Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/282B7C2A688D11F08D2611DBDAE4EC9C.roa
File: 282B7C2A688D11F08D2611DBDAE4EC9C.roa (raw, json)
Hash identifier: FikIDQPAaaxb2eFL157ym2gTSpWpbkeO8Q6tx4V2Jp0=
Subject key identifier: E5:80:C8:36:03:1E:A0:EC:98:1D:E1:0A:7D:5E:89:95:E6:C7:E2:B1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F7A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/282B7C2A688D11F08D2611DBDAE4EC9C.roa
Signing time: Thu 24 Jul 2025 12:53:12 +0000
ROA not before: Thu 24 Jul 2025 12:53:07 +0000
ROA not after: Fri 05 Sep 2025 12:53:07 +0000
asID: 44559
IP address blocks: 154.209.144.0/24 maxlen: 24
154.209.145.0/24 maxlen: 24
154.209.154.0/24 maxlen: 24
154.209.155.0/24 maxlen: 24
154.209.157.0/24 maxlen: 24
154.209.158.0/24 maxlen: 24
154.209.201.0/24 maxlen: 24
154.209.202.0/24 maxlen: 24
154.209.203.0/24 maxlen: 24
154.209.205.0/24 maxlen: 24
154.209.206.0/24 maxlen: 24
154.219.71.0/24 maxlen: 24
154.219.72.0/24 maxlen: 24
154.219.73.0/24 maxlen: 24
154.219.74.0/24 maxlen: 24
154.219.76.0/24 maxlen: 24
154.219.77.0/24 maxlen: 24
154.219.78.0/24 maxlen: 24
154.219.79.0/24 maxlen: 24
154.219.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102266 (0x18f7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 24 12:53:07 2025 GMT
Not After : Sep 5 12:53:07 2025 GMT
Subject: CN=68822cb8-0ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2a:14:58:e3:1d:5e:1d:ed:83:30:d7:a0:e7:
fd:d9:18:d9:8e:2f:e9:cf:c6:69:6c:96:c7:47:13:
2b:d0:42:86:76:36:ed:db:31:57:74:11:fb:87:1d:
6a:96:26:fe:cf:48:0a:02:5f:2a:65:1b:2a:4c:a7:
9b:0f:10:6b:f2:c1:97:f0:0a:df:7a:4d:e7:af:d9:
a9:a2:23:6c:5e:42:22:c6:7a:4c:07:d3:b2:fb:3b:
65:d4:67:9a:f9:5a:94:f8:0d:32:1b:ca:7b:1d:9d:
07:63:1a:0d:8c:80:a3:34:30:2b:f3:d9:fe:34:ea:
75:3a:c6:ad:54:27:78:a1:ce:34:f8:c9:54:bf:8d:
b2:fc:42:a6:cb:54:25:bd:75:94:60:84:9c:23:0a:
3d:fe:4b:62:a1:8c:f1:6d:00:f9:a6:8d:44:50:ef:
57:12:45:6f:88:05:20:f7:85:0e:64:ea:5b:c6:7f:
fb:8e:b5:b3:f6:27:34:66:1c:4f:31:5f:b5:21:42:
66:0c:34:ca:ab:ae:d5:2e:49:f7:fe:8d:33:3d:04:
ea:49:96:1a:87:f4:30:1c:41:ab:c5:7e:73:be:34:
05:df:ef:b4:67:83:d2:be:2f:03:11:b1:31:a8:90:
ea:20:6d:6e:70:d9:cd:ec:c2:97:cc:f7:0d:a2:36:
ef:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:80:C8:36:03:1E:A0:EC:98:1D:E1:0A:7D:5E:89:95:E6:C7:E2:B1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/282B7C2A688D11F08D2611DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.144.0/23
