Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9DA678C76CC11F0BCB520A9DAE4EC9C.roa
File: C9DA678C76CC11F0BCB520A9DAE4EC9C.roa (raw, json)
Hash identifier: 80WW+/PN5euKmn+ZSx1VaOaSp/Em+vQZNIsRVFm1v5s=
Subject key identifier: 7C:73:61:FA:B2:D4:88:30:02:D6:48:A2:45:87:D6:71:50:76:C1:A7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01915F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9DA678C76CC11F0BCB520A9DAE4EC9C.roa
Signing time: Mon 11 Aug 2025 16:03:58 +0000
ROA not before: Mon 11 Aug 2025 16:03:53 +0000
ROA not after: Tue 16 Sep 2025 16:03:53 +0000
asID: 22773
IP address blocks: 154.202.23.0/24 maxlen: 24
154.202.24.0/24 maxlen: 24
154.202.25.0/24 maxlen: 24
154.202.26.0/24 maxlen: 24
154.202.27.0/24 maxlen: 24
154.202.28.0/24 maxlen: 24
154.202.29.0/24 maxlen: 24
154.213.207.0/24 maxlen: 24
154.213.208.0/24 maxlen: 24
154.213.209.0/24 maxlen: 24
154.213.210.0/24 maxlen: 24
154.213.213.0/24 maxlen: 24
154.213.214.0/24 maxlen: 24
154.213.215.0/24 maxlen: 24
154.213.216.0/24 maxlen: 24
154.213.217.0/24 maxlen: 24
154.213.218.0/24 maxlen: 24
154.213.219.0/24 maxlen: 24
154.213.221.0/24 maxlen: 24
154.213.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Aug 2025 06:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102751 (0x1915f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 11 16:03:53 2025 GMT
Not After : Sep 16 16:03:53 2025 GMT
Subject: CN=689a146e-eb66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6f:e0:d4:05:72:60:bd:b4:c9:97:65:8d:91:
e2:21:b3:4e:bc:da:7e:d7:db:47:c7:49:ed:d3:fa:
73:bd:f6:53:f9:da:bd:7b:ba:2a:74:e2:16:68:4b:
f6:f5:f7:30:56:f5:6d:30:16:d5:21:37:a2:db:c2:
34:fc:06:3b:05:90:b7:e6:94:4e:e8:9c:d8:12:29:
49:72:b0:b8:c0:ed:89:3c:a4:67:0e:7f:64:ae:73:
aa:a6:05:6f:c2:fd:b8:95:f4:bd:5b:b0:e6:c9:ea:
f0:a9:ed:75:b1:46:7f:2c:c1:70:48:71:67:6d:41:
be:05:db:e4:d2:f0:99:06:9f:5d:83:e0:82:ec:7c:
f8:4c:eb:da:fb:b1:45:91:63:d6:5e:60:ce:45:6b:
93:4d:2d:40:68:1f:a5:bd:9f:21:64:9d:31:fd:7a:
8a:31:5e:1d:91:0e:fd:ff:4e:4c:67:83:5c:da:09:
7e:c4:6a:e1:9a:fa:8d:66:65:e3:80:28:11:e9:14:
32:02:7a:f9:9c:0e:5d:e7:94:77:b1:35:a4:2f:c0:
9d:20:10:f9:75:d4:9f:ed:60:2b:0e:45:2f:d6:af:
b5:94:9f:56:0e:22:8b:90:38:fd:05:0a:75:6e:69:
62:3f:ad:86:47:05:b2:eb:d0:fc:5b:40:f6:40:7f:
