Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0DCA67B0581611F08540A4BADAE4EC9C.roa
File: 0DCA67B0581611F08540A4BADAE4EC9C.roa (raw, json)
Hash identifier: RfZpZ6BQeBi7anLwG53ylyJsKKD4nfhdpcQKLkJ9qOw=
Subject key identifier: B1:BE:9B:C7:B8:C0:7D:76:6F:ED:43:D9:16:BD:91:D6:CF:10:D6:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A1F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0DCA67B0581611F08540A4BADAE4EC9C.roa
Signing time: Thu 03 Jul 2025 14:00:20 +0000
ROA not before: Thu 03 Jul 2025 14:00:14 +0000
ROA not after: Sun 10 Aug 2025 14:00:14 +0000
asID: 150698
IP address blocks: 154.197.72.0/24 maxlen: 24
154.197.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100895 (0x18a1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 14:00:14 2025 GMT
Not After : Aug 10 14:00:14 2025 GMT
Subject: CN=68668cf3-043d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:78:4d:7b:b7:bd:5b:9c:87:69:47:e0:34:
50:97:5a:4f:89:08:61:68:75:b0:34:55:cc:6f:f7:
74:5b:74:33:c4:7d:be:98:69:8e:05:48:a8:47:06:
0c:eb:c7:d5:aa:a0:8d:b1:a7:12:db:35:ad:47:09:
bc:3a:d0:95:b6:12:00:08:c2:8e:4a:cf:0e:89:a1:
bc:4f:9e:06:70:7c:bb:bf:c1:55:8d:b6:25:3e:a3:
56:15:d1:de:11:6e:85:d4:5d:4b:3e:46:99:c6:99:
86:10:5f:ff:07:52:4f:a7:20:81:77:70:5a:64:f5:
49:d2:99:d7:6c:c0:51:f5:9b:ec:ea:be:d1:9f:81:
ff:ca:78:7a:1f:92:2e:e5:f3:59:63:f8:ef:1a:df:
c2:bd:e7:5a:54:38:78:20:08:7d:af:c5:ce:da:77:
c0:94:be:dc:7b:fe:be:d4:9e:b8:3a:6d:45:56:0f:
1e:d4:76:e2:16:6c:6b:4a:ab:26:a3:31:d4:a3:f4:
e2:f1:f2:61:9c:ef:56:c9:33:26:35:7e:8e:38:d1:
2a:f6:39:6b:7e:c4:16:a9:2a:62:13:e6:5a:9a:54:
79:aa:a3:9f:58:3e:eb:b4:c2:c7:13:06:61:d5:66:
c9:d8:d5:19:e1:d1:de:25:3e:f7:6e:9f:11:87:b4:
87:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BE:9B:C7:B8:C0:7D:76:6F:ED:43:D9:16:BD:91:D6:CF:10:D6:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0DCA67B0581611F08540A4BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.72.0/23
Signature Algorithm: sha256WithRSAEncryption
71:18:67:77:a4:61:bf:59:b1:03:72:30:c5:dc:ea:a9:05:02:
16:5a:d5:00:22:ed:8a:26:a3:7e:14:8d:a6:65:8e:35:73:41:
f3:2e:fe:5b:87:08:ae:17:dd:7b:b3:1f:9c:f2:a1:12:7a:d2:
90:0e:77:86:b7:5d:09:d2:48:21:ca:63:15:27:03:61:5e:5e:
85:a4:26:f4:c5:54:33:73:2d:cb:10:f3:0a:3a:6d:80:54:b7:
f4:6c:b0:4e:99:13:d0:bb:be:36:ed:bc:51:56:7a:f7:bd:0d:
cd:73:f8:74:b1:f6:e4:94:86:7f:c1:b0:f6:8d:83:6e:90:7a:
d3:c0:e4:05:04:f5:fd:8b:27:fb:c8:8a:3b:67:ec:d0:8d:a0:
4c:e8:48:53:83:5d:70:65:cd:6b:a4:a7:d6:f5:7b:c0:fe:7c:
4a:13:d3:b5:56:36:45:3f:1a:5e:12:d1:ac:92:80:ed:51:2f:
e5:12:56:0d:58:ee:c3:ee:48:65:78:b4:e7:e9:06:2a:ad:50:
d7:af:c4:c9:bc:8b:87:ec:f4:60:d6:86:37:e0:00:4f:c4:8f:
b5:05:14:48:d2:60:e3:77:73:05:c3:d9:b4:d6:a4:34:e5:fc:
ab:3a:66:13:c2:1c:51:63:32:09:7f:b8:04:59:04:5a:38:87:
89:79:6f:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYofMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMTQwMDE0WhcNMjUwODEwMTQwMDE0WjAYMRYw
FAYDVQQDEw02ODY2OGNmMy0wNDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArDB4TXu3vVuch2lH4DRQl1pPiQhhaHWwNFXMb/d0W3QzxH2+mGmOBUio
RwYM68fVqqCNsacS2zWtRwm8OtCVthIACMKOSs8OiaG8T54GcHy7v8FVjbYlPqNW
FdHeEW6F1F1LPkaZxpmGEF//B1JPpyCBd3BaZPVJ0pnXbMBR9Zvs6r7Rn4H/ynh6
H5Iu5fNZY/jvGt/CvedaVDh4IAh9r8XO2nfAlL7ce/6+1J64Om1FVg8e1HbiFmxr
SqsmozHUo/Ti8fJhnO9WyTMmNX6OONEq9jlrfsQWqSpiE+ZamlR5qqOfWD7rtMLH
EwZh1WbJ2NUZ4dHeJT73bp8Rh7SHtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLG+
m8e4wH12b+1D2Ra9kdbPENYYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRENBNjdCMDU4MTYxMUYwODU0MEE0QkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsVIMA0GCSqGSIb3DQEB
CwUAA4IBAQBxGGd3pGG/WbEDcjDF3OqpBQIWWtUAIu2KJqN+FI2mZY41c0HzLv5b
hwiuF917sx+c8qESetKQDneGt10J0kghymMVJwNhXl6FpCb0xVQzcy3LEPMKOm2A
VLf0bLBOmRPQu7427bxRVnr3vQ3Nc/h0sfbklIZ/wbD2jYNukHrTwOQFBPX9iyf7
yIo7Z+zQjaBM6EhTg11wZc1rpKfW9XvA/nxKE9O1VjZFPxpeEtGskoDtUS/lElYN
WO7D7khleLTn6QYqrVDXr8TJvIuH7PRg1oY34ABPxI+1BRRI0mDjd3MFw9m01qQ0
5fyrOmYTwhxRYzIJf7gEWQRaOIeJeW/0
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:08:57 2025 by rpki-client