Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2ED399CA479211F0A8053EB4DAE4EC9C.roa
File: 2ED399CA479211F0A8053EB4DAE4EC9C.roa (raw, json)
Hash identifier: ffm/IKT55gA2Kism+2oIG8JXPuGNnbwzAmkSLYZouP0=
Subject key identifier: 77:CF:12:37:CF:E5:C9:11:14:31:FB:4F:47:81:BE:C0:DD:ED:46:75
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018630
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2ED399CA479211F0A8053EB4DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 13:36:03 +0000
ROA not before: Thu 12 Jun 2025 13:35:58 +0000
ROA not after: Tue 22 Jul 2025 13:35:58 +0000
asID: 133180
IP address blocks: 154.84.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99888 (0x18630)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 13:35:58 2025 GMT
Not After : Jul 22 13:35:58 2025 GMT
Subject: CN=684ad7c3-2d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:eb:e3:e3:ad:0d:56:9b:04:61:b4:95:5a:0a:
de:75:04:78:4e:88:94:8f:0f:51:f6:ce:a4:05:f9:
64:83:54:3e:74:af:1e:c0:9d:66:6f:52:65:db:10:
81:7c:ec:3a:47:d8:a9:e2:7a:55:90:f1:e6:f3:b4:
de:13:5a:1b:72:f5:e4:9c:b0:36:f0:21:63:82:91:
50:97:2c:65:e4:f3:36:dd:84:20:e1:92:d4:d3:ab:
af:56:c8:36:6b:75:22:0a:20:0a:d4:7e:91:c8:75:
ef:77:33:72:4b:d1:e1:b0:b4:34:e3:19:79:3e:14:
77:a3:42:db:57:8a:95:46:94:02:84:e7:c1:bd:e3:
12:70:49:d2:86:6c:6c:3c:31:1e:31:e0:06:b7:34:
88:06:3c:6e:6b:f9:56:21:fb:b4:6d:19:0a:0a:81:
6e:19:9e:02:b2:21:2f:9f:40:94:58:1c:59:6c:67:
1c:0a:97:d3:8f:44:a4:c8:e2:6b:38:5f:7a:5e:9f:
2b:56:a1:77:14:14:d4:84:b0:ce:cd:1a:20:44:bd:
01:56:f9:c4:34:10:58:73:b6:55:37:ab:c9:fd:79:
9e:61:fc:6a:1c:e5:70:83:c9:df:91:83:ac:77:52:
5b:ff:6e:ce:13:76:d1:81:2e:9b:3e:2f:e6:c2:59:
d9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CF:12:37:CF:E5:C9:11:14:31:FB:4F:47:81:BE:C0:DD:ED:46:75
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2ED399CA479211F0A8053EB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.135.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ab:73:a8:e7:58:c7:8f:c8:89:4e:8d:d5:bb:47:85:75:25:
12:c2:e4:4e:3b:56:46:2c:7b:2b:d6:fb:e1:21:66:c1:0c:75:
ad:39:c5:06:da:16:11:2c:80:92:22:db:79:48:07:21:26:6e:
e7:e7:47:7a:ed:7c:e6:e7:ff:b7:21:0d:8c:27:d1:8f:e9:a8:
8c:92:a2:21:63:3e:a9:5f:72:93:a5:d2:6e:f3:3d:3d:9e:ac:
a5:92:c4:dc:59:c2:68:2e:31:77:fe:52:87:0f:a1:9e:25:5d:
a7:ea:c1:86:ab:70:6f:e9:f6:a1:4c:25:0e:e2:39:6b:94:c6:
0c:73:1e:7b:87:86:a2:bf:e7:0e:8f:2e:e4:ab:a0:e9:e3:66:
a5:2a:e4:05:6d:23:9c:48:d6:a1:f4:dc:8b:0d:fb:8c:19:7b:
7d:56:90:1a:c1:42:70:89:31:77:35:c2:12:e1:48:7d:c3:af:
b4:82:f1:d8:fa:d3:33:27:b1:e5:6b:f4:7a:54:c1:64:2a:2c:
49:b7:a0:ee:e8:13:14:63:c6:a1:47:59:99:e2:fa:a6:d8:3a:
63:91:7d:da:5a:79:8c:d8:45:fb:71:bc:af:e6:3d:19:13:89:
bf:82:98:93:02:57:21:b3:08:f9:2e:b6:a3:77:1c:cb:cb:35:
ff:08:9e:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYYwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEyMTMzNTU4WhcNMjUwNzIyMTMzNTU4WjAYMRYw
FAYDVQQDEw02ODRhZDdjMy0yZDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxevj460NVpsEYbSVWgredQR4ToiUjw9R9s6kBflkg1Q+dK8ewJ1mb1Jl
2xCBfOw6R9ip4npVkPHm87TeE1obcvXknLA28CFjgpFQlyxl5PM23YQg4ZLU06uv
Vsg2a3UiCiAK1H6RyHXvdzNyS9HhsLQ04xl5PhR3o0LbV4qVRpQChOfBveMScEnS
hmxsPDEeMeAGtzSIBjxua/lWIfu0bRkKCoFuGZ4CsiEvn0CUWBxZbGccCpfTj0Sk
yOJrOF96Xp8rVqF3FBTUhLDOzRogRL0BVvnENBBYc7ZVN6vJ/XmeYfxqHOVwg8nf
kYOsd1Jb/27OE3bRgS6bPi/mwlnZwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHfP
EjfP5ckRFDH7T0eBvsDd7UZ1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRUQzOTlDQTQ3OTIxMUYwQTgwNTNFQjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSHMA0GCSqGSIb3DQEB
CwUAA4IBAQBMq3Oo51jHj8iJTo3Vu0eFdSUSwuROO1ZGLHsr1vvhIWbBDHWtOcUG
2hYRLICSItt5SAchJm7n50d67Xzm5/+3IQ2MJ9GP6aiMkqIhYz6pX3KTpdJu8z09
nqylksTcWcJoLjF3/lKHD6GeJV2n6sGGq3Bv6fahTCUO4jlrlMYMcx57h4aiv+cO
jy7kq6Dp42alKuQFbSOcSNah9NyLDfuMGXt9VpAawUJwiTF3NcIS4Uh9w6+0gvHY
+tMzJ7Hla/R6VMFkKixJt6Du6BMUY8ahR1mZ4vqm2DpjkX3aWnmM2EX7cbyv5j0Z
E4m/gpiTAlchswj5LrajdxzLyzX/CJ7x
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:12:57 2025 by rpki-client