Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE3B816C688A11F0869002CDDAE4EC9C.roa
File: CE3B816C688A11F0869002CDDAE4EC9C.roa (raw, json)
Hash identifier: IjKbyiNQycV4hGP2PhPXlwO9AXRey2P4GEKUdVgaryg=
Subject key identifier: 71:0C:12:D2:36:F6:A5:DC:45:32:12:17:2E:4A:1D:DA:5C:E1:3C:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F76
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE3B816C688A11F0869002CDDAE4EC9C.roa
Signing time: Thu 24 Jul 2025 12:36:23 +0000
ROA not before: Thu 24 Jul 2025 12:36:18 +0000
ROA not after: Fri 05 Sep 2025 12:36:18 +0000
asID: 44559
IP address blocks: 154.209.19.0/24 maxlen: 24
154.209.95.0/24 maxlen: 24
154.209.132.0/24 maxlen: 24
154.209.133.0/24 maxlen: 24
154.209.135.0/24 maxlen: 24
154.209.147.0/24 maxlen: 24
154.209.149.0/24 maxlen: 24
154.209.156.0/24 maxlen: 24
154.209.159.0/24 maxlen: 24
154.209.192.0/24 maxlen: 24
154.209.193.0/24 maxlen: 24
154.209.194.0/24 maxlen: 24
154.218.27.0/24 maxlen: 24
154.219.193.0/24 maxlen: 24
154.219.194.0/24 maxlen: 24
154.219.197.0/24 maxlen: 24
154.219.200.0/24 maxlen: 24
154.219.204.0/24 maxlen: 24
154.219.205.0/24 maxlen: 24
154.219.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102262 (0x18f76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 24 12:36:18 2025 GMT
Not After : Sep 5 12:36:18 2025 GMT
Subject: CN=688228c7-366d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:9f:ed:b5:88:42:71:b7:c0:e3:63:f1:19:
d1:a9:1b:3f:59:0b:38:00:f9:0e:b7:51:d8:79:5e:
96:3a:3c:7b:86:59:4d:9b:d7:9b:74:67:e9:58:ba:
7f:ae:04:e6:b1:55:a4:3c:21:85:a7:be:75:5c:ad:
21:1c:f1:30:4f:b8:5b:7f:f5:be:60:73:cc:2c:ea:
4e:11:f6:08:1f:d5:3d:d6:25:dc:05:77:f6:3f:5d:
f9:34:02:d8:0f:ae:9a:28:cc:9c:67:5c:16:ba:e2:
8c:b6:92:f9:cf:09:ef:4d:4e:4d:8b:37:d2:c2:ed:
02:fe:f9:ae:83:42:71:ed:cb:47:74:68:79:ba:84:
a8:f4:72:18:b8:3c:a6:3d:b7:59:c4:06:1f:d9:e5:
71:21:53:ff:61:09:3e:55:0d:b8:c0:76:c6:89:b0:
10:f9:06:cb:d8:05:07:79:5b:e4:c2:37:b0:13:bf:
69:15:9f:4f:6e:9e:89:02:a7:90:b0:7a:51:5c:37:
f1:b2:50:44:fa:6d:a4:b5:0f:e8:4f:05:ff:b5:9e:
1f:1f:14:fa:b8:38:cf:53:38:a9:f7:5e:b0:a2:b6:
a1:11:4e:76:bd:fb:cd:7b:6a:9b:73:08:6a:6e:27:
f5:ed:ab:ee:7e:81:47:1d:2f:86:12:75:42:08:d4:
d0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0C:12:D2:36:F6:A5:DC:45:32:12:17:2E:4A:1D:DA:5C:E1:3C:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE3B816C688A11F0869002CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.19.0/24
154.209.95.0/24
