Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE2DAE8667E111F08A7F7E7CDAE4EC9C.roa
File: EE2DAE8667E111F08A7F7E7CDAE4EC9C.roa (raw, json)
Hash identifier: 2yFqSCTR7AbQLTjAIa6nVpiTbMphURWe0wt01OzMSQU=
Subject key identifier: 63:7E:AA:E7:4C:04:08:7D:5B:C7:CD:FF:94:02:05:09:BB:13:39:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F4A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE2DAE8667E111F08A7F7E7CDAE4EC9C.roa
Signing time: Wed 23 Jul 2025 16:27:31 +0000
ROA not before: Wed 23 Jul 2025 16:27:26 +0000
ROA not after: Sat 04 Oct 2025 16:27:26 +0000
asID: 63139
IP address blocks: 154.94.101.0/24 maxlen: 24
154.94.102.0/24 maxlen: 24
154.94.103.0/24 maxlen: 24
154.94.104.0/24 maxlen: 24
154.94.105.0/24 maxlen: 24
154.94.106.0/24 maxlen: 24
154.94.107.0/24 maxlen: 24
154.94.108.0/24 maxlen: 24
154.94.109.0/24 maxlen: 24
154.94.110.0/24 maxlen: 24
154.94.111.0/24 maxlen: 24
154.94.112.0/24 maxlen: 24
154.94.113.0/24 maxlen: 24
154.94.114.0/24 maxlen: 24
154.94.115.0/24 maxlen: 24
154.94.116.0/24 maxlen: 24
154.94.117.0/24 maxlen: 24
154.94.118.0/24 maxlen: 24
154.94.119.0/24 maxlen: 24
154.94.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102218 (0x18f4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 23 16:27:26 2025 GMT
Not After : Oct 4 16:27:26 2025 GMT
Subject: CN=68810d73-ef51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:eb:16:c4:a2:e9:32:b7:8b:4b:19:d2:25:47:
e4:d2:6d:1e:3f:65:f8:39:d1:77:91:d4:4a:03:88:
ad:e4:a5:cd:e8:f2:bc:d3:32:97:10:5d:1e:c8:70:
fb:34:c8:fc:1e:bb:e2:29:b9:79:46:5b:47:88:1e:
c3:4e:fb:a8:d0:ce:0b:d5:6b:27:d5:45:61:cc:3c:
5b:f2:82:f3:1c:64:bd:38:67:64:93:2d:dc:12:0f:
52:77:84:50:34:07:4d:ab:b7:ba:39:71:46:fc:7d:
43:1e:e2:cb:76:53:d8:7b:1a:ba:fc:0d:58:da:ed:
27:1c:ba:df:ce:48:2c:11:4d:b5:87:e2:ff:c4:e4:
63:3f:f4:9b:63:92:f2:cd:48:fd:52:c9:39:e6:82:
48:3d:86:84:15:10:61:1b:e0:57:9e:e1:14:cd:90:
58:b2:d3:fa:01:ce:cb:e1:cf:b0:2c:2c:a7:2f:4d:
9d:20:f4:a5:1c:f2:b8:d2:74:2d:64:83:32:83:1b:
f2:90:7b:d4:9f:0f:b4:50:93:3d:cb:db:95:64:6c:
0b:17:4d:89:87:c3:63:cc:37:b4:1b:70:ca:80:52:
e6:ab:e0:8c:78:87:5d:be:5e:d5:a8:d8:7c:b1:26:
fe:e9:1e:4e:29:e3:3c:58:da:09:65:0c:b6:73:10:
20:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7E:AA:E7:4C:04:08:7D:5B:C7:CD:FF:94:02:05:09:BB:13:39:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE2DAE8667E111F08A7F7E7CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.101.0-154.94.120.255
Signature Algorithm: sha256WithRSAEncryption
b9:1d:c2:3e:eb:45:3c:c3:e2:27:e8:a2:04:d6:17:9d:35:87:
b2:20:f1:e2:4a:e2:71:40:8d:c7:ab:c1:cb:8d:bd:bc:db:02:
86:06:1b:86:95:f5:ab:a6:e3:74:e5:55:e2:c5:15:d8:71:2e:
56:57:82:7e:b6:c0:c8:08:4e:9a:05:a0:c7:93:7e:63:f1:ef:
40:d4:94:18:96:49:93:6b:cd:e5:c3:94:34:fb:d9:2c:71:f1:
81:b9:86:4b:8a:8a:48:b4:aa:d2:b1:0f:be:ab:46:f0:5e:8d:
3d:95:7a:ad:47:8c:64:e7:5b:f3:b7:e1:ef:8f:aa:55:df:bc:
9c:02:03:be:fe:5e:0c:4d:95:8e:61:ef:ed:f0:bb:34:fa:13:
85:fd:68:f7:b0:e4:93:9c:6f:dd:45:de:92:51:40:ac:99:eb:
db:1e:b7:b8:a5:20:da:98:cb:f2:00:7a:b2:e2:b9:cd:96:1c:
f5:45:a0:eb:99:ef:3a:f1:6c:36:be:51:07:95:d0:1a:54:40:
8c:39:8c:d6:59:6d:6b:d0:3e:97:98:97:ae:a3:95:ce:60:f4:
7d:5f:38:b4:4f:bb:9c:2e:c7:69:9f:f2:62:bf:83:5f:b2:d9:
33:43:d4:76:5e:b3:c5:fd:dd:f6:b7:83:1c:34:46:e6:3a:af:
7c:25:4a:a7
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAY9KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIzMTYyNzI2WhcNMjUxMDA0MTYyNzI2WjAYMRYw
FAYDVQQDEw02ODgxMGQ3My1lZjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5OsWxKLpMreLSxnSJUfk0m0eP2X4OdF3kdRKA4it5KXN6PK80zKXEF0e
yHD7NMj8HrviKbl5RltHiB7DTvuo0M4L1Wsn1UVhzDxb8oLzHGS9OGdkky3cEg9S
d4RQNAdNq7e6OXFG/H1DHuLLdlPYexq6/A1Y2u0nHLrfzkgsEU21h+L/xORjP/Sb
Y5LyzUj9Usk55oJIPYaEFRBhG+BXnuEUzZBYstP6Ac7L4c+wLCynL02dIPSlHPK4
0nQtZIMygxvykHvUnw+0UJM9y9uVZGwLF02Jh8NjzDe0G3DKgFLmq+CMeIddvl7V
qNh8sSb+6R5OKeM8WNoJZQy2cxAgZwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGN+
qudMBAh9W8fN/5QCBQm7EzlcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTJEQUU4NjY3RTExMUYwOEE3RjdFN0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaXmUDBACaXngwDQYJ
KoZIhvcNAQELBQADggEBALkdwj7rRTzD4ifoogTWF501h7Ig8eJK4nFAjcerwcuN
vbzbAoYGG4aV9aum43TlVeLFFdhxLlZXgn62wMgITpoFoMeTfmPx70DUlBiWSZNr
zeXDlDT72Sxx8YG5hkuKiki0qtKxD76rRvBejT2Veq1HjGTnW/O34e+PqlXfvJwC
A77+XgxNlY5h7+3wuzT6E4X9aPew5JOcb91F3pJRQKyZ69set7ilINqYy/IAerLi
uc2WHPVFoOuZ7zrxbDa+UQeV0BpUQIw5jNZZbWvQPpeYl66jlc5g9H1fOLRPu5wu
x2mf8mK/g1+y2TND1HZes8X93fa3gxw0RuY6r3wlSqc=
-----END CERTIFICATE-----
Generated at Wed Aug 6 12:36:07 2025 by rpki-client