154.209.154.0/23
154.209.157.0-154.209.158.255
154.209.201.0-154.209.203.255
154.209.205.0-154.209.206.255
154.219.71.0-154.219.74.255
154.219.76.0-154.219.80.255
Signature Algorithm: sha256WithRSAEncryption
1e:9e:c2:f8:bd:6e:1b:c2:e7:4f:74:86:f8:d3:1a:a5:0d:21:
a7:e1:ca:59:d5:11:a8:2c:09:89:0e:4b:51:de:06:ec:da:c7:
46:15:f7:a2:0e:1d:f0:22:28:5d:54:c3:9a:f2:95:8f:bb:dc:
88:76:21:4d:ce:84:af:3b:1d:24:b6:c4:56:77:ef:12:75:1b:
40:16:96:06:db:ce:5e:5b:f6:c0:cc:3e:41:29:d2:8f:7f:af:
8d:bb:4d:77:aa:8a:dc:dd:db:f5:69:a2:f4:ab:ba:46:b9:f9:
ab:50:ab:22:b2:4f:27:be:62:e4:ab:50:04:ef:65:64:33:91:
ed:ab:61:ba:bf:87:55:68:73:12:c4:61:c5:99:41:95:28:8d:
0d:6c:62:d1:d6:1a:aa:80:f2:8e:f7:80:f7:ae:2f:07:2b:89:
14:f7:99:15:ff:63:74:15:a8:ba:13:de:f5:f1:2c:2a:0b:66:
51:df:cd:b6:03:d5:bf:ff:11:6b:07:3b:94:06:a9:54:24:42:
25:b7:fe:09:23:82:20:41:eb:4b:8b:89:f0:00:78:21:b5:01:
3f:ee:63:04:ee:cd:c2:8d:eb:f6:40:ec:09:21:c0:77:a7:e0:
c0:64:b3:ab:34:fe:6a:0c:35:c1:c9:77:19:b4:7c:d6:a1:27:
29:de:22:d7
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIDAY96MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI0MTI1MzA3WhcNMjUwOTA1MTI1MzA3WjAYMRYw
FAYDVQQDEw02ODgyMmNiOC0wY2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyioUWOMdXh3tgzDXoOf92RjZji/pz8ZpbJbHRxMr0EKGdjbt2zFXdBH7
hx1qlib+z0gKAl8qZRsqTKebDxBr8sGX8Arfek3nr9mpoiNsXkIixnpMB9Oy+ztl
1Gea+VqU+A0yG8p7HZ0HYxoNjICjNDAr89n+NOp1OsatVCd4oc40+MlUv42y/EKm
y1QlvXWUYIScIwo9/ktioYzxbQD5po1EUO9XEkVviAUg94UOZOpbxn/7jrWz9ic0
ZhxPMV+1IUJmDDTKq67VLkn3/o0zPQTqSZYah/QwHEGrxX5zvjQF3++0Z4PSvi8D
EbExqJDqIG1ucNnN7MKXzPcNojbvFwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFOWA
yDYDHqDsmB3hCn1eiZXmx+KxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yODJCN0MyQTY4OEQxMUYwOEQyNjExREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBmtGQAwQBmtGaMAwDBACa
0Z0DBACa0Z4wDAMEAJrRyQMEAprRyDAMAwQAmtHNAwQAmtHOMAwDBACa20cDBACa
20owDAMEAprbTAMEAJrbUDANBgkqhkiG9w0BAQsFAAOCAQEAHp7C+L1uG8LnT3SG
+NMapQ0hp+HKWdURqCwJiQ5LUd4G7NrHRhX3og4d8CIoXVTDmvKVj7vciHYhTc6E
rzsdJLbEVnfvEnUbQBaWBtvOXlv2wMw+QSnSj3+vjbtNd6qK3N3b9Wmi9Ku6Rrn5
q1CrIrJPJ75i5KtQBO9lZDOR7athur+HVWhzEsRhxZlBlSiNDWxi0dYaqoDyjveA
964vByuJFPeZFf9jdBWouhPe9fEsKgtmUd/NtgPVv/8Rawc7lAapVCRCJbf+CSOC
IEHrS4uJ8AB4IbUBP+5jBO7Nwo3r9kDsCSHAd6fgwGSzqzT+agw1wcl3GbR81qEn
Kd4i1w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:27:55 2025 by rpki-client