Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02CFBB90565811F0910C88EADAE4EC9C.roa
File: 02CFBB90565811F0910C88EADAE4EC9C.roa (raw, json)
Hash identifier: n+7DvEXLMN7LNLQmCnz5n4RaoCzDiNRDFGZLoDKGMow=
Subject key identifier: 15:F2:21:D3:62:45:81:AF:9C:74:14:77:B6:D2:7A:70:95:96:E9:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01899C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02CFBB90565811F0910C88EADAE4EC9C.roa
Signing time: Tue 01 Jul 2025 08:47:26 +0000
ROA not before: Tue 01 Jul 2025 08:47:21 +0000
ROA not after: Mon 04 Aug 2025 08:47:21 +0000
asID: 151407
IP address blocks: 154.88.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100764 (0x1899c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 1 08:47:21 2025 GMT
Not After : Aug 4 08:47:21 2025 GMT
Subject: CN=6863a09e-9f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:d8:dd:9a:b5:41:0e:d6:fd:c9:d1:af:55:
b1:80:3e:d2:e5:e2:d5:00:68:b2:bf:3a:4c:92:ac:
d1:ca:29:e1:db:e9:94:4f:d4:f9:b2:09:81:91:3e:
52:fa:25:20:99:89:46:6a:67:11:02:74:6c:73:48:
08:25:6a:42:51:f0:13:63:3c:83:72:ff:74:9c:d8:
35:43:64:a4:1f:02:e7:2d:c9:e4:11:0c:62:37:26:
05:05:cd:6e:8a:0b:13:4f:25:7e:97:0c:0e:06:1f:
ae:e0:2c:55:6f:74:e5:dd:a3:8e:b7:ac:75:5a:69:
70:6c:79:90:89:ba:bb:f7:c1:01:bb:f5:c9:3e:b8:
1e:a4:a8:5b:46:f9:86:77:06:bd:5c:f3:c1:41:00:
82:7d:a4:27:6d:63:db:68:b2:63:c9:4b:48:0d:fe:
c9:95:f4:ae:b5:ac:3b:b5:ac:bb:91:67:17:68:d4:
ba:ea:19:97:71:64:b7:3d:22:ea:09:a0:51:35:fc:
e3:88:5c:19:2c:05:e5:e2:2c:4c:77:91:0b:44:90:
b0:67:37:86:40:33:c9:15:eb:3e:1c:8a:96:b1:99:
06:c2:3d:71:a3:8d:b8:9a:d1:76:af:5a:db:87:a9:
0f:37:78:38:71:29:d4:f8:04:ae:02:19:a9:c8:28:
03:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F2:21:D3:62:45:81:AF:9C:74:14:77:B6:D2:7A:70:95:96:E9:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/02CFBB90565811F0910C88EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:8e:5f:b8:3e:81:8f:e6:07:5a:e3:75:4b:e1:bf:c0:4e:e6:
76:c7:d0:c8:05:5d:1a:5e:2d:e4:5f:9c:d7:b9:5f:0c:b3:ab:
2d:43:f1:34:98:ba:f2:91:a5:b5:0c:21:96:16:7e:f7:22:5f:
a5:c8:7a:cf:6b:bc:d7:a4:4e:dd:a9:7a:26:a2:1a:04:5b:bd:
f8:a1:5b:2f:0d:e5:49:65:50:e4:b5:04:d8:a5:99:6d:55:ed:
42:c4:13:0e:1a:00:d7:8d:b8:2b:4f:f7:c5:51:0a:bb:3e:9a:
ba:b3:71:cd:b4:5e:e1:02:2b:e6:0a:70:b2:9d:75:1a:b6:b7:
7a:41:1a:ff:dc:2b:4f:e7:f3:50:c3:0b:04:61:cd:25:74:be:
28:b2:2b:a5:67:fe:be:43:8b:f4:54:dd:b3:7c:4a:14:25:e4:
96:2b:ef:03:7e:85:db:62:e7:58:30:3b:56:ff:f0:ef:21:9d:
76:a2:31:ed:55:9b:c7:67:90:a8:54:7c:77:8c:b3:87:1f:88:
d0:3f:bd:4b:18:68:fb:e8:85:33:bf:d6:49:e0:3e:a7:c7:fa:
da:f6:9a:66:e3:ef:14:48:47:0b:04:73:b0:84:6a:0f:5b:13:
8f:43:43:78:7b:6e:5d:c2:83:85:9b:45:f0:05:02:99:bf:80:
27:d1:8c:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYmcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAxMDg0NzIxWhcNMjUwODA0MDg0NzIxWjAYMRYw
FAYDVQQDEw02ODYzYTA5ZS05ZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0S/Y3Zq1QQ7W/cnRr1WxgD7S5eLVAGiyvzpMkqzRyinh2+mUT9T5sgmB
kT5S+iUgmYlGamcRAnRsc0gIJWpCUfATYzyDcv90nNg1Q2SkHwLnLcnkEQxiNyYF
Bc1uigsTTyV+lwwOBh+u4CxVb3Tl3aOOt6x1WmlwbHmQibq798EBu/XJPrgepKhb
RvmGdwa9XPPBQQCCfaQnbWPbaLJjyUtIDf7JlfSutaw7tay7kWcXaNS66hmXcWS3
PSLqCaBRNfzjiFwZLAXl4ixMd5ELRJCwZzeGQDPJFes+HIqWsZkGwj1xo424mtF2
r1rbh6kPN3g4cSnU+ASuAhmpyCgDkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBXy
IdNiRYGvnHQUd7bSenCVlumVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMkNGQkI5MDU2NTgxMUYwOTEwQzg4RUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhAMA0GCSqGSIb3DQEB
CwUAA4IBAQCOjl+4PoGP5gda43VL4b/ATuZ2x9DIBV0aXi3kX5zXuV8Ms6stQ/E0
mLrykaW1DCGWFn73Il+lyHrPa7zXpE7dqXomohoEW734oVsvDeVJZVDktQTYpZlt
Ve1CxBMOGgDXjbgrT/fFUQq7Ppq6s3HNtF7hAivmCnCynXUatrd6QRr/3CtP5/NQ
wwsEYc0ldL4osiulZ/6+Q4v0VN2zfEoUJeSWK+8DfoXbYudYMDtW//DvIZ12ojHt
VZvHZ5CoVHx3jLOHH4jQP71LGGj76IUzv9ZJ4D6nx/ra9ppm4+8USEcLBHOwhGoP
WxOPQ0N4e25dwoOFm0XwBQKZv4An0YyP
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:04:28 2025 by rpki-client