Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6889917E6FAB11F0BBC4E0B3DAE4EC9C.roa
File: 6889917E6FAB11F0BBC4E0B3DAE4EC9C.roa (raw, json)
Hash identifier: DDt2U9ary8dd+o8BRw1tj3zF0nHsUkgu5MorR6e1t3I=
Subject key identifier: 20:9D:A4:20:43:47:B3:BB:20:91:25:C5:B2:76:7C:EB:8C:3E:FB:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019042
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6889917E6FAB11F0BBC4E0B3DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 14:17:24 +0000
ROA not before: Sat 02 Aug 2025 14:17:18 +0000
ROA not after: Wed 03 Sep 2025 14:17:18 +0000
asID: 203020
IP address blocks: 154.205.186.0/24 maxlen: 24
154.223.137.0/24 maxlen: 24
154.223.138.0/24 maxlen: 24
154.223.139.0/24 maxlen: 24
154.223.140.0/24 maxlen: 24
154.223.141.0/24 maxlen: 24
154.223.142.0/24 maxlen: 24
154.223.143.0/24 maxlen: 24
154.223.160.0/24 maxlen: 24
154.223.161.0/24 maxlen: 24
154.223.162.0/24 maxlen: 24
154.223.163.0/24 maxlen: 24
154.223.172.0/24 maxlen: 24
154.223.173.0/24 maxlen: 24
154.223.174.0/24 maxlen: 24
154.223.175.0/24 maxlen: 24
154.223.184.0/24 maxlen: 24
154.223.185.0/24 maxlen: 24
154.223.186.0/24 maxlen: 24
154.223.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102466 (0x19042)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 14:17:18 2025 GMT
Not After : Sep 3 14:17:18 2025 GMT
Subject: CN=688e1df4-6397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8a:45:82:06:0e:5e:dd:bf:12:8f:e3:b0:b2:
e2:1c:0e:a1:b9:0a:92:da:ca:d8:9f:a1:5c:44:a6:
0b:37:40:7c:53:7a:a7:6b:9f:81:fb:ea:6e:07:01:
30:7c:85:e1:8f:56:f4:4b:1b:1a:b7:4a:20:c6:b2:
0a:65:04:77:72:12:28:74:f8:e2:27:d8:f4:cf:7a:
95:57:65:26:8f:40:fb:d0:30:ac:ea:49:21:85:76:
c9:2d:33:9d:31:55:8e:27:4f:05:6e:1b:8e:55:ad:
e8:b3:07:17:7d:ec:17:09:c8:1a:fe:09:5d:17:49:
ba:16:d5:f0:9e:a3:10:ab:4b:72:34:fd:1d:56:be:
b1:bc:97:04:3f:65:b9:83:35:34:25:8e:c3:2d:f6:
ac:7b:24:64:2b:b0:a0:6e:b7:8e:e7:64:d7:a2:03:
d8:19:56:d2:bd:3b:cb:c1:90:38:75:28:18:4f:3d:
74:3c:93:cf:c9:e7:50:c9:db:0a:ea:d3:e8:e5:12:
8e:4d:06:3f:60:35:67:1f:a7:07:24:23:18:76:3b:
e0:2e:f9:5c:5d:79:b6:ce:66:f9:21:25:00:74:28:
58:c9:1d:4c:5c:a4:ce:6b:3c:9e:c6:8c:1a:56:4e:
b0:8e:4a:5d:fd:8c:32:5e:a8:72:9d:59:46:78:7b:
2f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9D:A4:20:43:47:B3:BB:20:91:25:C5:B2:76:7C:EB:8C:3E:FB:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6889917E6FAB11F0BBC4E0B3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.186.0/24
