Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/210D6C164C4811F0BBA25079DAE4EC9C.roa
File: 210D6C164C4811F0BBA25079DAE4EC9C.roa (raw, json)
Hash identifier: DIq4tFNe08lMT0i/IONLdj5dGo32dZPj/a4ZkHinckk=
Subject key identifier: 2A:75:FB:6D:50:F6:FD:D9:0D:9E:A0:E6:34:43:41:6D:79:3B:D7:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018741
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/210D6C164C4811F0BBA25079DAE4EC9C.roa
Signing time: Wed 18 Jun 2025 13:28:33 +0000
ROA not before: Wed 18 Jun 2025 13:28:27 +0000
ROA not after: Sun 20 Jul 2025 13:28:27 +0000
asID: 273155
IP address blocks: 154.200.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 10:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100161 (0x18741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 18 13:28:27 2025 GMT
Not After : Jul 20 13:28:27 2025 GMT
Subject: CN=6852bf01-691f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:27:91:8f:8a:46:9d:56:a3:4d:87:94:02:31:
cf:62:d6:10:86:66:66:91:2c:e9:99:b7:49:69:59:
fc:8b:11:1d:75:56:3b:d7:9d:ab:b7:a8:5d:cd:60:
df:1f:c4:da:8a:64:b7:6b:94:24:a1:c8:7a:a5:58:
32:9f:13:ed:14:fc:4b:d5:da:e8:c3:58:11:fc:16:
c8:e7:48:f1:2b:2c:12:71:04:0f:17:76:58:72:47:
e5:f2:1e:b3:d4:5e:a1:2a:24:e9:73:f8:de:24:ea:
93:93:8b:42:de:7d:ab:98:c5:5b:f3:39:a6:59:2b:
49:ff:fb:62:7d:73:57:45:dd:1b:44:19:6f:2d:b4:
69:9f:e9:14:b8:17:df:6c:3c:02:67:dc:4f:99:12:
f2:61:a4:3e:d9:ee:56:ff:b9:50:94:92:a1:94:4c:
aa:62:63:b0:26:c2:7a:02:71:1b:bd:02:e4:6d:0b:
ef:f9:32:3a:85:1b:19:6c:35:5d:98:ba:ef:33:70:
0d:0c:1b:32:f1:40:9d:04:ed:5a:03:37:b4:c9:82:
1a:93:ca:30:f6:ca:f5:6e:6f:93:4d:04:f2:38:93:
67:fd:3c:18:dd:5d:5b:f3:50:b3:b2:50:3a:22:da:
79:75:b1:66:00:9b:a2:85:ab:20:ad:c3:81:d6:87:
4d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:75:FB:6D:50:F6:FD:D9:0D:9E:A0:E6:34:43:41:6D:79:3B:D7:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/210D6C164C4811F0BBA25079DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:0e:74:5b:74:83:d6:78:28:de:d8:35:f3:6f:58:29:7a:b7:
7a:9b:48:4f:51:b7:c0:e0:80:64:de:ef:3e:56:32:c2:42:2f:
d7:c5:c0:2a:2d:ae:06:cc:c2:03:9e:a5:8b:56:c9:85:e0:ab:
12:1e:db:2d:95:b0:4d:95:ae:98:90:82:4e:42:22:58:99:68:
22:d6:53:41:1c:50:c0:a9:0a:92:46:1c:26:b5:ef:96:da:4a:
0f:e7:ab:4c:30:ef:aa:85:5b:d3:00:2c:ee:99:d8:24:f4:6b:
5a:5e:72:03:f3:e8:f4:9e:5d:26:e8:3e:7b:88:72:ed:69:62:
55:b5:58:0f:26:0a:89:72:02:8e:68:c4:e3:84:df:d7:e3:c2:
61:37:23:bb:58:4f:62:fa:5c:88:27:52:6c:2b:21:e8:ce:2b:
b4:c4:82:da:ca:e4:01:78:aa:87:98:66:e3:42:6c:7f:c4:3f:
aa:21:5f:4c:6e:bd:79:44:79:52:f7:fd:b5:f9:21:2f:3e:88:
9f:60:81:ce:48:61:5f:d5:f0:25:89:eb:46:de:a4:65:53:e6:
38:a6:50:9b:95:a0:02:a9:6e:e9:d2:4c:ca:2f:76:6e:bd:59:
86:c1:5b:43:d0:da:7a:8a:2b:40:2a:3d:46:94:10:e0:8f:96:
de:ec:25:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYdBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE4MTMyODI3WhcNMjUwNzIwMTMyODI3WjAYMRYw
FAYDVQQDEw02ODUyYmYwMS02OTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCeRj4pGnVajTYeUAjHPYtYQhmZmkSzpmbdJaVn8ixEddVY7152rt6hd
zWDfH8TaimS3a5Qkoch6pVgynxPtFPxL1drow1gR/BbI50jxKywScQQPF3ZYckfl
8h6z1F6hKiTpc/jeJOqTk4tC3n2rmMVb8zmmWStJ//tifXNXRd0bRBlvLbRpn+kU
uBffbDwCZ9xPmRLyYaQ+2e5W/7lQlJKhlEyqYmOwJsJ6AnEbvQLkbQvv+TI6hRsZ
bDVdmLrvM3ANDBsy8UCdBO1aAze0yYIak8ow9sr1bm+TTQTyOJNn/TwY3V1b81Cz
slA6Itp5dbFmAJuihasgrcOB1odNbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCp1
+21Q9v3ZDZ6g5jRDQW15O9fxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTBENkMxNjRDNDgxMUYwQkJBMjUwNzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsjsMA0GCSqGSIb3DQEB
CwUAA4IBAQCdDnRbdIPWeCje2DXzb1gperd6m0hPUbfA4IBk3u8+VjLCQi/XxcAq
La4GzMIDnqWLVsmF4KsSHtstlbBNla6YkIJOQiJYmWgi1lNBHFDAqQqSRhwmte+W
2koP56tMMO+qhVvTACzumdgk9GtaXnID8+j0nl0m6D57iHLtaWJVtVgPJgqJcgKO
aMTjhN/X48JhNyO7WE9i+lyIJ1JsKyHoziu0xILayuQBeKqHmGbjQmx/xD+qIV9M
br15RHlS9/21+SEvPoifYIHOSGFf1fAlietG3qRlU+Y4plCblaACqW7p0kzKL3Zu
vVmGwVtD0Np6iitAKj1GlBDgj5be7CUK
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:35:17 2025 by rpki-client