Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1343C5904E8111F0941391F2DAE4EC9C.roa
File: 1343C5904E8111F0941391F2DAE4EC9C.roa (raw, json)
Hash identifier: kduUyjWuZ5kZD8SpFFIl2EgVF6Foam7zJxBy3KMZuh0=
Subject key identifier: 3B:6D:D0:16:60:A3:BF:73:F6:33:D6:01:1D:43:75:FA:79:5D:7D:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1343C5904E8111F0941391F2DAE4EC9C.roa
Signing time: Sat 21 Jun 2025 09:21:13 +0000
ROA not before: Sat 21 Jun 2025 09:21:09 +0000
ROA not after: Thu 24 Jul 2025 09:21:09 +0000
asID: 22724
IP address blocks: 154.89.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100270 (0x187ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 21 09:21:09 2025 GMT
Not After : Jul 24 09:21:09 2025 GMT
Subject: CN=68567989-f395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:1f:a5:7a:99:92:2a:7d:c3:73:24:46:37:
fa:76:74:35:c9:ec:71:77:9b:cf:78:ad:2d:af:9d:
55:76:d9:3d:f7:e3:d2:ae:56:a9:c8:6d:e0:b9:28:
fb:20:61:ec:57:fb:69:05:9c:4f:b3:5c:cc:e2:52:
67:ff:5e:76:2b:8f:d8:eb:4c:65:e5:4c:98:ab:16:
0a:f2:9b:0c:ca:0c:74:2e:06:a3:30:05:8c:42:1f:
4c:fd:ce:0f:b3:3c:8c:88:f1:16:21:7d:3f:9c:1e:
f5:7c:76:36:ec:ef:34:34:85:96:c9:a9:01:4a:f1:
04:e1:c0:04:50:ea:94:0c:9a:06:e2:cc:75:27:52:
11:30:73:c8:0a:76:9d:bf:dd:06:e0:0e:a9:51:bd:
6e:8b:75:15:8d:cb:1b:71:09:3a:79:9c:86:1d:c2:
24:7e:fb:99:a7:39:a4:50:32:12:41:cf:52:ee:25:
ec:17:9a:ef:ee:37:e0:d0:8d:0e:25:6a:8b:20:92:
e6:2f:18:a5:41:c1:ed:b4:b5:b1:67:b7:9d:fd:75:
1a:cb:d4:de:77:c6:51:c5:99:e0:54:15:dc:59:89:
3d:23:66:94:81:41:ad:a3:20:68:c2:c0:e0:0a:98:
4e:41:aa:ab:50:ad:c6:6f:14:b7:e8:3e:b5:f1:6a:
64:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6D:D0:16:60:A3:BF:73:F6:33:D6:01:1D:43:75:FA:79:5D:7D:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1343C5904E8111F0941391F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.16.0/20
Signature Algorithm: sha256WithRSAEncryption
28:ef:2d:71:37:61:2d:41:4b:76:0b:82:b3:bf:4f:5c:f4:d5:
84:49:21:fb:a3:82:7a:70:7c:05:7e:c8:23:8c:56:f4:01:dd:
1c:9d:8f:6c:0a:8d:a0:7d:99:f8:03:75:51:26:11:94:1e:ff:
37:a6:c8:2d:5a:cb:17:8c:24:85:3b:6b:cd:fa:71:ab:08:3f:
15:b4:02:38:de:dc:b4:b3:b3:4f:f3:c4:be:60:b0:f1:f8:76:
a6:64:12:bc:75:fa:c2:ea:50:a7:ba:6d:76:b7:15:81:ec:c7:
a0:02:3f:8f:9c:16:27:b9:78:8b:48:22:c1:4d:e3:d4:3f:7e:
91:fb:ca:0a:4c:d0:49:ac:84:8b:b7:50:d4:52:18:1c:ba:6b:
1d:74:b8:f9:0f:f4:98:46:2a:12:68:5d:2e:ad:0c:a8:71:cc:
72:51:44:9f:f1:ad:11:66:c4:de:c7:4d:12:2a:1d:aa:4d:e4:
74:d8:c7:3d:7b:75:a0:ab:1b:cc:de:64:0c:57:95:bd:45:81:
a2:74:63:55:81:70:f5:24:30:f9:38:92:5f:da:b2:67:e5:6c:
11:81:02:d9:74:aa:19:ae:e7:59:2d:1b:82:cc:1b:9a:28:51:
e4:e6:37:b4:13:65:58:77:d5:3d:09:4e:5e:2c:c3:f3:61:cd:
bb:a1:c6:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYeuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIxMDkyMTA5WhcNMjUwNzI0MDkyMTA5WjAYMRYw
FAYDVQQDEw02ODU2Nzk4OS1mMzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0L8fpXqZkip9w3MkRjf6dnQ1yexxd5vPeK0tr51Vdtk99+PSrlapyG3g
uSj7IGHsV/tpBZxPs1zM4lJn/152K4/Y60xl5UyYqxYK8psMygx0LgajMAWMQh9M
/c4PszyMiPEWIX0/nB71fHY27O80NIWWyakBSvEE4cAEUOqUDJoG4sx1J1IRMHPI
Cnadv90G4A6pUb1ui3UVjcsbcQk6eZyGHcIkfvuZpzmkUDISQc9S7iXsF5rv7jfg
0I0OJWqLIJLmLxilQcHttLWxZ7ed/XUay9Ted8ZRxZngVBXcWYk9I2aUgUGtoyBo
wsDgCphOQaqrUK3GbxS36D618WpkVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDtt
0BZgo79z9jPWAR1Ddfp5XX2OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzQzQzU5MDRFODExMUYwOTQxMzkxRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlkQMA0GCSqGSIb3DQEB
CwUAA4IBAQAo7y1xN2EtQUt2C4Kzv09c9NWESSH7o4J6cHwFfsgjjFb0Ad0cnY9s
Co2gfZn4A3VRJhGUHv83psgtWssXjCSFO2vN+nGrCD8VtAI43ty0s7NP88S+YLDx
+HamZBK8dfrC6lCnum12txWB7MegAj+PnBYnuXiLSCLBTePUP36R+8oKTNBJrISL
t1DUUhgcumsddLj5D/SYRioSaF0urQyoccxyUUSf8a0RZsTex00SKh2qTeR02Mc9
e3WgqxvM3mQMV5W9RYGidGNVgXD1JDD5OJJf2rJn5WwRgQLZdKoZrudZLRuCzBua
KFHk5je0E2VYd9U9CU5eLMPzYc27ocbV
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:09:04 2025 by rpki-client