154.223.137.0-154.223.143.255
154.223.160.0/22
154.223.172.0/22
154.223.184.0/22
Signature Algorithm: sha256WithRSAEncryption
72:66:fb:23:fc:96:1e:18:f0:75:9d:01:8a:c5:f7:67:09:15:
11:01:ea:af:fd:f1:51:61:9d:4f:99:25:6f:0c:f5:1d:34:2b:
37:59:0b:5f:72:59:df:e7:11:55:8d:c4:27:64:0e:19:a9:1b:
9e:6a:ff:f1:1d:ab:2e:4d:73:dd:73:b1:cb:38:91:9a:5e:00:
da:e1:2f:bf:33:e2:b1:be:21:42:8c:b9:d7:fe:0b:13:87:6c:
18:97:21:3a:87:7e:dc:f2:fb:73:74:27:6f:96:cf:40:11:e1:
f8:c4:dc:5e:da:bc:4c:cd:b6:2f:59:2b:77:3a:10:5e:29:4a:
25:6b:6f:26:24:7c:cb:aa:c0:d5:e7:ed:bc:db:62:78:2d:54:
f1:d5:9d:3c:78:34:e2:cf:e8:ac:2a:ac:b5:7b:dd:76:c0:40:
1b:00:e6:06:8d:6e:e4:fd:17:a3:f7:b6:ed:21:07:0c:d6:29:
3b:26:4c:27:d8:fd:29:86:4d:f8:89:40:fb:3d:95:9a:b8:07:
95:87:2f:62:e3:3f:30:f6:09:27:80:4f:10:21:0b:fc:e6:21:
2b:e5:e1:ad:e9:f0:ff:11:4f:52:ca:64:72:67:0a:2b:bf:d1:
1c:a0:87:9d:c6:33:c6:7e:cb:04:a0:c8:43:a3:64:b2:1f:ae:
ae:25:bf:1f
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAZBCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMTQxNzE4WhcNMjUwOTAzMTQxNzE4WjAYMRYw
FAYDVQQDEw02ODhlMWRmNC02Mzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs4pFggYOXt2/Eo/jsLLiHA6huQqS2srYn6FcRKYLN0B8U3qna5+B++pu
BwEwfIXhj1b0Sxsat0ogxrIKZQR3chIodPjiJ9j0z3qVV2Umj0D70DCs6kkhhXbJ
LTOdMVWOJ08FbhuOVa3oswcXfewXCcga/gldF0m6FtXwnqMQq0tyNP0dVr6xvJcE
P2W5gzU0JY7DLfaseyRkK7CgbreO52TXogPYGVbSvTvLwZA4dSgYTz10PJPPyedQ
ydsK6tPo5RKOTQY/YDVnH6cHJCMYdjvgLvlcXXm2zmb5ISUAdChYyR1MXKTOazye
xowaVk6wjkpd/YwyXqhynVlGeHsvdQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFCCd
pCBDR7O7IJElxbJ2fOuMPvtyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODg5OTE3RTZGQUIxMUYwQkJDNEUwQjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAms26MAwDBACa34kDBASa
34ADBAKa36ADBAKa36wDBAKa37gwDQYJKoZIhvcNAQELBQADggEBAHJm+yP8lh4Y
8HWdAYrF92cJFREB6q/98VFhnU+ZJW8M9R00KzdZC19yWd/nEVWNxCdkDhmpG55q
//Edqy5Nc91zscs4kZpeANrhL78z4rG+IUKMudf+CxOHbBiXITqHftzy+3N0J2+W
z0AR4fjE3F7avEzNti9ZK3c6EF4pSiVrbyYkfMuqwNXn7bzbYngtVPHVnTx4NOLP
6KwqrLV73XbAQBsA5gaNbuT9F6P3tu0hBwzWKTsmTCfY/SmGTfiJQPs9lZq4B5WH
L2LjPzD2CSeATxAhC/zmISvl4a3p8P8RT1LKZHJnCiu/0Rygh53GM8Z+ywSgyEOj
ZLIfrq4lvx8=
-----END CERTIFICATE-----
Generated at Sat Aug 9 03:04:35 2025 by rpki-client