Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10601DE655B711F09F38EBD0DAE4EC9C.roa
File: 10601DE655B711F09F38EBD0DAE4EC9C.roa (raw, json)
Hash identifier: ne+nJ8Cy9RXzRN2DQk84gZWrhxMI7RYXZfOWXWCTimI=
Subject key identifier: CD:60:B6:04:DC:14:09:19:2E:C4:9B:D1:37:9F:F5:EA:08:75:47:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018988
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10601DE655B711F09F38EBD0DAE4EC9C.roa
Signing time: Mon 30 Jun 2025 13:35:20 +0000
ROA not before: Mon 30 Jun 2025 13:35:15 +0000
ROA not after: Mon 07 Jul 2025 13:35:15 +0000
asID: 7029
IP address blocks: 154.194.16.0/21 maxlen: 24
154.194.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 10:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100744 (0x18988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 30 13:35:15 2025 GMT
Not After : Jul 7 13:35:15 2025 GMT
Subject: CN=68629298-2d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f4:3b:06:9c:f5:cd:cf:42:7b:10:e2:e4:d9:
3d:ec:9f:8d:c5:35:0c:3f:d6:94:96:06:82:60:6d:
3e:d0:dd:70:d7:16:ef:71:14:ff:a1:21:94:82:ec:
2a:e0:ec:41:be:c1:e7:c6:9c:55:e1:65:bc:01:9f:
b4:d8:05:7a:65:0d:6d:6f:2f:2d:39:53:ff:d2:24:
1e:79:28:95:73:a7:96:f8:c6:16:14:7f:16:eb:cd:
94:cb:f7:9c:54:86:31:df:9c:6b:4a:21:89:a3:20:
ef:63:b3:8b:8c:7c:75:f5:15:24:bc:74:fd:a3:57:
b1:be:1c:a3:04:9b:ac:fc:34:16:58:28:fe:80:84:
5e:a1:3d:eb:0a:9c:62:e3:b8:3e:19:3b:be:0d:ba:
0a:19:2b:2b:f2:4f:0d:17:07:4b:de:f1:64:26:b9:
bd:7f:ea:05:77:c2:05:b6:cd:9b:8d:9b:ff:28:28:
cf:89:d3:74:00:26:90:8b:d3:7c:24:c9:cb:6c:4f:
34:16:1b:33:d7:f1:36:ff:07:79:3d:a8:4a:4f:94:
f5:51:64:b2:d0:46:fa:7b:ce:f6:ca:d2:a8:b7:bc:
85:77:05:eb:c0:21:f5:fa:7b:9e:77:e4:a2:37:09:
17:f0:e3:4f:81:54:f1:9a:fb:01:73:be:cc:12:93:
cd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:60:B6:04:DC:14:09:19:2E:C4:9B:D1:37:9F:F5:EA:08:75:47:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10601DE655B711F09F38EBD0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0-154.194.27.255
Signature Algorithm: sha256WithRSAEncryption
bc:84:9d:d0:c7:6a:ab:aa:81:80:de:71:ab:85:77:8b:8e:d2:
31:67:84:fb:e0:91:43:7d:16:42:eb:da:58:b9:a7:b8:a5:d8:
49:ae:c1:f2:7c:e7:aa:f5:35:d9:65:ce:9a:13:1f:d2:d0:8f:
dc:15:99:39:c1:4f:52:b1:16:a4:78:cd:6e:87:c1:9a:c4:0f:
91:4c:1f:e2:b7:94:d8:de:eb:c9:18:2b:0c:5d:eb:b9:8f:42:
70:07:b8:1f:ca:b5:4c:fc:0e:99:0b:23:b2:23:2e:51:bd:79:
a7:4b:89:c0:df:80:4b:8c:6d:c3:c3:ce:c0:e9:b5:48:3d:68:
68:61:95:b9:95:ed:20:47:a9:89:7a:47:f4:6e:84:4e:0a:ec:
5f:8d:92:de:f2:0d:bf:9e:0d:ff:c8:e8:57:5e:e4:e4:5b:93:
87:e2:6f:5f:7e:cf:77:03:66:f7:96:2d:61:6e:4a:87:ea:66:
55:c6:43:05:30:51:c4:50:04:d5:28:52:a7:55:d8:59:7f:3a:
a6:89:0b:04:6c:85:50:b6:b6:17:86:78:77:de:7e:89:83:c8:
52:41:48:49:d3:16:a9:5b:1c:40:80:3d:3e:03:44:01:3c:ab:
2b:ed:93:ed:a0:76:85:27:4c:50:50:32:b3:11:29:3a:49:75:
fb:ac:7d:52
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYmIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjMwMTMzNTE1WhcNMjUwNzA3MTMzNTE1WjAYMRYw
FAYDVQQDEw02ODYyOTI5OC0yZDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxPQ7Bpz1zc9CexDi5Nk97J+NxTUMP9aUlgaCYG0+0N1w1xbvcRT/oSGU
guwq4OxBvsHnxpxV4WW8AZ+02AV6ZQ1tby8tOVP/0iQeeSiVc6eW+MYWFH8W682U
y/ecVIYx35xrSiGJoyDvY7OLjHx19RUkvHT9o1exvhyjBJus/DQWWCj+gIReoT3r
Cpxi47g+GTu+DboKGSsr8k8NFwdL3vFkJrm9f+oFd8IFts2bjZv/KCjPidN0ACaQ
i9N8JMnLbE80Fhsz1/E2/wd5PahKT5T1UWSy0Eb6e872ytKot7yFdwXrwCH1+nue
d+SiNwkX8ONPgVTxmvsBc77MEpPNeQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFM1g
tgTcFAkZLsSb0Tef9eoIdUcOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDYwMURFNjU1QjcxMUYwOUYzOEVCRDBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASawhADBAKawhgwDQYJ
KoZIhvcNAQELBQADggEBALyEndDHaquqgYDecauFd4uO0jFnhPvgkUN9FkLr2li5
p7il2EmuwfJ856r1NdllzpoTH9LQj9wVmTnBT1KxFqR4zW6HwZrED5FMH+K3lNje
68kYKwxd67mPQnAHuB/KtUz8DpkLI7IjLlG9eadLicDfgEuMbcPDzsDptUg9aGhh
lbmV7SBHqYl6R/RuhE4K7F+Nkt7yDb+eDf/I6Fde5ORbk4fib19+z3cDZveWLWFu
SofqZlXGQwUwUcRQBNUoUqdV2Fl/OqaJCwRshVC2theGeHfefomDyFJBSEnTFqlb
HECAPT4DRAE8qyvtk+2gdoUnTFBQMrMRKTpJdfusfVI=
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:37:22 2025 by rpki-client