Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6C7670E3B2311F092A0FDDADAE4EC9C.roa
File: D6C7670E3B2311F092A0FDDADAE4EC9C.roa (raw, json)
Hash identifier: dDxHp0yGxIqPA1nsFWsG0q6UPbw9c4eUeIfadSbpm3Y=
Subject key identifier: 6D:10:31:E4:39:14:7F:61:65:A3:4E:35:1E:2B:5F:FD:77:96:F3:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018319
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6C7670E3B2311F092A0FDDADAE4EC9C.roa
Signing time: Tue 27 May 2025 17:55:56 +0000
ROA not before: Tue 27 May 2025 17:55:52 +0000
ROA not after: Sat 19 Feb 2028 17:55:52 +0000
asID: 17561
IP address blocks: 154.220.239.0/24 maxlen: 24
154.220.240.0/24 maxlen: 24
154.220.241.0/24 maxlen: 24
154.220.242.0/24 maxlen: 24
154.220.243.0/24 maxlen: 24
154.220.244.0/24 maxlen: 24
154.220.245.0/24 maxlen: 24
154.220.246.0/24 maxlen: 24
154.220.247.0/24 maxlen: 24
154.220.248.0/24 maxlen: 24
154.220.249.0/24 maxlen: 24
154.220.250.0/24 maxlen: 24
154.220.251.0/24 maxlen: 24
154.220.252.0/24 maxlen: 24
154.220.253.0/24 maxlen: 24
154.220.254.0/24 maxlen: 24
154.220.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99097 (0x18319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 27 17:55:52 2025 GMT
Not After : Feb 19 17:55:52 2028 GMT
Subject: CN=6835fcac-61da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a6:9e:8d:9f:f4:5a:64:2d:2b:ea:eb:b8:64:
36:b4:fa:7a:37:c0:dd:db:ac:e8:ef:cc:5e:1d:fb:
2e:d5:0e:4a:d8:db:9c:58:8f:fd:e1:4e:33:64:f9:
56:fe:82:6c:17:18:c4:29:26:de:bb:06:53:45:b9:
4d:eb:df:17:5e:a0:b4:7e:51:95:94:03:64:bf:e0:
97:86:a4:20:50:b1:bd:04:2e:dc:49:2f:75:ae:5b:
71:53:2f:94:97:ce:1b:d7:a4:50:27:ce:e4:8c:48:
09:43:2b:e8:fa:4f:e4:6b:bf:1b:31:91:62:3f:a1:
b4:ab:f8:a8:a2:8b:2b:78:f7:d2:27:ee:9c:6c:cb:
3d:fa:9e:cc:41:5b:23:54:0a:33:aa:11:c8:5a:fd:
22:38:1e:fd:14:5c:74:32:cc:e6:72:21:09:62:d7:
f6:ca:2a:b0:7e:c6:a0:7c:ce:8c:fb:95:ca:f3:c2:
3e:25:0a:23:1e:d0:41:a6:f0:d0:e3:0a:ca:cc:2d:
77:b3:06:27:d0:7d:e2:8b:0f:7f:fc:2d:c1:30:ef:
39:7c:0e:1e:f0:80:cd:bf:af:52:06:4d:10:93:d3:
fd:6b:40:d2:1e:2f:68:fe:85:b9:ba:50:78:50:f8:
35:2e:ed:4b:82:ad:31:cb:f7:b5:87:b7:c9:26:a3:
c4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:10:31:E4:39:14:7F:61:65:A3:4E:35:1E:2B:5F:FD:77:96:F3:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6C7670E3B2311F092A0FDDADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.239.0-154.220.255.255
Signature Algorithm: sha256WithRSAEncryption
4a:a0:b5:f0:f5:f2:1a:bf:00:93:73:5b:51:83:c2:7b:e6:da:
71:7b:b3:42:9b:0e:b4:09:59:be:8e:cf:c0:50:83:11:31:f9:
3d:f1:9e:41:18:8f:9e:74:81:35:98:15:fe:94:47:ec:56:b7:
65:ad:d5:42:a4:bd:5a:d8:24:43:b5:cd:13:65:69:3b:55:a6:
7e:0e:8f:f7:b8:15:93:c4:0f:08:94:08:16:0b:e7:5e:83:62:
63:b9:3f:a0:76:94:56:08:50:f1:e1:ef:ea:5c:5f:0e:fe:cb:
ba:00:e6:8e:aa:20:12:d2:6e:75:42:34:fe:88:ce:50:e0:d6:
fa:44:bd:9f:5d:83:66:26:d1:8c:70:be:64:4c:a2:16:f8:d1:
b0:03:60:2a:bc:35:b6:ea:78:1d:4c:5e:8e:58:29:0d:8b:c4:
d4:c1:fc:af:b1:6a:4c:f9:6c:4c:cb:ed:2c:df:df:6c:67:94:
34:57:59:f4:80:4b:9a:5a:a9:e5:f0:c0:fb:0d:83:41:a3:0b:
20:42:cc:57:c8:b5:e5:01:b8:f4:bf:f9:4f:e3:40:b3:a0:e8:
10:67:33:4f:ea:31:00:9b:07:6c:5d:0a:08:90:a6:59:f2:3f:
d0:98:e7:0d:12:9c:05:32:9f:a6:8a:20:8c:a4:42:fa:30:67:
2f:99:ad:31
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIDAYMZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI3MTc1NTUyWhcNMjgwMjE5MTc1NTUyWjAYMRYw
FAYDVQQDEw02ODM1ZmNhYy02MWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4aaejZ/0WmQtK+rruGQ2tPp6N8Dd26zo78xeHfsu1Q5K2NucWI/94U4z
ZPlW/oJsFxjEKSbeuwZTRblN698XXqC0flGVlANkv+CXhqQgULG9BC7cSS91rltx
Uy+Ul84b16RQJ87kjEgJQyvo+k/ka78bMZFiP6G0q/iooosrePfSJ+6cbMs9+p7M
QVsjVAozqhHIWv0iOB79FFx0MszmciEJYtf2yiqwfsagfM6M+5XK88I+JQojHtBB
pvDQ4wrKzC13swYn0H3iiw9//C3BMO85fA4e8IDNv69SBk0Qk9P9a0DSHi9o/oW5
ulB4UPg1Lu1Lgq0xy/e1h7fJJqPERQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFG0Q
MeQ5FH9hZaNONR4rX/13lvO6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENkM3NjcwRTNCMjMxMUYwOTJBMEZEREFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBACa3O8DAwCa3DANBgkq
hkiG9w0BAQsFAAOCAQEASqC18PXyGr8Ak3NbUYPCe+bacXuzQpsOtAlZvo7PwFCD
ETH5PfGeQRiPnnSBNZgV/pRH7Fa3Za3VQqS9WtgkQ7XNE2VpO1Wmfg6P97gVk8QP
CJQIFgvnXoNiY7k/oHaUVghQ8eHv6lxfDv7LugDmjqogEtJudUI0/ojOUODW+kS9
n12DZibRjHC+ZEyiFvjRsANgKrw1tup4HUxejlgpDYvE1MH8r7FqTPlsTMvtLN/f
bGeUNFdZ9IBLmlqp5fDA+w2DQaMLIELMV8i15QG49L/5T+NAs6DoEGczT+oxAJsH
bF0KCJCmWfI/0JjnDRKcBTKfpoogjKRC+jBnL5mtMQ==
-----END CERTIFICATE-----
Generated at Tue Jun 17 09:10:14 2025 by rpki-client