Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D32B9A3641F711F0A20AFFC7DAE4EC9C.roa
File: D32B9A3641F711F0A20AFFC7DAE4EC9C.roa (raw, json)
Hash identifier: M4AoHNzxZU8ZU0GsXWlmVUY0MaD7LU5vJnjFA34Voeg=
Subject key identifier: 22:93:96:1E:1D:6C:AA:01:27:85:A6:DE:58:4B:8F:C2:07:79:3C:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01850A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D32B9A3641F711F0A20AFFC7DAE4EC9C.roa
Signing time: Thu 05 Jun 2025 10:28:31 +0000
ROA not before: Thu 05 Jun 2025 10:28:26 +0000
ROA not after: Sun 10 Aug 2025 10:28:26 +0000
asID: 203020
IP address blocks: 154.217.32.0/23 maxlen: 24
154.217.34.0/23 maxlen: 24
154.217.66.0/24 maxlen: 24
154.217.67.0/24 maxlen: 24
154.217.68.0/24 maxlen: 24
154.217.69.0/24 maxlen: 24
154.217.70.0/24 maxlen: 24
154.217.71.0/24 maxlen: 24
154.217.72.0/24 maxlen: 24
154.217.73.0/24 maxlen: 24
154.217.74.0/24 maxlen: 24
154.217.75.0/24 maxlen: 24
154.217.76.0/24 maxlen: 24
154.217.77.0/24 maxlen: 24
154.217.78.0/24 maxlen: 24
154.217.80.0/24 maxlen: 24
154.217.81.0/24 maxlen: 24
154.217.82.0/24 maxlen: 24
154.217.91.0/24 maxlen: 24
154.217.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99594 (0x1850a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 5 10:28:26 2025 GMT
Not After : Aug 10 10:28:26 2025 GMT
Subject: CN=6841714f-b3e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ee:3e:ed:86:16:bf:a4:c2:d9:11:6c:9c:0e:
b7:85:82:77:f7:b4:00:ae:20:27:2f:41:ac:d8:f9:
07:ed:c3:6e:10:60:31:af:a4:31:47:69:35:f0:d0:
f8:12:c7:ee:cd:f2:5a:f7:df:8c:85:23:40:a9:49:
26:3e:df:c2:98:a1:b8:3a:ca:16:35:91:e7:2f:f6:
61:d1:b8:42:a5:f6:1f:a8:62:83:99:1b:ea:ac:c5:
44:b5:72:2e:1e:1a:37:43:0f:f7:ca:83:90:84:92:
7d:b0:51:52:47:d7:a6:1c:bf:a7:39:48:ae:9e:cf:
05:89:a3:ed:fb:6e:68:62:9f:26:2f:3e:45:cf:ab:
d5:9f:e0:19:75:2f:53:03:e7:5a:6c:b2:0c:91:93:
a7:02:84:57:b4:ec:d4:22:aa:2b:46:43:9a:c2:19:
0e:e2:47:3e:02:e3:7d:71:31:4c:24:dd:ad:3c:ca:
f9:77:81:08:88:29:fa:96:a3:82:fa:78:ad:a9:3b:
58:83:bc:1e:85:f2:0f:85:a6:9b:13:cb:e2:f9:f6:
55:f3:f1:7c:fd:f8:a9:74:70:e5:70:6c:33:f2:30:
87:d7:40:be:b9:00:d5:68:3a:55:51:ad:79:3b:c7:
e7:26:39:3c:8a:19:ed:c9:0b:b9:fc:21:9b:8e:54:
62:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:93:96:1E:1D:6C:AA:01:27:85:A6:DE:58:4B:8F:C2:07:79:3C:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D32B9A3641F711F0A20AFFC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.32.0/22
