Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252A528A438011F08C4BEBBEDAE4EC9C.roa
File: 252A528A438011F08C4BEBBEDAE4EC9C.roa (raw, json)
Hash identifier: UpEewfg7j+BzVB5bEeCGdir0CKnzCC7IQgpP4EgTvf4=
Subject key identifier: 7B:5E:3A:5F:33:D9:7E:9F:BD:68:89:D2:AF:14:DA:C1:0D:75:1F:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018546
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252A528A438011F08C4BEBBEDAE4EC9C.roa
Signing time: Sat 07 Jun 2025 09:16:51 +0000
ROA not before: Sat 07 Jun 2025 09:16:46 +0000
ROA not after: Wed 09 Jul 2025 09:16:46 +0000
asID: 45194
IP address blocks: 154.84.207.0/24 maxlen: 24
154.84.209.0/24 maxlen: 24
154.84.210.0/24 maxlen: 24
154.84.225.0/24 maxlen: 24
154.84.226.0/24 maxlen: 24
154.84.227.0/24 maxlen: 24
154.84.230.0/24 maxlen: 24
154.84.232.0/24 maxlen: 24
154.84.233.0/24 maxlen: 24
154.84.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99654 (0x18546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 09:16:46 2025 GMT
Not After : Jul 9 09:16:46 2025 GMT
Subject: CN=68440383-152e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cf:4c:39:5e:b2:60:a8:fa:67:58:e5:21:45:
d7:7e:49:a8:50:3b:96:00:21:98:38:b5:61:77:c6:
18:26:c0:e0:db:87:7c:56:81:7b:ab:4f:94:c7:ec:
32:4e:79:b0:7a:da:86:2e:bd:98:57:9a:ea:19:9a:
19:bc:3f:6e:c9:b9:94:7b:b0:cb:26:b5:b7:f1:36:
ff:93:f5:ad:2c:ad:53:e1:5a:ea:e9:8d:c9:ae:de:
3c:88:5e:a4:e3:25:14:af:a7:04:45:65:ab:75:69:
32:0b:6b:71:8c:1c:99:27:d4:f6:13:76:03:00:67:
4b:71:01:fa:49:cd:90:2a:21:c6:f3:28:74:4d:75:
48:a4:c2:35:bd:7a:df:5a:f3:6d:b4:0b:9a:45:d6:
10:d7:4c:6e:24:b4:63:96:48:78:1b:5c:b0:ec:0e:
1d:a3:08:0d:7b:d9:01:53:8a:c0:b3:d7:f4:10:23:
5a:2b:91:0e:68:a2:a9:38:66:4d:07:10:c8:13:fb:
b0:38:38:71:27:f9:02:20:3c:03:04:7d:4b:46:8f:
3a:2b:a3:68:cf:1b:6a:4e:00:27:5f:b0:cc:3e:02:
8c:74:fc:37:8e:3e:06:ec:24:fa:6f:05:2f:1f:8a:
4c:4d:41:52:0b:ac:cc:7b:2c:18:d4:1e:19:e8:72:
0a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5E:3A:5F:33:D9:7E:9F:BD:68:89:D2:AF:14:DA:C1:0D:75:1F:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252A528A438011F08C4BEBBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.207.0/24
154.84.209.0-154.84.210.255
154.84.225.0-154.84.227.255
154.84.230.0/24
154.84.232.0-154.84.234.255
Signature Algorithm: sha256WithRSAEncryption
4f:4a:f4:45:1d:68:33:6c:56:8e:9a:0c:de:9f:56:52:6f:76:
7f:44:98:f4:81:1b:56:93:c8:cf:d5:dd:ec:be:de:9d:72:63:
2d:91:ee:8d:7a:91:71:5e:c6:59:97:3b:1d:5f:d9:59:42:e6:
21:59:b9:04:df:08:fc:f8:43:6f:df:16:ac:ab:1b:74:e7:fb:
79:22:7b:d7:c6:0f:50:ab:67:32:42:ce:05:5f:ca:d9:e2:6d:
88:da:5a:96:54:a9:5c:c6:18:f7:d9:e8:f8:10:52:04:54:6b:
f5:bc:e9:03:72:a8:37:e8:86:60:a7:c2:04:bb:e5:60:02:a5:
25:82:e3:8a:ce:6c:34:2a:9a:74:6a:1b:cd:92:15:eb:01:19:
4d:fc:0d:42:18:00:c0:fd:68:2c:11:0f:8b:7f:e9:43:b0:8b:
0b:3c:09:8e:3e:1b:60:5f:f3:c2:6e:4a:84:b4:4f:13:99:e0:
2a:b8:a4:2a:7f:ba:98:1f:1b:02:9e:90:2e:99:de:45:61:d2:
d6:15:33:a6:24:58:75:37:c9:b7:c5:cc:6a:fe:ac:d2:ec:a1:
d3:d8:d6:1a:71:86:fc:5b:42:2e:6b:53:10:d1:02:67:0a:8a:
61:8f:56:fe:d1:7d:9e:57:88:71:8e:21:ca:27:ea:2d:44:2f:
7b:85:94:d0
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAYVGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MDkxNjQ2WhcNMjUwNzA5MDkxNjQ2WjAYMRYw
FAYDVQQDEw02ODQ0MDM4My0xNTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz89MOV6yYKj6Z1jlIUXXfkmoUDuWACGYOLVhd8YYJsDg24d8VoF7q0+U
x+wyTnmwetqGLr2YV5rqGZoZvD9uybmUe7DLJrW38Tb/k/WtLK1T4Vrq6Y3Jrt48
iF6k4yUUr6cERWWrdWkyC2txjByZJ9T2E3YDAGdLcQH6Sc2QKiHG8yh0TXVIpMI1
vXrfWvNttAuaRdYQ10xuJLRjlkh4G1yw7A4dowgNe9kBU4rAs9f0ECNaK5EOaKKp
OGZNBxDIE/uwODhxJ/kCIDwDBH1LRo86K6NozxtqTgAnX7DMPgKMdPw3jj4G7CT6
bwUvH4pMTUFSC6zMeywY1B4Z6HIKYQIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFHte
Ol8z2X6fvWiJ0q8U2sENdR+oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNTJBNTI4QTQzODAxMUYwOEM0QkVCQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAmlTPMAwDBACaVNEDBACa
VNIwDAMEAJpU4QMEAppU4AMEAJpU5jAMAwQDmlToAwQAmlTqMA0GCSqGSIb3DQEB
CwUAA4IBAQBPSvRFHWgzbFaOmgzen1ZSb3Z/RJj0gRtWk8jP1d3svt6dcmMtke6N
epFxXsZZlzsdX9lZQuYhWbkE3wj8+ENv3xasqxt05/t5InvXxg9Qq2cyQs4FX8rZ
4m2I2lqWVKlcxhj32ej4EFIEVGv1vOkDcqg36IZgp8IEu+VgAqUlguOKzmw0Kpp0
ahvNkhXrARlN/A1CGADA/WgsEQ+Lf+lDsIsLPAmOPhtgX/PCbkqEtE8TmeAquKQq
f7qYHxsCnpAumd5FYdLWFTOmJFh1N8m3xcxq/qzS7KHT2NYacYb8W0Iua1MQ0QJn
Cophj1b+0X2eV4hxjiHKJ+otRC97hZTQ
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:00:14 2025 by rpki-client