Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4132ABC6689C11F0A84FDBBCDAE4EC9C.roa
File: 4132ABC6689C11F0A84FDBBCDAE4EC9C.roa (raw, json)
Hash identifier: BiFcBuRxY199Q/adgSicqUYJgpLKaQi3egWLzC/RRto=
Subject key identifier: CB:00:22:66:02:26:E0:C3:08:56:87:81:59:86:A5:37:75:74:F1:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F92
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4132ABC6689C11F0A84FDBBCDAE4EC9C.roa
Signing time: Thu 24 Jul 2025 14:41:17 +0000
ROA not before: Thu 24 Jul 2025 14:41:12 +0000
ROA not after: Fri 05 Sep 2025 14:41:12 +0000
asID: 48031
IP address blocks: 154.215.12.0/24 maxlen: 24
154.215.13.0/24 maxlen: 24
154.216.1.0/24 maxlen: 24
154.218.1.0/24 maxlen: 24
154.218.16.0/24 maxlen: 24
154.218.17.0/24 maxlen: 24
154.218.18.0/24 maxlen: 24
154.218.19.0/24 maxlen: 24
154.218.22.0/24 maxlen: 24
154.222.215.0/24 maxlen: 24
154.222.216.0/24 maxlen: 24
154.222.217.0/24 maxlen: 24
154.222.218.0/24 maxlen: 24
154.222.219.0/24 maxlen: 24
154.222.220.0/24 maxlen: 24
154.222.221.0/24 maxlen: 24
154.222.222.0/24 maxlen: 24
154.222.242.0/24 maxlen: 24
154.222.252.0/24 maxlen: 24
154.223.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102290 (0x18f92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 24 14:41:12 2025 GMT
Not After : Sep 5 14:41:12 2025 GMT
Subject: CN=6882460d-4ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f2:38:e4:b4:1a:52:e7:51:9b:e8:38:1c:cd:
e0:c8:30:e4:e2:fb:9e:91:2c:78:1c:f0:57:5d:98:
ce:5f:47:ce:66:45:dc:7b:32:8d:d4:a3:d9:fc:2a:
bc:41:13:10:17:5b:05:06:16:a2:c8:4e:f7:4a:e5:
5b:99:25:b5:da:a4:8c:cc:b0:48:cd:d6:b7:0c:30:
0b:66:fd:19:77:69:98:97:fe:72:d4:a0:67:6a:ea:
50:a1:80:4a:a5:73:98:a0:88:72:47:93:ed:5f:95:
64:4b:84:b3:1e:84:0d:95:ee:ea:e5:c4:01:55:65:
5f:a2:ab:c8:68:74:89:8c:e9:1f:59:b8:08:55:cb:
67:1f:5c:e6:f7:37:8a:3b:ef:9c:31:ca:de:c6:ae:
b2:3c:1d:7c:dc:cd:6c:51:bf:ce:14:ce:c6:b9:94:
be:b5:24:64:33:8a:f9:02:6c:ea:8f:f0:9b:30:84:
d2:76:f2:88:66:b9:eb:b4:dc:d0:49:67:bd:5e:f6:
87:4c:4c:62:b0:3c:ee:f8:75:18:84:12:d2:75:7d:
51:b8:99:19:79:48:46:34:82:4f:85:b5:fd:ec:d7:
f7:2a:59:4d:50:e3:93:94:d7:46:7e:f6:c7:65:09:
79:d6:6e:ef:b9:50:a6:bf:d4:e8:40:3a:e7:a9:db:
24:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:00:22:66:02:26:E0:C3:08:56:87:81:59:86:A5:37:75:74:F1:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4132ABC6689C11F0A84FDBBCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.12.0/23
