Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0186EFC84DE411F08D6FB0EFDAE4EC9C.roa
File: 0186EFC84DE411F08D6FB0EFDAE4EC9C.roa (raw, json)
Hash identifier: 5bjAJceaNoGgr08dJ70l4LU6lDXh7X7711mKR2wZgi0=
Subject key identifier: F6:DA:7A:9A:CA:2D:AB:48:AD:10:3D:B7:EE:D6:B2:D0:4E:D2:E9:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018795
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0186EFC84DE411F08D6FB0EFDAE4EC9C.roa
Signing time: Fri 20 Jun 2025 14:36:53 +0000
ROA not before: Fri 20 Jun 2025 14:36:47 +0000
ROA not after: Sun 27 Jul 2025 14:36:47 +0000
asID: 142032
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 11:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100245 (0x18795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 20 14:36:47 2025 GMT
Not After : Jul 27 14:36:47 2025 GMT
Subject: CN=68557204-0a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:c5:31:65:f7:b4:3a:1c:69:cf:97:cd:45:
e2:f6:61:36:af:f8:3b:ff:9d:47:bf:fe:81:4b:4e:
71:25:fe:88:3f:36:4d:82:28:20:7c:1d:ce:fe:f1:
71:f0:5e:21:38:f5:a6:66:b7:44:06:89:85:1f:34:
39:81:f7:d3:34:b1:bf:ad:43:64:f9:c4:7f:58:7d:
23:d1:b9:81:39:36:13:22:04:ce:8e:0a:d1:5e:b1:
66:87:8e:6d:30:b4:0c:c6:33:00:cc:8d:03:dc:8b:
c5:3c:fd:45:fa:e9:5a:02:73:a4:f4:fc:a7:af:e3:
15:8e:07:37:86:2d:31:e8:88:4a:46:0f:ce:f6:36:
41:21:d0:33:64:4d:e1:99:a4:d6:9a:67:62:29:53:
1f:ac:e7:eb:96:0b:09:cf:5c:79:ad:4e:1f:96:89:
00:e0:9f:e3:ff:83:0e:bb:30:93:af:93:da:37:88:
b7:2c:23:ea:02:c4:ec:05:a0:cc:0a:e5:36:44:cf:
d7:2c:30:9b:5b:b4:1f:6c:6c:ba:e1:68:ce:b9:20:
2b:93:27:13:19:db:c6:45:df:5c:2f:c1:a4:e7:d1:
a0:fb:f4:85:ea:8c:eb:3f:96:d1:f9:49:b3:6c:65:
d0:5b:2c:43:8f:06:10:f4:c8:aa:b9:0d:1f:78:7a:
2a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DA:7A:9A:CA:2D:AB:48:AD:10:3D:B7:EE:D6:B2:D0:4E:D2:E9:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0186EFC84DE411F08D6FB0EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
67:16:cb:df:8f:c6:c1:5a:1c:1c:ff:31:46:c0:7a:b5:5c:23:
8f:2c:9c:f8:5b:b1:d4:fb:f0:e8:aa:c0:6f:e4:54:68:56:d3:
a6:ec:75:b3:a3:00:4b:77:34:fe:b6:77:e2:37:ca:d9:a8:31:
6d:d2:16:36:f7:1f:4d:34:44:b0:0e:d8:9c:4f:07:aa:be:e7:
96:79:ac:52:89:99:3e:18:f3:bd:bb:aa:dd:ec:6f:95:93:13:
ba:a7:cb:b0:69:2b:30:6d:c9:95:ab:77:07:19:bb:aa:ba:52:
78:27:84:e8:00:1a:72:7e:b6:d6:3e:0b:c4:f7:b2:bd:1b:06:
b4:97:6e:88:9b:1f:18:70:2b:86:5e:9d:8f:06:0f:4d:e0:60:
09:b5:5e:85:90:12:dc:ec:ab:18:0c:76:db:e6:fa:85:28:82:
be:a6:bf:aa:44:31:a8:2b:8b:63:d1:3d:a4:30:ce:98:8c:45:
04:d1:c3:1c:98:05:67:c1:8c:09:f3:16:88:17:5b:56:d9:f8:
5d:34:d7:31:90:50:c1:ad:02:76:47:5d:d7:7d:18:30:dd:7e:
5a:7e:85:8c:40:15:17:d9:b1:08:be:53:bb:75:0f:31:1a:25:
1f:94:3d:67:56:ac:ff:40:89:1c:95:f6:50:93:b1:d2:c5:93:
a2:fd:10:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYeVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIwMTQzNjQ3WhcNMjUwNzI3MTQzNjQ3WjAYMRYw
FAYDVQQDEw02ODU1NzIwNC0wYTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsCjFMWX3tDocac+XzUXi9mE2r/g7/51Hv/6BS05xJf6IPzZNgiggfB3O
/vFx8F4hOPWmZrdEBomFHzQ5gffTNLG/rUNk+cR/WH0j0bmBOTYTIgTOjgrRXrFm
h45tMLQMxjMAzI0D3IvFPP1F+ulaAnOk9Pynr+MVjgc3hi0x6IhKRg/O9jZBIdAz
ZE3hmaTWmmdiKVMfrOfrlgsJz1x5rU4flokA4J/j/4MOuzCTr5PaN4i3LCPqAsTs
BaDMCuU2RM/XLDCbW7QfbGy64WjOuSArkycTGdvGRd9cL8Gk59Gg+/SF6ozrP5bR
+UmzbGXQWyxDjwYQ9MiquQ0feHoqbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPba
eprKLatIrRA9t+7WstBO0umLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMTg2RUZDODRERTQxMUYwOEQ2RkIwRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQBnFsvfj8bBWhwc/zFGwHq1XCOPLJz4W7HU+/DoqsBv5FRoVtOm7HWz
owBLdzT+tnfiN8rZqDFt0hY29x9NNESwDticTweqvueWeaxSiZk+GPO9u6rd7G+V
kxO6p8uwaSswbcmVq3cHGbuqulJ4J4ToABpyfrbWPgvE97K9Gwa0l26Imx8YcCuG
Xp2PBg9N4GAJtV6FkBLc7KsYDHbb5vqFKIK+pr+qRDGoK4tj0T2kMM6YjEUE0cMc
mAVnwYwJ8xaIF1tW2fhdNNcxkFDBrQJ2R13XfRgw3X5afoWMQBUX2bEIvlO7dQ8x
GiUflD1nVqz/QIkclfZQk7HSxZOi/RBk
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:09:56 2025 by rpki-client