154.217.66.0-154.217.78.255
154.217.80.0-154.217.82.255
154.217.91.0/24
154.217.95.0/24
Signature Algorithm: sha256WithRSAEncryption
83:74:d5:24:79:01:9c:bd:ac:17:eb:24:ca:57:ee:48:84:83:
e5:ba:46:a0:05:b2:10:9a:dd:c7:cc:4f:44:53:d7:dd:62:08:
16:45:c0:f7:dc:d4:94:69:e3:07:93:f6:1d:24:67:70:58:a4:
ff:30:11:59:3c:74:8e:0d:35:5a:5a:0a:8c:d6:c8:42:29:58:
4e:bb:90:20:74:a3:88:2b:cf:ee:69:c2:8d:78:b1:1a:2e:05:
bd:2a:98:dd:1c:f6:d1:af:b4:b3:bd:3c:c1:ce:84:9d:bc:c4:
88:59:40:cc:35:a7:ad:04:ab:37:c5:e5:3c:53:61:ca:cf:73:
c9:d8:1e:14:de:a0:f1:72:ca:98:96:67:d2:43:03:58:62:08:
98:7f:ed:bf:ff:02:33:d7:35:57:73:d8:fe:e1:59:5a:42:a9:
59:d4:77:2b:5c:bc:31:77:7e:ed:95:7a:92:7a:83:55:4e:77:
d3:5a:b7:c4:2b:b4:ef:a5:b6:06:73:4a:a2:eb:9e:f9:b1:38:
c0:d4:74:4b:96:f3:b9:3c:42:87:9f:d2:37:8d:dc:18:66:2d:
26:ed:c8:5a:f5:be:65:74:65:6e:b8:72:03:56:25:8b:e0:88:
00:b0:ef:4d:fc:dd:1a:60:ea:bf:7b:f3:97:cb:5a:e0:59:17:
83:66:09:85
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIDAYUKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA1MTAyODI2WhcNMjUwODEwMTAyODI2WjAYMRYw
FAYDVQQDEw02ODQxNzE0Zi1iM2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2+4+7YYWv6TC2RFsnA63hYJ397QAriAnL0Gs2PkH7cNuEGAxr6QxR2k1
8ND4EsfuzfJa99+MhSNAqUkmPt/CmKG4OsoWNZHnL/Zh0bhCpfYfqGKDmRvqrMVE
tXIuHho3Qw/3yoOQhJJ9sFFSR9emHL+nOUiuns8FiaPt+25oYp8mLz5Fz6vVn+AZ
dS9TA+dabLIMkZOnAoRXtOzUIqorRkOawhkO4kc+AuN9cTFMJN2tPMr5d4EIiCn6
lqOC+nitqTtYg7wehfIPhaabE8vi+fZV8/F8/fipdHDlcGwz8jCH10C+uQDVaDpV
Ua15O8fnJjk8ihntyQu5/CGbjlRiUQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFCKT
lh4dbKoBJ4Wm3lhLj8IHeTxPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzJCOUEzNjQxRjcxMUYwQTIwQUZGQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCmtkgMAwDBAGa2UIDBACa
2U4wDAMEBJrZUAMEAJrZUgMEAJrZWwMEAJrZXzANBgkqhkiG9w0BAQsFAAOCAQEA
g3TVJHkBnL2sF+skylfuSISD5bpGoAWyEJrdx8xPRFPX3WIIFkXA99zUlGnjB5P2
HSRncFik/zARWTx0jg01WloKjNbIQilYTruQIHSjiCvP7mnCjXixGi4FvSqY3Rz2
0a+0s708wc6EnbzEiFlAzDWnrQSrN8XlPFNhys9zydgeFN6g8XLKmJZn0kMDWGII
mH/tv/8CM9c1V3PY/uFZWkKpWdR3K1y8MXd+7ZV6knqDVU5301q3xCu076W2BnNK
ouue+bE4wNR0S5bzuTxCh5/SN43cGGYtJu3IWvW+ZXRlbrhyA1Yli+CIALDvTfzd
GmDqv3vzl8ta4FkXg2YJhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:13:33 2025 by rpki-client