154.216.1.0/24
154.218.1.0/24
154.218.16.0/22
154.218.22.0/24
154.222.215.0-154.222.222.255
154.222.242.0/24
154.222.252.0/24
154.223.81.0/24
Signature Algorithm: sha256WithRSAEncryption
05:e4:38:de:11:3c:db:f5:89:35:b8:7b:a1:ec:ae:c5:c3:76:
c6:67:d2:a3:3c:46:41:6a:ba:ab:62:b2:75:8f:b2:ae:b8:96:
22:90:93:66:4d:07:85:44:6c:91:15:62:b2:df:1e:96:4e:60:
d6:d4:65:d2:c3:2d:dd:3f:aa:33:52:d8:0b:07:c8:92:6f:a6:
cf:14:ff:2b:3e:e2:c5:ef:ac:37:01:09:c6:21:28:fa:d3:5e:
46:52:15:a4:68:eb:7d:75:5c:fc:08:80:30:68:09:2d:31:f7:
18:7a:f3:15:da:f5:f0:63:b5:0d:31:16:c7:0c:a6:d3:cf:77:
cc:5e:c5:75:ac:61:9a:47:c8:f1:8c:5b:14:2a:46:28:88:62:
b1:b3:0d:db:96:cb:a1:33:ae:5e:3c:63:d3:54:44:6e:69:1f:
f1:6e:08:1d:b1:3b:20:fd:60:16:47:77:6a:8f:90:db:3c:a6:
be:4c:b3:75:26:8f:f4:36:f1:ca:56:4d:6c:56:80:32:c6:b8:
ad:bc:f8:6c:db:7f:64:d2:ab:b6:1a:f2:c9:9b:75:a3:57:25:
8e:f4:8a:0f:b8:82:fe:71:fe:5a:22:44:c9:9a:e6:6c:66:3b:
af:10:7d:89:bd:bf:b5:96:b2:63:65:02:a6:95:54:bb:a4:f2:
8c:05:08:38
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAY+SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI0MTQ0MTEyWhcNMjUwOTA1MTQ0MTEyWjAYMRYw
FAYDVQQDEw02ODgyNDYwZC00YWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwPI45LQaUudRm+g4HM3gyDDk4vuekSx4HPBXXZjOX0fOZkXcezKN1KPZ
/Cq8QRMQF1sFBhaiyE73SuVbmSW12qSMzLBIzda3DDALZv0Zd2mYl/5y1KBnaupQ
oYBKpXOYoIhyR5PtX5VkS4SzHoQNle7q5cQBVWVfoqvIaHSJjOkfWbgIVctnH1zm
9zeKO++cMcrexq6yPB183M1sUb/OFM7GuZS+tSRkM4r5Amzqj/CbMITSdvKIZrnr
tNzQSWe9XvaHTExisDzu+HUYhBLSdX1RuJkZeUhGNIJPhbX97Nf3KllNUOOTlNdG
fvbHZQl51m7vuVCmv9ToQDrnqdskVQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFMsA
ImYCJuDDCFaHgVmGpTd1dPHQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTMyQUJDNjY4OUMxMUYwQTg0RkRCQkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBmtcMAwQAmtgBAwQAmtoB
AwQCmtoQAwQAmtoWMAwDBACa3tcDBACa3t4DBACa3vIDBACa3vwDBACa31EwDQYJ
KoZIhvcNAQELBQADggEBAAXkON4RPNv1iTW4e6HsrsXDdsZn0qM8RkFquqtisnWP
sq64liKQk2ZNB4VEbJEVYrLfHpZOYNbUZdLDLd0/qjNS2AsHyJJvps8U/ys+4sXv
rDcBCcYhKPrTXkZSFaRo6311XPwIgDBoCS0x9xh68xXa9fBjtQ0xFscMptPPd8xe
xXWsYZpHyPGMWxQqRiiIYrGzDduWy6Ezrl48Y9NURG5pH/FuCB2xOyD9YBZHd2qP
kNs8pr5Ms3Umj/Q28cpWTWxWgDLGuK28+Gzbf2TSq7Ya8smbdaNXJY70ig+4gv5x
/loiRMma5mxmO68QfYm9v7WWsmNlAqaVVLuk8owFCDg=
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:33:00 2025 by rpki-client