Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2098F9CE67D911F09699B6C4DAE4EC9C.roa
File: 2098F9CE67D911F09699B6C4DAE4EC9C.roa (raw, json)
Hash identifier: LOqgleYuRyBf4obANU9maT/+w3TNtDlHqyQ9znhC/Wo=
Subject key identifier: C1:4E:17:90:BF:5A:A0:BD:E3:3C:C6:EB:2D:2A:66:11:83:DF:D2:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2098F9CE67D911F09699B6C4DAE4EC9C.roa
Signing time: Wed 23 Jul 2025 15:24:30 +0000
ROA not before: Wed 23 Jul 2025 15:24:26 +0000
ROA not after: Mon 15 Sep 2025 15:24:26 +0000
asID: 63139
IP address blocks: 154.203.161.0/24 maxlen: 24
154.203.171.0/24 maxlen: 24
154.203.173.0/24 maxlen: 24
154.203.174.0/24 maxlen: 24
154.203.175.0/24 maxlen: 24
154.203.176.0/24 maxlen: 24
154.203.177.0/24 maxlen: 24
154.203.178.0/24 maxlen: 24
154.203.180.0/24 maxlen: 24
154.203.181.0/24 maxlen: 24
154.203.182.0/24 maxlen: 24
154.203.183.0/24 maxlen: 24
154.203.184.0/24 maxlen: 24
154.203.185.0/24 maxlen: 24
154.203.186.0/24 maxlen: 24
154.203.187.0/24 maxlen: 24
154.203.188.0/24 maxlen: 24
154.203.189.0/24 maxlen: 24
154.203.190.0/24 maxlen: 24
154.203.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102208 (0x18f40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 23 15:24:26 2025 GMT
Not After : Sep 15 15:24:26 2025 GMT
Subject: CN=6880feae-70a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:52:0e:33:40:69:a7:0a:ca:15:24:5b:29:d1:
19:5a:60:5f:e4:25:0b:07:8b:5b:c5:28:09:c1:98:
c1:48:bd:21:87:64:ff:bb:a5:8f:5e:3b:6f:0b:ef:
08:f7:ba:73:0a:99:44:09:22:09:a5:dd:93:cd:63:
e1:ff:2d:fc:d1:c3:c3:03:db:bd:5a:2a:a3:b4:88:
a2:1c:dd:47:f5:97:cf:3c:92:26:3c:91:7f:0a:4a:
50:45:01:17:c0:51:3b:a8:16:b9:d9:7f:a7:c9:74:
70:3c:e0:57:ac:3d:d2:2f:55:fe:80:58:93:07:75:
d5:ba:f6:ff:0d:d2:25:83:b0:00:d0:d9:5c:1a:75:
19:95:db:f0:cf:b8:3b:85:58:20:6d:ca:c0:8f:ef:
7b:ff:70:92:bf:e7:b1:18:10:64:ab:47:0a:89:90:
67:c1:93:68:5f:fa:e9:1f:bd:71:75:3f:43:5b:48:
7e:61:2b:52:46:64:25:84:7a:fc:ef:f3:02:90:17:
19:f5:0e:d4:f5:9d:e6:31:88:3c:e6:67:a8:1a:53:
18:0b:0e:e7:75:d7:eb:f4:e6:3c:8a:e8:46:08:77:
90:2b:c0:1a:88:12:8f:a0:8a:77:98:25:d4:74:c3:
aa:46:ed:d4:39:5b:d8:6a:13:5d:5b:0b:bb:a5:66:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4E:17:90:BF:5A:A0:BD:E3:3C:C6:EB:2D:2A:66:11:83:DF:D2:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2098F9CE67D911F09699B6C4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.161.0/24
