Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1E952F4664211F0AB5066EBDAE4EC9C.roa
File: B1E952F4664211F0AB5066EBDAE4EC9C.roa (raw, json)
Hash identifier: /SoibK/AK9vgfjJHlHBO6fywceh8Irjm2T+msTke6TA=
Subject key identifier: F8:45:1B:0C:C1:EA:76:9C:91:10:03:54:7A:FB:1E:E4:F8:D6:93:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E7D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1E952F4664211F0AB5066EBDAE4EC9C.roa
Signing time: Mon 21 Jul 2025 14:55:09 +0000
ROA not before: Mon 21 Jul 2025 14:55:04 +0000
ROA not after: Mon 25 Aug 2025 14:55:04 +0000
asID: 203020
IP address blocks: 154.194.214.0/23 maxlen: 24
154.194.232.0/23 maxlen: 24
154.194.242.0/23 maxlen: 24
154.198.174.0/23 maxlen: 24
154.198.184.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102013 (0x18e7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 21 14:55:04 2025 GMT
Not After : Aug 25 14:55:04 2025 GMT
Subject: CN=687e54cd-6cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:09:e2:6b:17:30:ae:32:48:98:03:17:e3:08:
00:4a:05:d0:4f:f8:b2:c9:30:c7:ad:41:0e:15:36:
ef:1d:1c:17:03:22:fa:18:6f:63:07:15:c9:e9:90:
54:e5:97:22:a5:9b:4c:a2:12:63:65:a9:69:d0:d7:
30:34:b6:95:13:9c:91:6e:b2:f5:8f:dd:25:a7:3f:
8c:8a:9a:35:21:75:14:f9:86:fc:41:c8:58:32:46:
f4:72:6a:43:1a:22:85:24:b7:e8:2a:d2:82:73:7e:
e1:de:d6:45:f8:5a:f9:a5:50:7b:fa:1a:ef:41:c1:
3e:b5:39:18:39:4b:b2:13:df:ed:ab:89:7c:76:f4:
6e:4a:c9:c8:2e:eb:71:43:e4:80:a6:f5:79:0f:d3:
6d:27:f8:5d:72:3b:22:6c:8c:e5:b5:2f:9d:62:53:
e0:d0:78:f4:a4:63:c0:96:02:65:39:ef:cd:75:d1:
35:2b:80:7c:86:b0:95:99:e5:d3:fa:0d:b7:13:60:
c4:e6:cf:2b:a6:8b:51:7a:63:58:e9:21:47:87:ae:
56:05:d4:02:aa:47:63:dd:90:99:f0:0c:3f:d2:3c:
96:dc:3c:ea:cf:06:bf:03:50:47:56:f1:02:9d:3a:
28:3f:43:d9:5d:06:ff:ed:16:97:29:0d:0c:14:49:
b5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:45:1B:0C:C1:EA:76:9C:91:10:03:54:7A:FB:1E:E4:F8:D6:93:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1E952F4664211F0AB5066EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.214.0/23
154.194.232.0/23
154.194.242.0/23
154.198.174.0/23
154.198.184.0/23
Signature Algorithm: sha256WithRSAEncryption
97:2d:c8:8f:1a:e2:1a:97:54:79:0c:9f:8f:c7:1c:41:10:bb:
9c:31:d6:67:7c:2e:2c:51:e8:b8:9f:5b:dd:30:1e:15:15:92:
45:0c:25:1d:c4:ac:b7:98:9a:b7:32:77:35:30:c0:56:cd:6f:
c3:81:73:3a:f9:8e:b0:06:b6:f8:17:0d:c7:66:d0:58:98:be:
b5:64:40:da:ee:f2:3c:c0:fd:82:7e:36:b6:b1:33:bb:6b:5c:
de:0f:f7:82:c3:5d:df:d3:7b:73:86:a1:35:e4:d0:66:ac:ff:
44:2c:01:55:81:17:1d:8a:b4:85:ae:9b:3f:fb:52:1a:f9:c8:
a8:8e:ef:79:2c:29:4d:ab:d4:1c:5d:98:39:17:fa:18:bf:d2:
31:b6:38:7d:cd:1a:90:c1:4f:7c:12:cd:af:6e:4a:b3:56:9d:
eb:c3:6e:7b:c5:f9:fb:d4:76:42:21:b3:a2:5a:db:49:07:9e:
63:0c:ee:76:da:5a:45:17:8b:35:00:74:e0:e1:40:ec:7f:fb:
d1:2a:8f:6d:92:60:8d:a1:a5:7e:e8:47:03:e6:63:6f:df:3e:
93:91:d2:ce:4c:9d:86:69:36:75:62:a9:16:1c:15:13:9d:7c:
32:c4:2b:f4:46:8b:d3:2d:71:ed:71:11:10:fc:f1:b6:4d:f4:
a2:ef:bf:83
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDAY59MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIxMTQ1NTA0WhcNMjUwODI1MTQ1NTA0WjAYMRYw
FAYDVQQDEw02ODdlNTRjZC02Y2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0AniaxcwrjJImAMX4wgASgXQT/iyyTDHrUEOFTbvHRwXAyL6GG9jBxXJ
6ZBU5ZcipZtMohJjZalp0NcwNLaVE5yRbrL1j90lpz+Mipo1IXUU+Yb8QchYMkb0
cmpDGiKFJLfoKtKCc37h3tZF+Fr5pVB7+hrvQcE+tTkYOUuyE9/tq4l8dvRuSsnI
LutxQ+SApvV5D9NtJ/hdcjsibIzltS+dYlPg0Hj0pGPAlgJlOe/NddE1K4B8hrCV
meXT+g23E2DE5s8rpotRemNY6SFHh65WBdQCqkdj3ZCZ8Aw/0jyW3Dzqzwa/A1BH
VvECnTooP0PZXQb/7RaXKQ0MFEm1MQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFPhF
GwzB6nackRADVHr7HuT41pNJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMUU5NTJGNDY2NDIxMUYwQUI1MDY2RUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBmsLWAwQBmsLoAwQBmsLy
AwQBmsauAwQBmsa4MA0GCSqGSIb3DQEBCwUAA4IBAQCXLciPGuIal1R5DJ+PxxxB
ELucMdZnfC4sUei4n1vdMB4VFZJFDCUdxKy3mJq3Mnc1MMBWzW/DgXM6+Y6wBrb4
Fw3HZtBYmL61ZEDa7vI8wP2Cfja2sTO7a1zeD/eCw13f03tzhqE15NBmrP9ELAFV
gRcdirSFrps/+1Ia+cioju95LClNq9QcXZg5F/oYv9Ixtjh9zRqQwU98Es2vbkqz
Vp3rw257xfn71HZCIbOiWttJB55jDO522lpFF4s1AHTg4UDsf/vRKo9tkmCNoaV+
6EcD5mNv3z6TkdLOTJ2GaTZ1YqkWHBUTnXwyxCv0RovTLXHtcREQ/PG2TfSi77+D
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:18:00 2025 by rpki-client