Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F691D4349711F0BAE1F3D6DAE4EC9C.roa
File: D0F691D4349711F0BAE1F3D6DAE4EC9C.roa (raw, json)
Hash identifier: vO8zg0wt/8h4SRSnLrMBcUomxRgfhIegRkmceYVi2os=
Subject key identifier: 03:A3:7D:0F:36:6D:05:6F:CF:63:A7:3C:72:44:F7:0F:6B:49:F5:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018150
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F691D4349711F0BAE1F3D6DAE4EC9C.roa
Signing time: Mon 19 May 2025 09:58:30 +0000
ROA not before: Mon 19 May 2025 09:58:25 +0000
ROA not after: Wed 18 Jun 2025 09:58:25 +0000
asID: 54801
IP address blocks: 154.90.28.0/24 maxlen: 24
154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.200.241.0/24 maxlen: 24
154.200.242.0/24 maxlen: 24
154.200.248.0/24 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/24 maxlen: 24
154.201.40.0/24 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.78.0/24 maxlen: 24
154.222.136.0/24 maxlen: 24
154.222.146.0/24 maxlen: 24
154.223.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98640 (0x18150)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 19 09:58:25 2025 GMT
Not After : Jun 18 09:58:25 2025 GMT
Subject: CN=682b00c6-d5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:32:0c:69:c1:ce:d5:80:a9:d8:12:41:2d:3f:
87:40:c5:24:34:4f:60:3a:ab:53:64:27:00:78:73:
c7:38:f1:80:f4:ac:3d:1e:d4:1e:a9:1a:60:7f:84:
e3:9c:a1:a1:28:24:dd:7c:fb:e9:5e:87:2b:6d:6a:
5c:3a:a7:cb:09:7c:e7:b4:c3:b8:03:57:98:c7:3b:
a4:49:30:14:79:7b:a7:e9:8a:92:bd:37:03:f8:7d:
57:06:73:0e:1a:b5:fd:7a:30:6c:60:c0:1d:60:51:
38:df:61:fc:6d:b6:3c:b2:a7:69:93:7c:bc:5f:85:
15:21:05:84:63:a8:a2:28:e8:91:c1:7d:2a:c1:16:
bf:86:bd:b4:45:1c:84:67:1c:f4:f4:50:09:66:69:
42:fd:04:20:75:b0:63:bb:10:bc:bc:97:ba:6b:23:
4d:8f:b8:39:3a:a0:e0:ed:1f:4a:32:e2:6b:0a:c2:
47:e6:22:f0:ef:b7:49:a9:36:0a:2e:c0:81:fc:8d:
8b:20:f4:15:97:a0:60:5e:c3:94:b1:eb:ad:f4:85:
92:0e:4b:d4:64:8a:ba:07:ea:28:80:45:10:d8:57:
76:a9:80:da:f4:6f:51:2b:ea:85:fd:e2:05:fd:b8:
94:c7:95:75:4f:98:61:a3:6c:a3:d6:20:1d:52:9c:
23:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A3:7D:0F:36:6D:05:6F:CF:63:A7:3C:72:44:F7:0F:6B:49:F5:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F691D4349711F0BAE1F3D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.28.0/24
154.198.9.0-154.198.10.255
154.200.241.0-154.200.242.255
154.200.248.0/24
154.201.7.0-154.201.8.255
154.201.40.0/24
154.213.211.0-154.213.212.255
154.222.77.0-154.222.78.255
154.222.136.0/24
154.222.146.0/24
154.223.230.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:f6:24:98:72:6f:2e:cf:e5:4f:22:9b:e3:c5:ef:86:4f:c5:
44:7a:79:63:0c:45:fd:65:b8:be:87:dd:e5:66:fb:09:53:d2:
fc:89:a6:0f:91:6b:45:82:d8:68:f9:cb:5b:d4:b0:a6:70:f7:
16:62:de:63:7a:14:c8:85:59:33:d0:f4:fc:2f:40:3a:2a:46:
a1:16:2a:e2:99:b6:78:7b:f2:fe:7c:dd:25:e0:bf:00:ff:48:
34:7b:a2:b9:80:54:b2:a5:1a:93:12:15:15:87:1b:22:da:57:
0b:be:a2:17:ed:87:dd:9b:a7:e4:29:96:94:cd:9f:6e:5f:38:
a9:44:64:68:dc:93:15:96:d6:85:23:e0:a2:4d:e7:f9:21:ff:
02:09:49:e9:be:70:89:02:52:8e:55:89:ae:1f:2f:22:22:ea:
59:5e:e4:1e:b4:c1:99:78:7d:ec:78:23:ad:20:3e:0d:07:9c:
36:03:cc:a7:2c:ea:4f:76:98:90:09:b1:cc:19:65:bf:d5:94:
2a:8a:f2:01:89:9d:67:ed:fb:5b:a4:89:ba:22:88:b7:26:57:
2a:f5:38:63:fd:76:db:60:a1:1b:40:16:9d:b8:16:1c:a6:c7:
47:97:38:56:39:ed:ad:36:16:9a:1d:2a:f5:8d:5f:86:5e:ec:
bf:65:ea:68
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgIDAYFQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTE5MDk1ODI1WhcNMjUwNjE4MDk1ODI1WjAYMRYw
FAYDVQQDEw02ODJiMDBjNi1kNWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDIMacHO1YCp2BJBLT+HQMUkNE9gOqtTZCcAeHPHOPGA9Kw9HtQeqRpg
f4TjnKGhKCTdfPvpXocrbWpcOqfLCXzntMO4A1eYxzukSTAUeXun6YqSvTcD+H1X
BnMOGrX9ejBsYMAdYFE432H8bbY8sqdpk3y8X4UVIQWEY6iiKOiRwX0qwRa/hr20
RRyEZxz09FAJZmlC/QQgdbBjuxC8vJe6ayNNj7g5OqDg7R9KMuJrCsJH5iLw77dJ
qTYKLsCB/I2LIPQVl6BgXsOUseut9IWSDkvUZIq6B+oogEUQ2Fd2qYDa9G9RK+qF
/eIF/biUx5V1T5hho2yj1iAdUpwjJwIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFAOj
fQ82bQVvz2OnPHJE9w9rSfX8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEY2OTFENDM0OTcxMUYwQkFFMUYzRDZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAJpaHDAMAwQAmsYJAwQA
msYKMAwDBACayPEDBACayPIDBACayPgwDAMEAJrJBwMEAJrJCAMEAJrJKDAMAwQA
mtXTAwQAmtXUMAwDBACa3k0DBACa3k4DBACa3ogDBACa3pIDBACa3+YwDQYJKoZI
hvcNAQELBQADggEBACr2JJhyby7P5U8im+PF74ZPxUR6eWMMRf1luL6H3eVm+wlT
0vyJpg+Ra0WC2Gj5y1vUsKZw9xZi3mN6FMiFWTPQ9PwvQDoqRqEWKuKZtnh78v58
3SXgvwD/SDR7ormAVLKlGpMSFRWHGyLaVwu+ohfth92bp+QplpTNn25fOKlEZGjc
kxWW1oUj4KJN5/kh/wIJSem+cIkCUo5Via4fLyIi6lle5B60wZl4fex4I60gPg0H
nDYDzKcs6k92mJAJscwZZb/VlCqK8gGJnWft+1ukiboiiLcmVyr1OGP9dttgoRtA
Fp24Fhymx0eXOFY57a02FpodKvWNX4Ze7L9l6mg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:34:43 2025 by rpki-client