Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/759E39EC490D11F0AA40DCE8DAE4EC9C.roa
File: 759E39EC490D11F0AA40DCE8DAE4EC9C.roa (raw, json)
Hash identifier: AanMmuSE4oHS+HyJPQI5ViVyWa3gfN4lzFxO+xKFCbg=
Subject key identifier: A1:B1:F8:1C:0D:CB:85:80:23:96:FA:E3:A3:14:51:E5:16:3B:AE:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018699
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/759E39EC490D11F0AA40DCE8DAE4EC9C.roa
Signing time: Sat 14 Jun 2025 10:51:01 +0000
ROA not before: Sat 14 Jun 2025 10:50:56 +0000
ROA not after: Wed 30 Jul 2025 10:50:56 +0000
asID: 57043
IP address blocks: 154.222.38.0/23 maxlen: 24
154.222.66.0/23 maxlen: 24
154.222.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99993 (0x18699)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 14 10:50:56 2025 GMT
Not After : Jul 30 10:50:56 2025 GMT
Subject: CN=684d5415-a312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f0:81:67:a2:32:ac:a6:47:ee:8d:60:38:11:
e2:d6:dd:51:40:09:78:d2:09:57:37:65:c5:97:e1:
98:4d:d7:96:16:e0:47:91:91:27:a1:91:71:78:60:
45:2a:78:db:7b:91:72:a9:bd:69:60:1b:72:75:ec:
4c:c0:23:ca:b7:e0:46:9e:81:5c:43:22:f5:22:d5:
3d:c7:13:97:8e:8e:2d:f5:85:01:7e:3b:eb:5a:2f:
0b:8f:e1:b3:de:f5:83:2d:d8:6a:b4:0a:24:e1:5f:
f7:20:cb:37:9b:4c:f9:a2:a0:78:bf:94:f1:6e:86:
e4:c3:a2:1c:f4:5c:c5:b3:8f:49:64:e2:56:07:56:
65:5d:1b:1c:4f:ec:fc:f0:79:4e:1c:73:c3:98:9d:
7c:76:0c:9a:12:11:94:83:b7:64:48:3a:81:cd:e9:
53:c0:33:80:2a:82:e6:89:8f:dc:11:02:19:ad:ed:
50:ce:c7:28:41:b9:56:d4:d6:5b:2c:87:5f:ae:32:
96:41:09:0c:74:21:e6:af:79:d4:e2:f3:86:e2:3a:
a2:85:2f:33:d6:be:63:93:aa:13:ea:ac:62:73:ad:
cc:6a:a3:f2:a9:fb:f7:e0:fa:9d:80:2e:53:7d:ab:
58:fa:fd:84:5e:f3:e3:35:c0:4b:b9:25:83:29:81:
ce:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B1:F8:1C:0D:CB:85:80:23:96:FA:E3:A3:14:51:E5:16:3B:AE:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/759E39EC490D11F0AA40DCE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.38.0/23
154.222.66.0/23
154.222.134.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:9f:b5:5a:6f:c9:65:08:67:e1:c0:82:65:a4:6b:f1:80:57:
c9:25:a5:a6:aa:0a:6d:9a:87:30:75:bb:17:fc:10:60:53:9c:
65:32:1e:b0:1f:16:94:54:cb:bf:ff:65:4b:0e:f1:ac:4f:c9:
0d:7f:e0:da:88:50:27:9f:63:18:e8:c6:2c:ba:c4:14:de:8b:
d3:a5:11:38:db:ce:98:f8:bd:1f:ac:91:4d:31:30:cf:59:07:
fb:8c:39:33:5b:66:ca:78:45:bd:e7:ec:81:f6:32:e1:87:16:
e8:79:a7:6b:2a:c0:2d:6a:b4:cb:28:1e:8b:28:81:1c:7d:4d:
8e:cc:3c:a7:d1:87:95:f7:00:11:d6:2d:26:88:e2:e6:7c:26:
44:cd:28:e8:4a:10:3e:90:40:b4:e7:7e:25:c0:54:9b:6d:01:
0c:3b:f8:34:69:a5:b4:41:ca:fd:eb:0b:d7:38:2b:bb:58:4d:
f1:a8:a1:c3:d5:bc:d2:1e:cb:38:cd:a5:4d:24:bc:2c:d7:30:
99:b3:10:66:d3:78:29:d5:6c:2e:af:0f:cc:91:94:56:e2:c0:
a2:6a:5f:52:39:bb:ed:11:51:e4:8c:7c:c9:cf:dd:10:c3:66:
71:98:94:d3:83:1d:d3:27:5d:65:c6:c9:b1:22:32:b5:40:bb:
9a:2e:01:44
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYaZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE0MTA1MDU2WhcNMjUwNzMwMTA1MDU2WjAYMRYw
FAYDVQQDEw02ODRkNTQxNS1hMzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo/CBZ6IyrKZH7o1gOBHi1t1RQAl40glXN2XFl+GYTdeWFuBHkZEnoZFx
eGBFKnjbe5Fyqb1pYBtydexMwCPKt+BGnoFcQyL1ItU9xxOXjo4t9YUBfjvrWi8L
j+Gz3vWDLdhqtAok4V/3IMs3m0z5oqB4v5Txbobkw6Ic9FzFs49JZOJWB1ZlXRsc
T+z88HlOHHPDmJ18dgyaEhGUg7dkSDqBzelTwDOAKoLmiY/cEQIZre1QzscoQblW
1NZbLIdfrjKWQQkMdCHmr3nU4vOG4jqihS8z1r5jk6oT6qxic63MaqPyqfv34Pqd
gC5TfatY+v2EXvPjNcBLuSWDKYHOkQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFKGx
+BwNy4WAI5b646MUUeUWO65yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NTlFMzlFQzQ5MEQxMUYwQUE0MERDRThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmt4mAwQBmt5CAwQBmt6G
MA0GCSqGSIb3DQEBCwUAA4IBAQA/n7Vab8llCGfhwIJlpGvxgFfJJaWmqgptmocw
dbsX/BBgU5xlMh6wHxaUVMu//2VLDvGsT8kNf+DaiFAnn2MY6MYsusQU3ovTpRE4
286Y+L0frJFNMTDPWQf7jDkzW2bKeEW95+yB9jLhhxboeadrKsAtarTLKB6LKIEc
fU2OzDyn0YeV9wAR1i0miOLmfCZEzSjoShA+kEC0534lwFSbbQEMO/g0aaW0Qcr9
6wvXOCu7WE3xqKHD1bzSHss4zaVNJLws1zCZsxBm03gp1Wwurw/MkZRW4sCial9S
ObvtEVHkjHzJz90Qw2ZxmJTTgx3TJ11lxsmxIjK1QLuaLgFE
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:01:55 2025 by rpki-client