Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CF48E724DE311F08559E9EADAE4EC9C.roa
File: 3CF48E724DE311F08559E9EADAE4EC9C.roa (raw, json)
Hash identifier: bAxjKbEx13hBQwNm9dN000HQh144io7c3ubn13yYX3I=
Subject key identifier: A6:97:C0:32:EF:E7:82:8D:59:3C:95:89:6F:EE:81:23:F9:35:F2:C0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018793
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CF48E724DE311F08559E9EADAE4EC9C.roa
Signing time: Fri 20 Jun 2025 14:31:23 +0000
ROA not before: Fri 20 Jun 2025 14:31:18 +0000
ROA not after: Sun 27 Jul 2025 14:31:18 +0000
asID: 137899
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100243 (0x18793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 20 14:31:18 2025 GMT
Not After : Jul 27 14:31:18 2025 GMT
Subject: CN=685570bb-3b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a1:41:f4:08:7c:62:8a:a5:d6:a3:06:a4:24:
d2:4f:d8:97:8b:c4:46:8c:9e:4c:c6:a8:55:3c:18:
3a:53:73:85:fa:d5:e9:19:b3:52:56:02:6f:7d:42:
7d:db:93:f1:b6:6f:82:b1:45:dc:7a:07:dd:17:d9:
51:31:13:88:ba:0b:38:db:84:91:74:ed:3d:c0:b0:
be:36:df:3e:56:47:a8:24:42:32:3d:b9:c0:59:1b:
d3:11:52:ed:9a:e2:f2:34:b2:ad:61:51:38:92:37:
14:7d:4d:c4:e8:69:cf:5e:5d:02:ad:11:37:16:aa:
7d:8a:10:7e:7d:7e:a6:0f:28:53:43:c1:21:82:29:
0a:07:07:3b:03:3d:f8:02:00:1b:3f:f7:c0:68:db:
95:61:a7:20:96:73:4a:12:1b:67:e3:bb:51:cd:1d:
38:ad:28:32:d4:ae:86:40:c4:d5:e9:de:53:91:6a:
f8:c1:0d:f7:d0:62:f5:a1:f7:1f:88:1b:d1:51:3b:
01:d6:21:80:19:bf:f5:73:49:ce:41:2f:f8:89:38:
15:d7:45:d2:b0:16:63:83:70:29:03:c5:18:fb:0e:
ac:62:ae:e2:96:0c:9e:5a:12:01:61:21:6b:34:d7:
87:78:5a:bd:3f:bd:8b:36:4f:b5:47:6f:b0:7e:83:
ce:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:97:C0:32:EF:E7:82:8D:59:3C:95:89:6F:EE:81:23:F9:35:F2:C0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CF48E724DE311F08559E9EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b7:30:3b:f1:40:e8:65:65:64:bb:60:ff:4c:8b:d4:a7:ed:7d:
19:85:34:73:34:57:4c:0b:fa:71:fa:d3:a3:e2:21:46:57:6c:
63:ff:96:06:22:e2:28:c3:da:0c:f1:58:f7:df:d4:2b:1d:2b:
a4:70:87:36:6b:2b:5b:ee:66:55:e9:fd:c4:c8:59:d3:bc:34:
ed:b4:d9:00:22:3b:a8:21:dc:50:7c:d2:19:6e:7c:c2:b2:0b:
e1:d4:eb:3b:77:cc:9c:10:e3:fa:a9:a9:e8:b0:ec:86:8a:b8:
a4:48:ec:4a:53:c4:e2:a7:b3:1d:b3:7b:a3:bc:da:b2:43:a6:
67:41:78:63:02:e7:ac:8d:1b:02:81:8b:3d:58:de:4d:45:95:
44:36:97:47:36:3e:bb:ae:88:01:7e:b4:a9:d6:10:5d:7a:b7:
4e:24:bf:90:f1:5f:68:6c:13:de:1e:c9:69:5d:34:9a:76:cf:
06:6f:9d:5c:82:f7:93:df:89:27:c4:56:55:1e:e8:79:0e:f9:
26:bf:ca:09:6b:0d:28:18:db:c5:b9:aa:36:05:47:a9:ee:7c:
e0:e1:b2:3c:54:f9:c9:46:60:65:af:03:08:24:0f:0b:95:89:
dc:df:de:a2:85:c9:f2:9f:17:f1:f3:29:1a:99:49:95:dd:08:
cd:64:fa:90
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYeTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIwMTQzMTE4WhcNMjUwNzI3MTQzMTE4WjAYMRYw
FAYDVQQDEw02ODU1NzBiYi0zYjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz6FB9Ah8Yoql1qMGpCTST9iXi8RGjJ5MxqhVPBg6U3OF+tXpGbNSVgJv
fUJ925Pxtm+CsUXcegfdF9lRMROIugs424SRdO09wLC+Nt8+VkeoJEIyPbnAWRvT
EVLtmuLyNLKtYVE4kjcUfU3E6GnPXl0CrRE3Fqp9ihB+fX6mDyhTQ8EhgikKBwc7
Az34AgAbP/fAaNuVYacglnNKEhtn47tRzR04rSgy1K6GQMTV6d5TkWr4wQ330GL1
ofcfiBvRUTsB1iGAGb/1c0nOQS/4iTgV10XSsBZjg3ApA8UY+w6sYq7ilgyeWhIB
YSFrNNeHeFq9P72LNk+1R2+wfoPOjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKaX
wDLv54KNWTyViW/ugSP5NfLAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQ0Y0OEU3MjRERTMxMUYwODU1OUU5RUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQC3MDvxQOhlZWS7YP9Mi9Sn7X0ZhTRzNFdMC/px+tOj4iFGV2xj/5YG
IuIow9oM8Vj339QrHSukcIc2aytb7mZV6f3EyFnTvDTttNkAIjuoIdxQfNIZbnzC
sgvh1Os7d8ycEOP6qanosOyGirikSOxKU8Tip7Mds3ujvNqyQ6ZnQXhjAuesjRsC
gYs9WN5NRZVENpdHNj67rogBfrSp1hBderdOJL+Q8V9obBPeHslpXTSads8Gb51c
gveT34knxFZVHuh5Dvkmv8oJaw0oGNvFuao2BUep7nzg4bI8VPnJRmBlrwMIJA8L
lYnc396ihcnynxfx8ykamUmV3QjNZPqQ
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:08:12 2025 by rpki-client