154.203.171.0/24
154.203.173.0-154.203.178.255
154.203.180.0-154.203.191.255
Signature Algorithm: sha256WithRSAEncryption
44:20:5e:b3:51:06:64:95:53:4b:a2:d7:91:9d:eb:5c:c6:d8:
34:77:c6:d7:2a:c4:71:fc:57:00:39:8b:2b:ee:51:d9:09:b4:
b5:86:0f:78:02:c1:0d:5c:25:49:cc:af:68:db:93:b9:7d:ee:
56:61:d7:08:a2:0c:7f:d8:9e:da:dd:9a:c9:34:c3:0e:74:37:
1d:de:2f:65:9d:4c:88:28:82:a6:b8:9b:c8:92:fa:e2:ed:59:
ee:42:da:12:fc:ed:c5:9e:ae:45:2b:8e:cf:5d:f7:6b:20:e6:
86:6e:91:4d:9a:cf:f8:53:a6:90:3a:70:09:12:e2:47:d4:80:
3e:f0:39:01:60:f9:b9:2c:54:81:74:a1:ab:89:28:26:9e:fb:
d9:9b:cb:df:02:6c:86:4a:1b:c3:de:7f:17:b2:d1:c7:f2:f3:
17:16:ce:29:00:0a:7c:09:9c:57:41:4b:cd:f8:b6:94:35:ab:
65:2b:ac:f7:90:69:22:28:b2:8d:28:4a:c2:44:d9:50:a8:f1:
72:0a:27:de:22:c8:7e:74:bc:0b:ba:de:2a:0a:d4:a9:07:46:
77:79:06:55:11:c8:53:68:c9:87:14:76:bc:e8:4d:1d:43:b3:
c7:15:6f:c9:99:15:95:d9:24:32:bc:17:67:d9:05:de:ca:62:
0f:ad:4f:3b
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAY9AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIzMTUyNDI2WhcNMjUwOTE1MTUyNDI2WjAYMRYw
FAYDVQQDEw02ODgwZmVhZS03MGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA21IOM0BppwrKFSRbKdEZWmBf5CULB4tbxSgJwZjBSL0hh2T/u6WPXjtv
C+8I97pzCplECSIJpd2TzWPh/y380cPDA9u9WiqjtIiiHN1H9ZfPPJImPJF/CkpQ
RQEXwFE7qBa52X+nyXRwPOBXrD3SL1X+gFiTB3XVuvb/DdIlg7AA0NlcGnUZldvw
z7g7hVggbcrAj+97/3CSv+exGBBkq0cKiZBnwZNoX/rpH71xdT9DW0h+YStSRmQl
hHr87/MCkBcZ9Q7U9Z3mMYg85meoGlMYCw7nddfr9OY8iuhGCHeQK8AaiBKPoIp3
mCXUdMOqRu3UOVvYahNdWwu7pWa8VQIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFMFO
F5C/WqC94zzG6y0qZhGD39LtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDk4RjlDRTY3RDkxMUYwOTY5OUI2QzREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAmsuhAwQAmsurMAwDBACa
y60DBACay7IwDAMEAprLtAMEBprLgDANBgkqhkiG9w0BAQsFAAOCAQEARCBes1EG
ZJVTS6LXkZ3rXMbYNHfG1yrEcfxXADmLK+5R2Qm0tYYPeALBDVwlScyvaNuTuX3u
VmHXCKIMf9ie2t2ayTTDDnQ3Hd4vZZ1MiCiCpribyJL64u1Z7kLaEvztxZ6uRSuO
z133ayDmhm6RTZrP+FOmkDpwCRLiR9SAPvA5AWD5uSxUgXShq4koJp772ZvL3wJs
hkobw95/F7LRx/LzFxbOKQAKfAmcV0FLzfi2lDWrZSus95BpIiiyjShKwkTZUKjx
cgon3iLIfnS8C7reKgrUqQdGd3kGVRHIU2jJhxR2vOhNHUOzxxVvyZkVldkkMrwX
Z9kF3spiD61POw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:17:45 2025 by rpki-client