7c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:73:61:FA:B2:D4:88:30:02:D6:48:A2:45:87:D6:71:50:76:C1:A7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9DA678C76CC11F0BCB520A9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.23.0-154.202.29.255
154.213.207.0-154.213.210.255
154.213.213.0-154.213.219.255
154.213.221.0-154.213.222.255
Signature Algorithm: sha256WithRSAEncryption
d6:24:e6:43:2b:4a:1d:61:53:ca:52:0f:b4:0d:57:4e:91:cd:
5b:8a:54:e1:93:c0:b6:da:12:e6:02:6b:97:f7:71:9c:42:78:
69:cc:f2:ac:be:d1:8f:9f:a8:71:4f:0e:82:84:43:21:c1:20:
8b:90:1a:12:82:1c:87:79:cf:5e:f5:a1:40:fb:95:07:ce:46:
fa:69:19:ef:a0:df:8c:fe:fc:fd:71:67:40:91:53:07:e5:7b:
5f:2d:e8:a9:95:d7:c0:1f:25:08:82:4a:01:04:42:33:64:c2:
30:f1:42:7c:8f:1a:ac:34:8a:1e:65:fc:f5:1b:4c:e3:79:40:
45:29:96:c3:7b:83:9f:89:ab:d8:72:3e:38:e3:ee:f5:d8:52:
c1:07:55:db:ff:0b:27:7a:49:4a:33:57:55:63:40:48:71:fa:
c9:a0:c3:14:5d:a9:e3:8a:3a:7e:1f:65:c7:3d:2c:54:91:e3:
56:f4:32:9f:13:79:56:61:0c:6f:43:66:4f:b9:50:88:55:f1:
2b:70:1d:49:a9:f2:95:d1:64:2f:3c:a8:7e:7e:f1:de:aa:d4:
81:8b:2b:65:12:f6:57:f3:90:9a:7e:f6:f4:de:7a:1d:30:dc:
5c:ca:31:a1:b1:ef:60:4d:98:b3:24:00:0e:ca:86:54:12:be:
97:29:4c:8e
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAZFfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODExMTYwMzUzWhcNMjUwOTE2MTYwMzUzWjAYMRYw
FAYDVQQDEw02ODlhMTQ2ZS1lYjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4W/g1AVyYL20yZdljZHiIbNOvNp+19tHx0nt0/pzvfZT+dq9e7oqdOIW
aEv29fcwVvVtMBbVITei28I0/AY7BZC35pRO6JzYEilJcrC4wO2JPKRnDn9krnOq
pgVvwv24lfS9W7Dmyerwqe11sUZ/LMFwSHFnbUG+Bdvk0vCZBp9dg+CC7Hz4TOva
+7FFkWPWXmDORWuTTS1AaB+lvZ8hZJ0x/XqKMV4dkQ79/05MZ4Nc2gl+xGrhmvqN
ZmXjgCgR6RQyAnr5nA5d55R3sTWkL8CdIBD5ddSf7WArDkUv1q+1lJ9WDiKLkDj9
BQp1bmliP62GRwWy69D8W0D2QH98hwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFHxz
Yfqy1IgwAtZIokWH1nFQdsGnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOURBNjc4Qzc2Q0MxMUYwQkNCNTIwQTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBACayhcDBAGayhwwDAME
AJrVzwMEAJrV0jAMAwQAmtXVAwQCmtXYMAwDBACa1d0DBACa1d4wDQYJKoZIhvcN
AQELBQADggEBANYk5kMrSh1hU8pSD7QNV06RzVuKVOGTwLbaEuYCa5f3cZxCeGnM
8qy+0Y+fqHFPDoKEQyHBIIuQGhKCHId5z171oUD7lQfORvppGe+g34z+/P1xZ0CR
Uwfle18t6KmV18AfJQiCSgEEQjNkwjDxQnyPGqw0ih5l/PUbTON5QEUplsN7g5+J
q9hyPjjj7vXYUsEHVdv/Cyd6SUozV1VjQEhx+smgwxRdqeOKOn4fZcc9LFSR41b0
Mp8TeVZhDG9DZk+5UIhV8StwHUmp8pXRZC88qH5+8d6q1IGLK2US9lfzkJp+9vTe
eh0w3FzKMaGx72BNmLMkAA7KhlQSvpcpTI4=
-----END CERTIFICATE-----
Generated at Thu Aug 21 01:25:38 2025 by rpki-client