154.209.132.0/23
154.209.135.0/24
154.209.147.0/24
154.209.149.0/24
154.209.156.0/24
154.209.159.0/24
154.209.192.0-154.209.194.255
154.218.27.0/24
154.219.193.0-154.219.194.255
154.219.197.0/24
154.219.200.0/24
154.219.204.0-154.219.206.255
Signature Algorithm: sha256WithRSAEncryption
17:af:73:6e:c9:c8:e7:8a:1e:c1:e5:b2:a3:4f:3b:b0:4a:08:
14:2d:7b:f6:b3:af:fa:f7:83:a8:49:fa:24:29:28:ae:c1:36:
d7:0b:dd:cb:ed:21:88:2b:83:55:fb:a7:43:d3:bb:08:a6:40:
28:ed:77:3e:d8:17:0a:20:b6:1b:f6:f3:3b:79:f3:6d:ed:c9:
bd:ca:18:58:8d:11:a9:b3:7f:08:49:e1:71:34:a3:ba:e9:8d:
ca:9b:05:4d:d5:37:e2:89:56:48:a1:b0:ad:17:b9:4a:4f:0f:
f1:64:d6:63:4d:27:07:18:78:32:c4:c4:5f:db:52:60:74:7d:
67:c2:7e:bc:f1:62:2d:b5:54:54:3d:69:a5:1e:4d:fb:d8:ae:
8b:10:26:99:80:48:63:14:9d:64:6d:3c:ea:cb:fa:99:b3:4c:
97:56:56:e9:54:f7:5a:bc:a7:a1:5a:77:82:97:fa:6a:c9:94:
9c:88:f1:76:d9:e4:58:c9:19:d0:b5:e2:13:e4:0e:88:f5:c0:
fd:6b:a9:96:de:36:b7:8a:65:4b:8e:20:1e:1c:31:86:6a:52:
14:27:2d:8c:99:80:ac:29:ba:70:5d:4e:17:4b:20:a0:58:2e:
21:a3:cc:12:9d:01:62:f9:10:fe:80:72:69:94:51:d7:0e:ce:
20:73:ad:7d
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgIDAY92MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI0MTIzNjE4WhcNMjUwOTA1MTIzNjE4WjAYMRYw
FAYDVQQDEw02ODgyMjhjNy0zNjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuyaf7bWIQnG3wONj8RnRqRs/WQs4APkOt1HYeV6WOjx7hllNm9ebdGfp
WLp/rgTmsVWkPCGFp751XK0hHPEwT7hbf/W+YHPMLOpOEfYIH9U91iXcBXf2P135
NALYD66aKMycZ1wWuuKMtpL5zwnvTU5NizfSwu0C/vmug0Jx7ctHdGh5uoSo9HIY
uDymPbdZxAYf2eVxIVP/YQk+VQ24wHbGibAQ+QbL2AUHeVvkwjewE79pFZ9Pbp6J
AqeQsHpRXDfxslBE+m2ktQ/oTwX/tZ4fHxT6uDjPUzip916worahEU52vfvNe2qb
cwhqbif17avufoFHHS+GEnVCCNTQnQIDAQABo4IDDDCCAwgwHQYDVR0OBBYEFHEM
EtI29qXcRTISFy5KHdpc4TyBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTNCODE2QzY4OEExMUYwODY5MDAyQ0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAJrREwMEAJrRXwMEAZrR
hAMEAJrRhwMEAJrRkwMEAJrRlQMEAJrRnAMEAJrRnzAMAwQGmtHAAwQAmtHCAwQA
mtobMAwDBACa28EDBACa28IDBACa28UDBACa28gwDAMEAprbzAMEAJrbzjANBgkq
hkiG9w0BAQsFAAOCAQEAF69zbsnI54oeweWyo087sEoIFC179rOv+veDqEn6JCko
rsE21wvdy+0hiCuDVfunQ9O7CKZAKO13PtgXCiC2G/bzO3nzbe3JvcoYWI0RqbN/
CEnhcTSjuumNypsFTdU34olWSKGwrRe5Sk8P8WTWY00nBxh4MsTEX9tSYHR9Z8J+
vPFiLbVUVD1ppR5N+9iuixAmmYBIYxSdZG086sv6mbNMl1ZW6VT3WrynoVp3gpf6
asmUnIjxdtnkWMkZ0LXiE+QOiPXA/Wuplt42t4plS44gHhwxhmpSFCctjJmArCm6
cF1OF0sgoFguIaPMEp0BYvkQ/oByaZRR1w7OIHOtfQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:52:34 2025 by rpki-client