Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00E41D224CF711F09BD941EEDAE4EC9C.roa
File: 00E41D224CF711F09BD941EEDAE4EC9C.roa (raw, json)
Hash identifier: gCwh0B2thKnhoO0aPlbKgmAwwO8SA20VsAuopp+vDTQ=
Subject key identifier: DD:ED:6D:5B:0E:8C:62:10:36:72:BC:51:DC:37:4A:A4:37:5D:9B:D6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018774
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00E41D224CF711F09BD941EEDAE4EC9C.roa
Signing time: Thu 19 Jun 2025 10:20:21 +0000
ROA not before: Thu 19 Jun 2025 10:20:16 +0000
ROA not after: Thu 14 May 2026 10:20:16 +0000
asID: 135097
IP address blocks: 154.197.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100212 (0x18774)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 19 10:20:16 2025 GMT
Not After : May 14 10:20:16 2026 GMT
Subject: CN=6853e465-b0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a0:7a:c3:13:f9:88:e7:dd:00:f0:1d:41:d8:
bf:74:5d:5c:c4:67:71:47:e7:6e:8d:5f:2f:95:eb:
24:86:23:4d:5a:fe:e8:a2:d5:b2:03:18:89:c8:af:
d1:96:9d:ed:a2:50:f3:83:87:bb:32:05:45:d7:b6:
0c:a7:b5:be:d4:86:8b:fa:fa:83:2b:12:2b:77:94:
fd:6a:35:46:3e:2d:9b:bd:0c:64:b6:ce:33:20:c2:
b1:1b:ef:37:65:8c:16:d8:fa:d5:b3:e1:d0:1c:d6:
fe:de:b1:86:c9:24:44:c1:30:77:35:69:ac:1e:7f:
7e:5f:ca:a2:d3:e3:55:cd:62:66:72:e4:17:ee:75:
e1:00:75:c4:2b:09:da:e4:a9:1b:31:72:31:04:92:
eb:72:20:3f:2a:68:bf:3a:95:2b:f2:92:f9:1e:91:
5e:88:1e:fc:e6:7a:83:53:08:84:3c:c7:39:8b:cb:
e9:61:0d:1b:14:81:01:a3:71:02:d4:e2:c8:3a:45:
25:1c:10:2a:93:fb:37:bd:19:83:1c:ae:40:88:b8:
7e:b2:2b:63:0f:7e:b9:0a:c8:3f:ee:ad:02:57:c2:
11:bb:a3:24:3d:01:e2:da:4c:89:c8:b1:6f:e1:83:
9d:ee:43:06:44:f3:bb:7c:e6:89:f7:89:af:82:49:
5b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:ED:6D:5B:0E:8C:62:10:36:72:BC:51:DC:37:4A:A4:37:5D:9B:D6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/00E41D224CF711F09BD941EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.128.0/17
Signature Algorithm: sha256WithRSAEncryption
89:ce:06:4b:a3:dd:bf:98:a2:50:bb:6b:08:88:ed:4b:09:0d:
7c:f8:bc:4e:0c:d0:e2:cf:a1:b3:2d:3d:70:2f:3a:9f:66:bc:
7f:cf:b4:65:db:51:91:28:80:a5:e1:51:96:9f:e4:e8:c5:7e:
5d:6b:a0:0b:63:8b:76:fa:69:93:9c:77:8c:bd:f6:7c:17:3f:
66:90:33:68:da:1e:c2:81:61:76:7e:70:97:a7:f0:f1:47:3f:
ff:c4:d2:90:a3:b1:67:db:32:92:aa:94:c4:b7:83:ed:68:e1:
8b:cc:a4:94:6b:6e:e9:99:e9:37:ac:18:00:43:b6:aa:89:75:
c6:32:b1:23:dd:9a:b1:63:ca:a0:91:0d:a6:3d:33:5e:57:3b:
b0:05:6a:43:79:92:83:99:a3:16:7d:90:d2:e2:1a:fb:d8:a5:
b4:3e:15:94:ef:64:71:83:f6:fd:36:d5:0c:66:90:46:04:77:
91:1d:91:c2:2f:8c:03:23:0c:e2:c6:82:bd:3f:59:05:2c:7f:
1e:6b:8a:6f:aa:9c:d4:13:f3:74:cd:12:ac:c7:ea:b6:80:e8:
ee:cb:68:a1:be:f3:94:09:a1:43:20:80:d5:68:c7:f9:77:04:
0a:fa:ce:64:ce:93:6b:92:ef:3f:91:cb:1b:19:29:72:35:e2:
56:df:f5:a1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYd0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE5MTAyMDE2WhcNMjYwNTE0MTAyMDE2WjAYMRYw
FAYDVQQDEw02ODUzZTQ2NS1iMGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA46B6wxP5iOfdAPAdQdi/dF1cxGdxR+dujV8vleskhiNNWv7ootWyAxiJ
yK/Rlp3tolDzg4e7MgVF17YMp7W+1IaL+vqDKxIrd5T9ajVGPi2bvQxkts4zIMKx
G+83ZYwW2PrVs+HQHNb+3rGGySREwTB3NWmsHn9+X8qi0+NVzWJmcuQX7nXhAHXE
Kwna5KkbMXIxBJLrciA/Kmi/OpUr8pL5HpFeiB785nqDUwiEPMc5i8vpYQ0bFIEB
o3EC1OLIOkUlHBAqk/s3vRmDHK5AiLh+sitjD365Csg/7q0CV8IRu6MkPQHi2kyJ
yLFv4YOd7kMGRPO7fOaJ94mvgklbdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN3t
bVsOjGIQNnK8Udw3SqQ3XZvWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMEU0MUQyMjRDRjcxMUYwOUJEOTQxRUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHmsWAMA0GCSqGSIb3DQEB
CwUAA4IBAQCJzgZLo92/mKJQu2sIiO1LCQ18+LxODNDiz6GzLT1wLzqfZrx/z7Rl
21GRKICl4VGWn+ToxX5da6ALY4t2+mmTnHeMvfZ8Fz9mkDNo2h7CgWF2fnCXp/Dx
Rz//xNKQo7Fn2zKSqpTEt4PtaOGLzKSUa27pmek3rBgAQ7aqiXXGMrEj3ZqxY8qg
kQ2mPTNeVzuwBWpDeZKDmaMWfZDS4hr72KW0PhWU72Rxg/b9NtUMZpBGBHeRHZHC
L4wDIwzixoK9P1kFLH8ea4pvqpzUE/N0zRKsx+q2gOjuy2ihvvOUCaFDIIDVaMf5
dwQK+s5kzpNrku8/kcsbGSlyNeJW3/Wh
-----END CERTIFICATE-----
Generated at Mon Jun 30 05:47:41 2025 by rpki-client