1f:7a:79:7a:2a:7f:af:b7:
08:07:cd:bc:50:95:2a:78:cf:17:00:0b:f4:dd:2b:f5:e8:fa:
da:cf:8b:0c:ec:14:42:a8:d6:95:5f:b5:70:84:0d:49:83:c9:
76:35:77:95:35:b8:b0:c3:e1:8b:62:8f:24:3a:04:c8:73:0d:
0d:81:e3:52:e8:82:3a:ef:89:77:60:82:f1:53:7e:9d:d4:b4:
bc:45:72:64
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAYHRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIyMTAwODQ0WhcNMjUwNzA5MTAwODQ0WjAYMRYw
FAYDVQQDEw02ODJlZjdiMC05NmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzz6AeqEoywMXeoDAjyX69N1MqylnMbB1dvbkXu8468EEZyVTt8tWJNAx
jEx87N6gLG0e9Bzglql6xJjVzjCpABr9xf7WbprTJzyHHpFvxHTomwNeq9ncg/if
rE3pZ2ErjrIwcgpXWAUcgqp2A59+ajPnWrTJ4k04SmJqnf9ThbtSNf0r8XWr/aj3
qdzcRhDxFNZwI0ghvojCogC3Zdzr+DuSszrV0PazgS3it6ASuXX8va1sUT32u0kC
GDG+PtjxRgXibQejSww1WNAAgIwKw5q6uhNXAgAXV1RGGeYMds1bfmzPvIM5AK3T
gH4j1UcteAnVA+kS8XlJuS6tXAfhxQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFP3c
+Lnolo+thUwheLY+pbplsV0TMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMEMyMDEyQzM2RjQxMUYwQTBDMjEyQTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAGa3y4DBAGa3zAwDAME
AJrfMwMEBJrfQDANBgkqhkiG9w0BAQsFAAOCAQEAxUEfws/set5yxC83N164D16t
2m7C2WGcU/JQtQYKJZaABL4RZo1jsFBe83YqATpYK2oz8SDRgg038ZX60UIR6V0u
5XpmM860UI5LUa4Q95pzbkYOWr4OUOqkgio9dq0EMcUCbD0/1yrfKjLVWSH5Qp3Z
+Wm9DmUuMlbcNIIWMAg7mbV6bQuARvK4Pdhuba4l0imgSzLpISWVXg6jmjQZAdDW
o/4pPnx/VsB8Ih96eXoqf6+3CAfNvFCVKnjPFwAL9N0r9ej62s+LDOwUQqjWlV+1
cIQNSYPJdjV3lTW4sMPhi2KPJDoEyHMNDYHjUuiCOu+Jd2CC8VN+ndS0vEVyZA==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:41:34 2025 by rpki-client