Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EDEC3B0453011F0A48D40B3DAE4EC9C.roa
File: 0EDEC3B0453011F0A48D40B3DAE4EC9C.roa (raw, json)
Hash identifier: zlAcBQPxgK/iKz71VfzhRvkIiwHJNAOFPx8HN+xRC2A=
Subject key identifier: 9C:62:5D:8A:01:4A:A2:35:A0:2A:1F:45:97:AD:0A:0A:25:0F:AD:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EDEC3B0453011F0A48D40B3DAE4EC9C.roa
Signing time: Mon 09 Jun 2025 12:48:36 +0000
ROA not before: Mon 09 Jun 2025 12:48:31 +0000
ROA not after: Tue 11 Nov 2025 12:48:31 +0000
asID: 152849
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99744 (0x185a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 9 12:48:31 2025 GMT
Not After : Nov 11 12:48:31 2025 GMT
Subject: CN=6846d824-d3a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:41:b0:bb:1f:40:cd:32:12:3c:d7:a9:12:72:
61:1e:17:a8:b7:8d:77:17:5d:2c:61:6c:9e:30:9d:
0d:2a:22:14:7e:36:d0:4a:37:f7:fd:08:66:d4:dc:
bb:91:58:40:70:f4:c3:6a:ca:fe:ff:63:a9:53:22:
68:26:c7:d7:1f:e7:52:32:14:fe:8d:fc:44:d5:40:
a0:f0:fa:1c:a2:e6:ab:bf:49:23:ec:09:f6:18:d0:
0e:13:0c:ed:1d:5a:aa:69:c8:0b:a4:74:5a:f6:9b:
ff:ec:1c:cc:5d:0d:d7:42:9e:de:ec:aa:7d:e2:6b:
41:99:df:08:7a:fd:23:e0:3a:82:fe:0f:c1:d1:19:
8b:83:4d:7d:ad:12:2f:60:06:02:73:b9:b9:b9:33:
23:b3:c7:7d:e4:69:2c:b4:10:c8:84:cc:6c:29:5c:
93:4b:93:aa:c3:07:20:54:bc:35:a8:ec:6f:2b:07:
37:be:60:8b:24:69:2a:a2:15:d1:9d:9d:05:10:ef:
e6:d7:82:e0:38:12:7c:3d:5e:3d:d8:87:3b:36:62:
60:f9:a4:ad:6a:5a:d7:67:b5:2b:ce:e1:37:57:a2:
1d:32:c5:73:0a:c4:01:7b:49:39:76:76:d5:9c:3a:
ac:fe:ba:e6:f3:a6:6f:c9:8f:2b:08:45:f1:ed:1d:
07:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:62:5D:8A:01:4A:A2:35:A0:2A:1F:45:97:AD:0A:0A:25:0F:AD:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EDEC3B0453011F0A48D40B3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:b5:ce:06:4e:43:87:d6:93:13:3a:57:44:82:be:6a:61:e5:
05:62:d8:ef:0e:76:18:9a:4f:98:f4:57:88:f3:7c:76:2e:a0:
b1:ed:55:a5:8b:66:a9:3a:ed:b8:69:af:6b:86:2a:81:c2:5c:
3d:77:18:2c:17:83:a1:f1:78:4c:4d:4c:a9:91:2f:74:fe:3c:
87:c4:08:19:c4:0e:2b:db:e0:36:32:ff:9a:20:ce:14:67:e4:
40:53:ce:76:93:bc:d0:42:d1:45:47:20:a3:3f:eb:85:c5:a0:
8f:56:ab:4d:a9:8b:8e:ba:ea:6e:d0:63:1b:20:99:6a:b1:42:
e4:2b:87:49:af:e7:e5:ee:ef:ce:1a:39:fb:2a:3d:af:58:4f:
20:79:cd:56:16:81:df:5c:50:44:f0:1f:fb:d4:81:d3:1d:15:
6e:9c:e7:3b:cf:40:3b:16:fb:59:a7:3d:38:a8:5e:dd:8c:90:
cd:f6:57:d0:90:3c:30:d3:78:18:44:4f:91:d0:49:cb:c1:ec:
f9:06:b3:cf:6c:b8:00:57:90:97:bb:ca:73:e2:f6:b6:34:48:
52:1a:c2:ad:8d:58:c1:59:40:4d:bb:71:78:04:67:28:8b:88:
86:cc:7c:a2:ab:dd:6b:c3:b1:0c:60:c9:c1:eb:a2:5a:da:26:
45:44:5c:c6
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYWgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA5MTI0ODMxWhcNMjUxMTExMTI0ODMxWjAYMRYw
FAYDVQQDEw02ODQ2ZDgyNC1kM2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3kGwux9AzTISPNepEnJhHheot413F10sYWyeMJ0NKiIUfjbQSjf3/Qhm
1Ny7kVhAcPTDasr+/2OpUyJoJsfXH+dSMhT+jfxE1UCg8Pocouarv0kj7An2GNAO
EwztHVqqacgLpHRa9pv/7BzMXQ3XQp7e7Kp94mtBmd8Iev0j4DqC/g/B0RmLg019
rRIvYAYCc7m5uTMjs8d95GkstBDIhMxsKVyTS5OqwwcgVLw1qOxvKwc3vmCLJGkq
ohXRnZ0FEO/m14LgOBJ8PV492Ic7NmJg+aStalrXZ7UrzuE3V6IdMsVzCsQBe0k5
dnbVnDqs/rrm86ZvyY8rCEXx7R0HTQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJxi
XYoBSqI1oCofRZetCgolD60VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRURFQzNCMDQ1MzAxMUYwQTQ4RDQwQjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQCttc4GTkOH1pMTOldEgr5qYeUFYtjvDnYYmk+Y9FeI83x2
LqCx7VWli2apOu24aa9rhiqBwlw9dxgsF4Oh8XhMTUypkS90/jyHxAgZxA4r2+A2
Mv+aIM4UZ+RAU852k7zQQtFFRyCjP+uFxaCPVqtNqYuOuupu0GMbIJlqsULkK4dJ
r+fl7u/OGjn7Kj2vWE8gec1WFoHfXFBE8B/71IHTHRVunOc7z0A7FvtZpz04qF7d
jJDN9lfQkDww03gYRE+R0EnLwez5BrPPbLgAV5CXu8pz4va2NEhSGsKtjVjBWUBN
u3F4BGcoi4iGzHyiq91rw7EMYMnB66Ja2iZFRFzG
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:12:11 2025 by rpki-client