Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F16E68903BA611F0AE6369B8DAE4EC9C.roa
File: F16E68903BA611F0AE6369B8DAE4EC9C.roa (raw, json)
Hash identifier: tLoUVlIir7BPfEIPORbCwIonoannRE4EX1bxQHNEm0A=
Subject key identifier: 7D:1B:5E:84:D7:AE:40:E7:4C:5B:5B:ED:DD:3C:6F:AC:AC:1F:C1:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018332
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F16E68903BA611F0AE6369B8DAE4EC9C.roa
Signing time: Wed 28 May 2025 09:34:25 +0000
ROA not before: Wed 28 May 2025 09:34:20 +0000
ROA not after: Sat 07 Jun 2025 09:34:20 +0000
asID: 9009
IP address blocks: 154.216.238.0/24 maxlen: 24
154.216.239.0/24 maxlen: 24
154.216.245.0/24 maxlen: 24
154.216.252.0/24 maxlen: 24
154.218.192.0/24 maxlen: 24
154.218.196.0/24 maxlen: 24
154.218.200.0/24 maxlen: 24
154.218.204.0/24 maxlen: 24
154.218.220.0/24 maxlen: 24
154.218.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99122 (0x18332)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 09:34:20 2025 GMT
Not After : Jun 7 09:34:20 2025 GMT
Subject: CN=6836d8a1-59d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:03:e5:3d:a5:7d:66:41:8c:6f:d9:ce:d0:
15:8c:19:2f:44:96:11:11:70:db:d3:65:b6:63:48:
a3:34:7e:9c:f5:ba:5c:01:d6:4c:e3:db:de:11:c6:
1d:da:8e:91:22:35:b7:58:ef:b1:a6:e2:7c:0e:c3:
fd:bc:92:5d:6b:5a:f9:c5:27:46:eb:80:2e:dd:a4:
7a:c9:92:5c:de:47:ee:19:e2:24:2a:f5:cc:9d:68:
8f:28:6d:57:a5:3f:35:c6:29:b6:ae:73:3f:5d:7e:
f3:16:68:13:9e:e8:7a:b8:ea:df:c5:33:66:35:2c:
ae:e1:92:6f:01:d6:42:1c:11:86:9b:59:40:67:b9:
c5:07:1c:ef:4f:4b:ca:07:04:ce:a6:54:91:f9:47:
0e:a9:e6:d7:16:02:1c:6b:10:ee:a6:95:8e:39:e4:
8e:c3:b6:6b:e1:63:3b:0c:25:37:99:0f:b7:2f:72:
66:86:51:44:74:9a:fa:44:20:13:65:2e:71:5d:f9:
f1:03:db:8c:1a:c8:9d:f4:ec:30:2e:e5:f9:17:93:
1f:f0:1f:4b:09:c6:f6:2b:66:16:01:0e:a0:bc:4f:
7a:6d:c8:4c:9e:1c:87:79:d4:a5:2b:0e:92:48:35:
b1:b2:32:bb:4a:70:51:fb:12:6d:d7:f7:60:6e:7e:
74:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1B:5E:84:D7:AE:40:E7:4C:5B:5B:ED:DD:3C:6F:AC:AC:1F:C1:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F16E68903BA611F0AE6369B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.238.0/23
154.216.245.0/24
154.216.252.0/24
154.218.192.0/24
154.218.196.0/24
154.218.200.0/24
154.218.204.0/24
154.218.220.0/24
154.218.236.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f1:39:b2:08:21:7e:51:a8:ee:e4:b4:a5:8f:12:f3:bf:df:
a2:61:c3:95:e5:cc:f4:cc:4e:3b:86:72:c5:9e:a5:29:14:39:
83:13:4d:a8:0a:98:36:34:ef:62:c6:0e:98:c3:de:3c:7c:99:
82:03:8a:f3:39:a8:04:c0:fc:b3:ad:36:e2:c1:d6:3f:87:d5:
c7:8d:67:24:d0:69:3c:a3:ae:e1:d1:64:e3:d9:79:dc:05:bc:
cf:53:80:be:50:ec:40:0c:29:55:19:eb:6d:cc:86:8f:39:d6:
dc:a3:1c:b0:70:f5:aa:a2:95:fc:ae:8c:09:1b:a2:18:c0:b2:
96:a5:05:2f:c7:9a:a3:12:60:e0:90:0e:35:2e:15:eb:f7:91:
8a:25:ce:8d:c6:f2:87:4d:8d:68:09:40:49:8d:e1:60:e6:47:
2f:af:b4:e5:03:ba:a0:e0:be:64:d7:7f:b3:5c:c4:0e:29:39:
0b:96:01:15:8f:83:58:20:58:5e:92:65:e3:8f:af:47:4a:c5:
64:ac:50:08:e8:77:9e:a1:44:ea:b5:c6:eb:b0:67:9e:17:28:
7c:1d:26:d2:cf:0d:65:65:b0:d6:94:88:a3:e7:b2:5e:53:a5:
27:9f:8d:2a:9d:fe:66:2c:ea:e1:ee:14:8b:4f:8d:c5:3f:3d:
64:45:4f:88
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAYMyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MDkzNDIwWhcNMjUwNjA3MDkzNDIwWjAYMRYw
FAYDVQQDEw02ODM2ZDhhMS01OWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu38D5T2lfWZBjG/ZztAVjBkvRJYREXDb02W2Y0ijNH6c9bpcAdZM49ve
EcYd2o6RIjW3WO+xpuJ8DsP9vJJda1r5xSdG64Au3aR6yZJc3kfuGeIkKvXMnWiP
KG1XpT81xim2rnM/XX7zFmgTnuh6uOrfxTNmNSyu4ZJvAdZCHBGGm1lAZ7nFBxzv
T0vKBwTOplSR+UcOqebXFgIcaxDuppWOOeSOw7Zr4WM7DCU3mQ+3L3JmhlFEdJr6
RCATZS5xXfnxA9uMGsid9OwwLuX5F5Mf8B9LCcb2K2YWAQ6gvE96bchMnhyHedSl
Kw6SSDWxsjK7SnBR+xJt1/dgbn50pwIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFH0b
XoTXrkDnTFtb7d08b6ysH8G9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMTZFNjg5MDNCQTYxMUYwQUU2MzY5QjhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBmtjuAwQAmtj1AwQAmtj8
AwQAmtrAAwQAmtrEAwQAmtrIAwQAmtrMAwQAmtrcAwQAmtrsMA0GCSqGSIb3DQEB
CwUAA4IBAQAB8TmyCCF+Uaju5LSljxLzv9+iYcOV5cz0zE47hnLFnqUpFDmDE02o
Cpg2NO9ixg6Yw948fJmCA4rzOagEwPyzrTbiwdY/h9XHjWck0Gk8o67h0WTj2Xnc
BbzPU4C+UOxADClVGettzIaPOdbcoxywcPWqopX8rowJG6IYwLKWpQUvx5qjEmDg
kA41LhXr95GKJc6NxvKHTY1oCUBJjeFg5kcvr7TlA7qg4L5k13+zXMQOKTkLlgEV
j4NYIFhekmXjj69HSsVkrFAI6HeeoUTqtcbrsGeeFyh8HSbSzw1lZbDWlIij57Je
U6Unn40qnf5mLOrh7hSLT43FPz1kRU+I
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:20:18 2025 by rpki-client