Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC9D0DE568011F09369F1EBDAE4EC9C.roa
File: 3BC9D0DE568011F09369F1EBDAE4EC9C.roa (raw, json)
Hash identifier: Fti+WOlhh9dsOQQw5jXorbcbdufL9OySR8r8m5hdTok=
Subject key identifier: 49:57:92:F2:41:13:C5:43:76:2E:ED:69:1C:B2:1A:39:31:D1:0F:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC9D0DE568011F09369F1EBDAE4EC9C.roa
Signing time: Tue 01 Jul 2025 13:35:21 +0000
ROA not before: Tue 01 Jul 2025 13:35:16 +0000
ROA not after: Sun 24 Aug 2025 13:35:16 +0000
asID: 214432
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100774 (0x189a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 1 13:35:16 2025 GMT
Not After : Aug 24 13:35:16 2025 GMT
Subject: CN=6863e419-13e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:97:25:71:d1:2b:14:bf:b7:90:47:d6:a1:ef:
c6:6a:f9:fd:99:cc:f7:9c:fa:da:c9:b5:1c:2b:ec:
e2:7c:46:84:1a:8d:d7:69:7d:a3:c6:af:f5:7d:75:
73:7e:4f:10:b6:ab:5b:38:15:6c:1c:68:2d:d9:4f:
9f:41:f3:2f:1e:ae:f1:75:04:ce:61:10:1b:24:f6:
f7:e5:89:43:00:d8:b9:03:7b:67:8f:7e:06:30:d8:
ea:0b:80:22:21:1c:80:84:07:8c:f5:09:d7:f0:ee:
99:c7:5e:62:03:ce:8e:ca:3f:f2:d2:ee:87:a7:f3:
f9:5a:c4:56:54:92:34:6c:03:50:c5:33:0e:7d:32:
08:fd:58:51:82:f0:bc:23:2c:a4:23:30:fc:94:ae:
28:34:8b:cd:83:a3:c6:50:80:99:5c:26:0a:b3:2d:
84:c8:e9:98:96:c9:1b:d9:f9:04:2f:60:29:6b:60:
8f:cc:65:05:8c:f4:bb:9b:07:da:84:af:ed:54:0d:
73:70:ca:82:24:c2:f7:b9:c0:21:7a:bf:2b:b8:a6:
bb:13:a5:50:7b:1c:e3:d3:41:73:cc:b9:24:b2:ae:
fd:07:cb:ec:3e:27:cb:52:5b:d8:c3:5f:10:74:b3:
3d:38:0c:63:67:ff:22:23:cf:e7:65:e5:2c:82:33:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:57:92:F2:41:13:C5:43:76:2E:ED:69:1C:B2:1A:39:31:D1:0F:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC9D0DE568011F09369F1EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
66:71:0d:b4:66:29:ea:f4:e7:12:a2:65:3e:eb:22:12:75:07:
54:d8:8d:a3:a1:b5:ed:6d:8f:a8:bb:3d:27:8e:20:bb:f3:33:
93:48:e3:35:bb:bb:0f:61:c3:9e:32:32:a6:0c:17:46:19:b9:
ae:a3:b2:29:ce:bf:0e:17:04:6c:88:e3:b2:de:04:12:cb:18:
b9:c0:2b:23:4f:56:ac:cc:ee:93:66:34:3c:28:d6:29:b4:02:
73:38:fa:bc:93:e7:aa:ea:39:43:01:9a:c5:2f:e1:04:cd:c4:
97:49:4f:7c:0b:4c:e3:a2:74:e5:cc:72:96:1a:c9:35:b2:2b:
1d:1c:71:8b:51:6e:fc:b9:24:97:81:c7:11:a9:8a:c6:9f:0d:
c9:09:90:ad:9f:66:0b:17:32:ce:7b:81:a5:67:11:28:30:b7:
f9:52:ce:67:a8:68:5a:92:a2:88:8f:3d:26:7a:23:64:66:5a:
f7:4c:86:ce:0b:4f:d1:15:6e:b9:68:7b:a6:27:16:05:fb:ce:
22:7c:e9:88:e5:2e:65:1c:b3:bb:65:47:02:a1:10:eb:cd:0d:
c8:85:d0:35:5a:6d:c1:66:84:39:a7:80:88:52:ea:3b:2b:d2:
2e:79:a3:fb:b0:6e:b3:97:34:8a:24:52:89:fe:4f:3b:16:60:
eb:1f:9b:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYmmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAxMTMzNTE2WhcNMjUwODI0MTMzNTE2WjAYMRYw
FAYDVQQDEw02ODYzZTQxOS0xM2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz5clcdErFL+3kEfWoe/Gavn9mcz3nPraybUcK+zifEaEGo3XaX2jxq/1
fXVzfk8QtqtbOBVsHGgt2U+fQfMvHq7xdQTOYRAbJPb35YlDANi5A3tnj34GMNjq
C4AiIRyAhAeM9QnX8O6Zx15iA86Oyj/y0u6Hp/P5WsRWVJI0bANQxTMOfTII/VhR
gvC8IyykIzD8lK4oNIvNg6PGUICZXCYKsy2EyOmYlskb2fkEL2Apa2CPzGUFjPS7
mwfahK/tVA1zcMqCJML3ucAher8ruKa7E6VQexzj00FzzLkksq79B8vsPifLUlvY
w18QdLM9OAxjZ/8iI8/nZeUsgjNHoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFElX
kvJBE8VDdi7taRyyGjkx0Q86MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkM5RDBERTU2ODAxMUYwOTM2OUYxRUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQBmcQ20Zinq9OcSomU+6yISdQdU2I2jobXtbY+ouz0njiC78zOTSOM1
u7sPYcOeMjKmDBdGGbmuo7Ipzr8OFwRsiOOy3gQSyxi5wCsjT1aszO6TZjQ8KNYp
tAJzOPq8k+eq6jlDAZrFL+EEzcSXSU98C0zjonTlzHKWGsk1sisdHHGLUW78uSSX
gccRqYrGnw3JCZCtn2YLFzLOe4GlZxEoMLf5Us5nqGhakqKIjz0meiNkZlr3TIbO
C0/RFW65aHumJxYF+84ifOmI5S5lHLO7ZUcCoRDrzQ3IhdA1Wm3BZoQ5p4CIUuo7
K9IueaP7sG6zlzSKJFKJ/k87FmDrH5sI
-----END CERTIFICATE-----
Generated at Fri Jul 4 09:59:37 2025 by rpki-client