Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2BAF36F8513F11F0A22A3CB9DAE4EC9C.roa
File: 2BAF36F8513F11F0A22A3CB9DAE4EC9C.roa (raw, json)
Hash identifier: JRnj/kqpSn27JvlanaMtBz/KTfDqG8eUhyjd14O335k=
Subject key identifier: 9A:F5:8D:FD:D9:63:F9:AB:14:F5:4C:41:31:30:51:9F:FE:BF:83:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0188BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2BAF36F8513F11F0A22A3CB9DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 21:07:02 +0000
ROA not before: Tue 24 Jun 2025 21:06:56 +0000
ROA not after: Fri 15 Aug 2025 21:06:56 +0000
asID: 55320
IP address blocks: 154.205.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100542 (0x188be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 21:06:56 2025 GMT
Not After : Aug 15 21:06:56 2025 GMT
Subject: CN=685b1376-8526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1c:49:69:30:87:20:9f:5d:05:d4:78:18:25:
a0:06:61:80:6d:ac:ca:01:dc:e3:20:3f:22:4f:e4:
93:11:83:11:5c:8d:ff:b7:9c:07:92:ca:23:3b:8c:
12:43:67:6c:fd:ce:24:7f:b4:9a:43:06:89:eb:b2:
32:fe:94:5f:05:65:47:66:39:51:4e:cc:fd:46:14:
54:72:f6:43:7e:71:5e:37:42:35:8e:9b:19:25:6a:
97:28:73:68:38:c9:30:db:15:9d:a5:fe:4a:01:75:
c6:16:26:74:72:59:86:dc:d3:e2:ef:b8:87:ed:3d:
68:b6:d7:10:f4:29:f0:35:2d:ec:43:a6:69:cd:49:
d7:ff:09:23:87:be:8f:1c:2f:11:ad:7b:12:5f:ce:
50:8b:9e:60:26:d0:a6:d1:bc:e6:e4:d4:2d:46:d4:
0f:de:a4:82:cc:7e:78:87:24:75:83:6f:4c:4f:9a:
a7:5a:9a:13:6d:ca:e6:0a:b7:f6:d7:dd:45:bb:f7:
fd:e5:fd:65:05:cf:de:27:65:10:8a:92:71:10:4b:
16:73:61:1e:84:ab:12:a8:c6:29:69:dd:b2:fc:00:
49:96:f4:e9:f3:f2:6e:f8:ed:bb:da:22:9c:16:82:
fc:ee:65:c9:ff:fa:f6:4e:7c:2c:a0:f0:78:d4:80:
c9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F5:8D:FD:D9:63:F9:AB:14:F5:4C:41:31:30:51:9F:FE:BF:83:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2BAF36F8513F11F0A22A3CB9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.140.0/24
Signature Algorithm: sha256WithRSAEncryption
38:39:9d:2c:10:13:95:4e:29:52:5d:c0:76:33:3a:79:5b:62:
67:e2:5c:c4:d4:03:60:e8:82:71:98:0f:ce:43:d6:6a:30:1a:
ff:7d:92:cb:4b:ca:52:86:e6:7a:a7:0f:51:79:03:3e:b0:80:
05:35:a2:da:ab:1b:a0:c2:fe:36:6f:2d:47:97:e2:91:2f:1a:
f3:03:0a:50:18:d2:1b:81:c1:33:df:72:7e:b1:79:9f:0d:48:
cb:9b:f9:b9:e4:3e:a2:59:d7:a2:51:81:99:4b:7d:5a:44:fc:
d3:5b:90:78:84:12:2f:dd:e4:fc:d1:8f:f2:09:f6:ce:35:6e:
3e:e1:28:1f:0f:64:a7:bf:6d:7e:41:f5:28:22:d2:fb:24:0a:
be:1e:13:bf:6c:7d:48:b9:d7:04:7d:da:1f:65:4d:17:3d:8f:
f3:77:c5:b3:e7:b1:84:2c:13:2f:0e:1c:5d:5a:18:82:0e:f1:
0d:9d:c9:ef:e8:f4:4e:33:75:8f:67:e6:7c:0d:7c:79:3b:53:
4e:d6:a5:79:d1:01:71:89:82:98:29:b6:71:21:4a:fc:8d:6c:
16:a9:5c:ca:ca:d7:a4:d5:fa:75:04:19:1e:00:89:b2:63:53:
e1:e3:b4:bf:b6:60:61:36:12:fa:b1:c0:f9:45:8a:c3:42:d0:
92:96:54:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYi+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MjEwNjU2WhcNMjUwODE1MjEwNjU2WjAYMRYw
FAYDVQQDEw02ODViMTM3Ni04NTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2xxJaTCHIJ9dBdR4GCWgBmGAbazKAdzjID8iT+STEYMRXI3/t5wHksoj
O4wSQ2ds/c4kf7SaQwaJ67Iy/pRfBWVHZjlRTsz9RhRUcvZDfnFeN0I1jpsZJWqX
KHNoOMkw2xWdpf5KAXXGFiZ0clmG3NPi77iH7T1ottcQ9CnwNS3sQ6ZpzUnX/wkj
h76PHC8RrXsSX85Qi55gJtCm0bzm5NQtRtQP3qSCzH54hyR1g29MT5qnWpoTbcrm
Crf2191Fu/f95f1lBc/eJ2UQipJxEEsWc2EehKsSqMYpad2y/ABJlvTp8/Ju+O27
2iKcFoL87mXJ//r2TnwsoPB41IDJkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJr1
jf3ZY/mrFPVMQTEwUZ/+v4NIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQkFGMzZGODUxM0YxMUYwQTIyQTNDQjlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2MMA0GCSqGSIb3DQEB
CwUAA4IBAQA4OZ0sEBOVTilSXcB2Mzp5W2Jn4lzE1ANg6IJxmA/OQ9ZqMBr/fZLL
S8pShuZ6pw9ReQM+sIAFNaLaqxugwv42by1Hl+KRLxrzAwpQGNIbgcEz33J+sXmf
DUjLm/m55D6iWdeiUYGZS31aRPzTW5B4hBIv3eT80Y/yCfbONW4+4SgfD2Snv21+
QfUoItL7JAq+HhO/bH1IudcEfdofZU0XPY/zd8Wz57GELBMvDhxdWhiCDvENncnv
6PROM3WPZ+Z8DXx5O1NO1qV50QFxiYKYKbZxIUr8jWwWqVzKytek1fp1BBkeAImy
Y1Ph47S/tmBhNhL6scD5RYrDQtCSllSb
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:21:41 2025 by rpki-client