Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3035AA82504911F09B915E7FDAE4EC9C.roa
File: 3035AA82504911F09B915E7FDAE4EC9C.roa (raw, json)
Hash identifier: YjQjFOQRKJdReiBuWNjb5xnhB1gb1kmB7nf0U6NeOiI=
Subject key identifier: 51:A5:AF:B9:41:05:A8:08:75:3B:45:99:93:AC:4F:FF:E8:03:6E:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018823
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3035AA82504911F09B915E7FDAE4EC9C.roa
Signing time: Mon 23 Jun 2025 15:46:12 +0000
ROA not before: Mon 23 Jun 2025 15:46:08 +0000
ROA not after: Sat 02 Aug 2025 15:46:08 +0000
asID: 174
IP address blocks: 154.88.32.0/24 maxlen: 24
154.88.33.0/24 maxlen: 24
154.88.34.0/24 maxlen: 24
154.88.35.0/24 maxlen: 24
154.88.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 11:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100387 (0x18823)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 23 15:46:08 2025 GMT
Not After : Aug 2 15:46:08 2025 GMT
Subject: CN=685976c4-74ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:31:c4:1f:42:4e:55:ed:01:e5:e9:b7:b9:c2:
0d:d4:c0:bd:cd:ad:de:31:5a:01:aa:5b:b7:90:3d:
a4:61:46:51:a5:86:17:e5:ad:7b:19:6f:fd:f8:c0:
85:ce:f4:01:e2:f3:45:2d:f6:fa:07:06:51:42:8f:
e3:0f:67:40:94:59:26:16:15:d3:42:2d:ba:b0:0d:
87:7c:e7:90:91:c0:1a:4e:e7:1c:c4:dc:14:98:2d:
a4:17:4b:7e:dc:2b:4c:bb:5f:f2:9f:2f:1a:7f:ba:
58:8a:0b:a2:a2:31:be:a7:3a:96:59:c7:64:7a:a4:
e1:f6:a7:9f:a5:19:18:d3:46:cb:af:60:a8:8f:fd:
f8:07:01:58:34:e9:34:b5:0a:89:2b:b6:67:5c:71:
0c:b4:f7:ab:d6:00:1e:0d:02:11:0d:70:6e:b0:d8:
c1:38:fe:46:53:b0:d4:4a:96:17:43:de:69:11:66:
e7:12:27:ce:69:9f:8a:89:dd:55:cf:00:75:f0:e8:
9c:2d:b9:09:32:fa:f4:89:89:45:e7:b8:da:d1:1c:
a7:ff:00:50:91:5f:2f:1d:da:e3:53:16:b4:53:b5:
bc:b6:c6:de:6a:75:ef:d3:3d:3d:6e:56:8d:00:b2:
02:8b:d3:12:a6:26:86:f2:e3:33:b9:56:bf:ab:b5:
36:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A5:AF:B9:41:05:A8:08:75:3B:45:99:93:AC:4F:FF:E8:03:6E:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3035AA82504911F09B915E7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.32.0/22
154.88.41.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:5f:57:15:65:cc:01:79:70:25:b5:f4:82:3e:45:60:bf:0f:
3b:33:12:98:18:c8:50:95:89:fa:ae:bc:3e:56:74:24:b6:3b:
21:5b:32:31:67:04:cf:6c:4b:ee:41:4f:23:74:17:23:ab:82:
1c:50:9f:69:c2:61:58:9d:b8:ac:f2:2e:b3:ee:72:1b:84:2f:
95:de:fd:98:6e:9b:a4:6a:77:85:64:b3:42:5a:10:1d:6f:2a:
e2:fb:47:80:29:92:84:32:e9:d2:64:72:df:97:af:aa:1c:e7:
3b:91:e5:e9:3b:32:13:59:4f:4e:e6:09:3c:1b:db:2a:fd:90:
eb:6c:a9:0c:44:75:6d:97:bc:ad:ce:a2:e2:dc:25:ff:c2:74:
26:45:a6:73:d9:cd:91:93:ff:be:ba:13:1b:d9:81:28:5f:97:
4d:0f:36:7a:e1:60:7b:a9:ff:1a:ae:4a:3d:94:a2:b4:3f:fa:
18:2d:18:83:6a:d3:93:f2:b6:8b:bb:e4:cd:5a:eb:14:16:91:
4b:f7:fe:83:c4:c6:df:1a:da:af:c3:1f:90:32:9d:ee:fa:3a:
9e:5d:89:00:75:c0:db:b8:39:18:e0:42:16:6d:0a:a4:8e:f0:
ba:02:dc:22:a6:2f:51:15:cd:54:f5:24:e8:ef:76:96:c5:0d:
31:0d:d2:f0
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYgjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIzMTU0NjA4WhcNMjUwODAyMTU0NjA4WjAYMRYw
FAYDVQQDEw02ODU5NzZjNC03NGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0zHEH0JOVe0B5em3ucIN1MC9za3eMVoBqlu3kD2kYUZRpYYX5a17GW/9
+MCFzvQB4vNFLfb6BwZRQo/jD2dAlFkmFhXTQi26sA2HfOeQkcAaTuccxNwUmC2k
F0t+3CtMu1/yny8af7pYiguiojG+pzqWWcdkeqTh9qefpRkY00bLr2Coj/34BwFY
NOk0tQqJK7ZnXHEMtPer1gAeDQIRDXBusNjBOP5GU7DUSpYXQ95pEWbnEifOaZ+K
id1VzwB18OicLbkJMvr0iYlF57ja0Ryn/wBQkV8vHdrjUxa0U7W8tsbeanXv0z09
blaNALICi9MSpiaG8uMzuVa/q7U26wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFGl
r7lBBagIdTtFmZOsT//oA24eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDM1QUE4MjUwNDkxMUYwOUI5MTVFN0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlggAwQAmlgpMA0GCSqG
SIb3DQEBCwUAA4IBAQDRX1cVZcwBeXAltfSCPkVgvw87MxKYGMhQlYn6rrw+VnQk
tjshWzIxZwTPbEvuQU8jdBcjq4IcUJ9pwmFYnbis8i6z7nIbhC+V3v2YbpukaneF
ZLNCWhAdbyri+0eAKZKEMunSZHLfl6+qHOc7keXpOzITWU9O5gk8G9sq/ZDrbKkM
RHVtl7ytzqLi3CX/wnQmRaZz2c2Rk/++uhMb2YEoX5dNDzZ64WB7qf8arko9lKK0
P/oYLRiDatOT8raLu+TNWusUFpFL9/6DxMbfGtqvwx+QMp3u+jqeXYkAdcDbuDkY
4EIWbQqkjvC6Atwipi9RFc1U9STo73aWxQ0xDdLw
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:23:19 2025 by rpki-client