Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3C2D2DE67D311F0B9512FA2DAE4EC9C.roa
File: B3C2D2DE67D311F0B9512FA2DAE4EC9C.roa (raw, json)
Hash identifier: ml90b0b9RvoMoqTOQRNwJUkiDoZYWSHVmgVLj/T1b4s=
Subject key identifier: 70:B4:AE:55:E2:FA:EC:EE:09:4B:42:A4:73:D7:14:1F:60:C6:53:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F38
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3C2D2DE67D311F0B9512FA2DAE4EC9C.roa
Signing time: Wed 23 Jul 2025 14:45:40 +0000
ROA not before: Wed 23 Jul 2025 14:45:35 +0000
ROA not after: Tue 09 Sep 2025 14:45:35 +0000
asID: 138915
IP address blocks: 154.95.69.0/24 maxlen: 24
154.95.76.0/24 maxlen: 24
154.95.77.0/24 maxlen: 24
154.95.78.0/24 maxlen: 24
154.95.79.0/24 maxlen: 24
154.95.80.0/24 maxlen: 24
154.95.81.0/24 maxlen: 24
154.95.82.0/24 maxlen: 24
154.95.83.0/24 maxlen: 24
154.95.84.0/24 maxlen: 24
154.95.85.0/24 maxlen: 24
154.95.86.0/23 maxlen: 24
154.95.88.0/24 maxlen: 24
154.95.89.0/24 maxlen: 24
154.95.90.0/24 maxlen: 24
154.95.91.0/24 maxlen: 24
154.95.92.0/24 maxlen: 24
154.95.93.0/24 maxlen: 24
154.95.94.0/24 maxlen: 24
154.95.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 07 Aug 2025 01:13:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102200 (0x18f38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 23 14:45:35 2025 GMT
Not After : Sep 9 14:45:35 2025 GMT
Subject: CN=6880f594-879d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ac:89:42:26:61:43:a1:0b:44:0b:3f:c9:83:
be:33:95:58:cf:7e:00:13:d5:f3:c0:7e:13:b4:14:
23:7e:f6:45:25:b6:6a:70:85:57:1f:9b:e2:45:ec:
58:22:7f:ae:c8:f0:03:e5:c0:cc:74:1c:b1:49:58:
b6:87:bd:83:50:be:0c:e5:7c:7d:91:0f:e7:22:5e:
bf:c7:0f:bd:cb:7a:77:2f:d6:de:41:db:82:6a:b3:
66:1d:20:f1:45:d9:f2:3f:e4:6b:e0:18:12:77:c2:
f9:a4:a2:c8:e3:20:6a:a6:c3:7a:3f:9f:bc:9c:c2:
9d:f3:ad:42:5f:4f:35:80:b3:50:97:78:42:72:ed:
c9:6b:34:1a:8e:a3:67:aa:6a:64:85:b4:3a:fd:f1:
71:92:79:f9:a3:db:3d:68:44:4b:6c:07:27:d9:b4:
52:ea:57:5b:e8:01:b6:95:5f:a3:12:08:3c:b3:39:
34:41:cb:88:2f:dd:f6:11:aa:8d:50:1a:a7:31:25:
c7:c8:b3:3a:1e:00:18:30:69:8b:59:23:f5:4d:06:
c8:9b:6d:bd:3d:81:64:87:29:73:6d:ed:80:23:06:
0e:60:68:dc:f5:19:ce:8e:61:76:1e:b1:24:c1:3e:
65:f3:ec:d7:7b:ad:c9:c1:3a:f5:44:1c:53:36:b3:
17:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B4:AE:55:E2:FA:EC:EE:09:4B:42:A4:73:D7:14:1F:60:C6:53:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3C2D2DE67D311F0B9512FA2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.69.0/24
154.95.76.0-154.95.95.255
Signature Algorithm: sha256WithRSAEncryption
c8:a4:ba:d7:e6:76:e0:1e:08:0a:8d:04:35:2f:96:97:f0:c4:
f2:6a:a1:fb:22:11:e2:81:44:3b:b7:b0:a2:c8:6f:f0:0b:e6:
cc:7e:26:87:02:85:53:8c:13:ec:b7:f9:aa:f4:f1:5e:60:62:
53:e6:43:e9:5e:59:07:ac:f5:dc:b1:d2:5e:ed:c4:bf:b7:58:
a2:4e:a2:30:25:3e:f8:9e:0d:4c:6f:c8:f9:96:28:87:14:07:
3c:ea:b2:f0:e9:32:0c:c3:3b:0d:d9:14:a6:7b:b1:49:ee:93:
cb:06:26:02:d9:c9:ea:59:74:e9:a9:7f:ee:58:3e:9f:f7:bd:
ac:c9:ae:09:cc:89:4b:e6:89:81:c3:db:19:28:26:63:fb:05:
21:2a:23:a6:17:71:bd:9b:fc:1e:7d:28:e6:e3:95:a3:bf:42:
18:1c:ff:c1:31:f7:bb:22:e8:22:54:06:cc:97:0f:dc:b8:cf:
63:a9:06:64:a1:f4:92:05:a2:a6:d2:e6:b5:a7:92:33:9e:17:
a1:41:ff:d7:0a:b4:de:a7:2d:83:d9:a1:88:06:cc:b8:28:2f:
ce:ba:86:d5:6c:eb:07:00:49:8b:bd:08:29:12:b3:b8:67:a8:
c3:10:0c:9b:e1:42:5d:9a:37:83:2f:0f:60:2f:6b:e7:63:73:
c5:f7:25:98
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAY84MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIzMTQ0NTM1WhcNMjUwOTA5MTQ0NTM1WjAYMRYw
FAYDVQQDEw02ODgwZjU5NC04NzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6yJQiZhQ6ELRAs/yYO+M5VYz34AE9XzwH4TtBQjfvZFJbZqcIVXH5vi
RexYIn+uyPAD5cDMdByxSVi2h72DUL4M5Xx9kQ/nIl6/xw+9y3p3L9beQduCarNm
HSDxRdnyP+Rr4BgSd8L5pKLI4yBqpsN6P5+8nMKd861CX081gLNQl3hCcu3JazQa
jqNnqmpkhbQ6/fFxknn5o9s9aERLbAcn2bRS6ldb6AG2lV+jEgg8szk0QcuIL932
EaqNUBqnMSXHyLM6HgAYMGmLWSP1TQbIm229PYFkhylzbe2AIwYOYGjc9RnOjmF2
HrEkwT5l8+zXe63JwTr1RBxTNrMXiwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFHC0
rlXi+uzuCUtCpHPXFB9gxlPhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CM0MyRDJERTY3RDMxMUYwQjk1MTJGQTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAml9FMAwDBAKaX0wDBAWa
X0AwDQYJKoZIhvcNAQELBQADggEBAMikutfmduAeCAqNBDUvlpfwxPJqofsiEeKB
RDu3sKLIb/AL5sx+JocChVOME+y3+ar08V5gYlPmQ+leWQes9dyx0l7txL+3WKJO
ojAlPvieDUxvyPmWKIcUBzzqsvDpMgzDOw3ZFKZ7sUnuk8sGJgLZyepZdOmpf+5Y
Pp/3vazJrgnMiUvmiYHD2xkoJmP7BSEqI6YXcb2b/B59KObjlaO/Qhgc/8Ex97si
6CJUBsyXD9y4z2OpBmSh9JIFoqbS5rWnkjOeF6FB/9cKtN6nLYPZoYgGzLgoL866
htVs6wcASYu9CCkSs7hnqMMQDJvhQl2aN4MvD2Ava+djc8X3JZg=
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:57:02 2025 by rpki-client