Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0903A0184C5711F0A4F0C8D7DAE4EC9C.roa
File: 0903A0184C5711F0A4F0C8D7DAE4EC9C.roa (raw, json)
Hash identifier: isG6cPpeZHM929eXvS7zm4fnnlYJe9qqsDOxqtbIjGY=
Subject key identifier: E4:AC:45:E7:D8:30:90:EC:37:F4:C4:7C:F9:09:64:79:EF:2F:BA:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018759
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0903A0184C5711F0A4F0C8D7DAE4EC9C.roa
Signing time: Wed 18 Jun 2025 15:15:15 +0000
ROA not before: Wed 18 Jun 2025 15:15:08 +0000
ROA not after: Wed 23 Jul 2025 15:15:08 +0000
asID: 21859
IP address blocks: 154.198.164.0/24 maxlen: 24
154.202.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100185 (0x18759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 18 15:15:08 2025 GMT
Not After : Jul 23 15:15:08 2025 GMT
Subject: CN=6852d803-55ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2f:51:4d:8d:3d:83:2b:7d:56:3e:d6:03:c1:
23:8a:b3:3a:00:b3:a2:7c:5e:5c:40:a3:bd:f1:d4:
61:33:a3:b5:7d:8d:7c:14:30:c8:11:51:0c:9e:04:
af:9d:81:c2:a7:b0:c5:6b:0b:d5:cc:f8:28:d7:09:
42:31:44:0c:c0:f3:d3:1e:19:8f:5a:a5:08:6a:da:
f8:ad:13:b2:49:8d:59:f6:34:0d:84:e3:ca:ce:9a:
fa:99:f9:ae:b5:ab:63:5b:70:f9:c9:ed:77:ff:ce:
21:4a:0d:a0:73:20:b7:e3:cb:3d:f3:78:6d:77:4f:
3a:45:83:fc:8a:31:29:bd:06:36:42:f7:92:f0:09:
71:52:e0:2c:4d:0a:22:3a:c3:bb:3b:6e:73:fa:6c:
36:b3:78:15:72:0e:82:41:c0:33:c7:60:3c:dc:e6:
af:ec:6d:1c:6a:bf:9f:62:9a:5b:3c:fc:ab:8f:7a:
0b:7f:18:99:45:85:ba:b9:25:15:63:0d:b1:eb:ef:
62:33:6d:cc:f7:19:d6:51:70:93:d7:41:79:c2:3e:
3f:c2:94:24:6d:4c:f4:76:bb:3a:b3:a3:d6:7d:bd:
70:b7:8f:84:a9:79:b6:57:f4:f5:4d:42:40:f1:02:
53:5d:98:cc:5f:90:a6:16:86:24:53:7f:be:ee:04:
00:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AC:45:E7:D8:30:90:EC:37:F4:C4:7C:F9:09:64:79:EF:2F:BA:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0903A0184C5711F0A4F0C8D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.164.0/24
154.202.115.0/24
Signature Algorithm: sha256WithRSAEncryption
23:35:84:72:03:a1:ce:0d:7f:63:f9:42:13:19:a7:cc:f1:11:
4c:79:46:b5:22:05:dd:ff:c9:49:78:36:e8:b6:c8:59:fa:ba:
8b:e1:ac:ec:e8:bb:66:64:7d:0c:41:61:56:1f:74:83:7d:54:
f4:64:03:d6:d6:bc:4a:a8:e1:b1:b3:86:6f:01:ed:d9:b8:3f:
42:5c:30:d8:e5:9a:b2:50:6d:18:0c:a7:2c:e1:03:c7:bf:ea:
a2:34:d9:67:96:45:77:11:65:54:ba:22:77:6b:b6:8c:d7:64:
20:d5:87:e1:a7:9a:6b:d0:a7:96:36:4a:31:a4:62:be:0f:b5:
44:61:ea:b4:5a:7c:a1:75:d1:10:ba:9b:9f:7a:60:95:17:20:
c3:d7:b7:7d:3a:97:4f:38:2c:c3:86:ff:2f:12:2d:4f:2d:76:
91:dc:af:67:76:22:f2:06:8f:41:c4:1b:b5:46:87:7b:32:80:
63:54:4a:9a:b9:ed:51:d5:98:f2:4f:62:ba:cc:2e:7d:ee:94:
c7:dc:07:f7:75:bd:eb:3c:17:7b:34:49:b8:6b:71:c9:1a:d5:
f2:2e:ea:79:da:8a:9f:ce:12:ee:d8:60:e7:ff:51:04:3a:bb:
ff:76:d2:24:0d:8f:e7:f0:58:ed:35:e8:34:db:8d:d1:c6:b7:
8e:66:e8:79
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYdZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE4MTUxNTA4WhcNMjUwNzIzMTUxNTA4WjAYMRYw
FAYDVQQDEw02ODUyZDgwMy01NWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwC9RTY09gyt9Vj7WA8EjirM6ALOifF5cQKO98dRhM6O1fY18FDDIEVEM
ngSvnYHCp7DFawvVzPgo1wlCMUQMwPPTHhmPWqUIatr4rROySY1Z9jQNhOPKzpr6
mfmutatjW3D5ye13/84hSg2gcyC348s983htd086RYP8ijEpvQY2QveS8AlxUuAs
TQoiOsO7O25z+mw2s3gVcg6CQcAzx2A83Oav7G0car+fYppbPPyrj3oLfxiZRYW6
uSUVYw2x6+9iM23M9xnWUXCT10F5wj4/wpQkbUz0drs6s6PWfb1wt4+EqXm2V/T1
TUJA8QJTXZjMX5CmFoYkU3++7gQANQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOSs
RefYMJDsN/TEfPkJZHnvL7pBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOTAzQTAxODRDNTcxMUYwQTRGMEM4RDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsakAwQAmspzMA0GCSqG
SIb3DQEBCwUAA4IBAQAjNYRyA6HODX9j+UITGafM8RFMeUa1IgXd/8lJeDbotshZ
+rqL4azs6LtmZH0MQWFWH3SDfVT0ZAPW1rxKqOGxs4ZvAe3ZuD9CXDDY5ZqyUG0Y
DKcs4QPHv+qiNNlnlkV3EWVUuiJ3a7aM12Qg1Yfhp5pr0KeWNkoxpGK+D7VEYeq0
WnyhddEQupufemCVFyDD17d9OpdPOCzDhv8vEi1PLXaR3K9ndiLyBo9BxBu1Rod7
MoBjVEqaue1R1ZjyT2K6zC597pTH3Af3db3rPBd7NEm4a3HJGtXyLup52oqfzhLu
2GDn/1EEOrv/dtIkDY/n8FjtNeg0243RxreOZuh5
-----END CERTIFICATE-----
Generated at Wed Jul 2 00:25:43 2025 by rpki-client