Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D04407E581511F0AC4900B6DAE4EC9C.roa
File: 3D04407E581511F0AC4900B6DAE4EC9C.roa (raw, json)
Hash identifier: QtYt26+s820QJQqiAkiY7oaaLfWt2qhPvUor25yNaGM=
Subject key identifier: 87:88:04:79:D2:48:4D:98:E7:07:30:79:E4:ED:24:B4:A0:A4:14:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A1D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D04407E581511F0AC4900B6DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 13:54:29 +0000
ROA not before: Thu 03 Jul 2025 13:54:25 +0000
ROA not after: Thu 21 Aug 2025 13:54:25 +0000
asID: 203020
IP address blocks: 154.85.28.0/22 maxlen: 24
154.90.192.0/19 maxlen: 24
154.94.128.0/18 maxlen: 24
154.94.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100893 (0x18a1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 13:54:25 2025 GMT
Not After : Aug 21 13:54:25 2025 GMT
Subject: CN=68668b95-78db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f1:0f:0a:ec:b3:78:e8:4f:4a:93:c4:ed:ec:
e6:7c:21:4a:12:a1:11:27:e4:7d:06:10:51:ee:85:
e5:1d:67:a4:10:61:10:02:c9:ca:62:80:a9:cb:be:
e4:59:74:a0:8b:33:fd:e0:ef:8f:4e:2d:71:5c:92:
4a:1b:23:bc:6f:8e:95:b9:4c:98:ea:43:fa:d4:b8:
4f:a3:04:ad:bb:ff:0a:70:63:13:ae:2d:19:96:d8:
da:8e:ca:29:89:a2:48:2e:8e:c4:05:8d:9f:19:41:
c6:30:9b:41:12:42:62:12:44:5b:c1:19:2c:26:12:
ca:ad:29:44:6e:56:fe:d3:98:56:89:96:14:e7:63:
0a:fa:96:e2:57:1a:88:ff:f9:dc:e0:aa:3e:78:2e:
a9:cd:7d:6b:51:2f:ad:f7:ca:2f:43:03:a2:42:f9:
9a:cc:17:67:c0:f0:74:0a:ed:63:a1:43:a2:e0:6b:
ee:91:35:ae:fe:59:19:6f:ba:54:65:a0:6e:88:7e:
d5:7c:27:08:de:5a:9a:20:dd:17:b9:30:58:35:ee:
44:28:cf:18:4c:41:4d:21:1a:a4:59:82:0e:35:d9:
ef:82:fb:5a:39:ea:e5:1e:a1:52:65:fe:03:04:0f:
c0:a4:ed:ea:da:cd:44:7f:70:cf:67:67:f0:69:bd:
68:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:88:04:79:D2:48:4D:98:E7:07:30:79:E4:ED:24:B4:A0:A4:14:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D04407E581511F0AC4900B6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.28.0/22
154.90.192.0/19
154.94.128.0/18
154.94.240.0/20
Signature Algorithm: sha256WithRSAEncryption
87:e6:3c:56:61:24:9d:61:9a:82:61:a2:e7:6d:53:e2:11:a8:
67:8d:f5:09:0d:c2:f5:c8:34:a1:98:b7:1c:d8:2a:fe:ea:2b:
38:96:b8:8a:1e:bb:76:41:2e:86:f2:a6:45:41:f3:f9:9c:0b:
c5:cb:b0:6a:18:12:d4:7e:62:91:d0:5c:bf:01:ea:b2:28:a3:
26:9f:04:7f:f6:e9:5d:ee:d1:59:43:91:ab:ec:22:26:3b:94:
dc:1d:a2:5c:b7:f5:55:79:b1:84:04:f0:e8:2a:cb:ca:d0:b5:
0d:bf:16:21:10:71:3f:e3:57:71:35:d2:45:f5:f1:fb:fa:0b:
27:c2:2e:4e:e2:0d:ec:68:bd:da:d8:ef:fc:58:92:23:7b:e9:
69:4d:38:23:19:bd:80:83:ca:7f:71:d1:28:ef:c2:39:7a:6e:
3b:9a:0f:4a:1a:9e:b9:cb:59:ff:08:c8:75:b7:02:f1:17:9d:
40:0f:69:bb:43:67:43:c6:45:4a:05:ed:de:2e:0b:76:22:1c:
7e:78:a7:c1:0a:9c:a0:c6:79:1c:81:ea:1a:60:0f:26:f1:0c:
ad:a6:d0:e4:91:64:f4:2f:2f:64:19:4d:83:ae:37:8c:d1:93:
fe:21:92:ca:f8:15:e2:6a:5b:5b:55:b2:ab:4e:52:e4:f8:de:
15:9b:16:6d
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAYodMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMTM1NDI1WhcNMjUwODIxMTM1NDI1WjAYMRYw
FAYDVQQDEw02ODY2OGI5NS03OGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwvEPCuyzeOhPSpPE7ezmfCFKEqERJ+R9BhBR7oXlHWekEGEQAsnKYoCp
y77kWXSgizP94O+PTi1xXJJKGyO8b46VuUyY6kP61LhPowStu/8KcGMTri0Zltja
jsopiaJILo7EBY2fGUHGMJtBEkJiEkRbwRksJhLKrSlEblb+05hWiZYU52MK+pbi
VxqI//nc4Ko+eC6pzX1rUS+t98ovQwOiQvmazBdnwPB0Cu1joUOi4GvukTWu/lkZ
b7pUZaBuiH7VfCcI3lqaIN0XuTBYNe5EKM8YTEFNIRqkWYIONdnvgvtaOerlHqFS
Zf4DBA/ApO3q2s1Ef3DPZ2fwab1opQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFIeI
BHnSSE2Y5wcweeTtJLSgpBRYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDA0NDA3RTU4MTUxMUYwQUM0OTAwQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCmlUcAwQFmlrAAwQGml6A
AwQEml7wMA0GCSqGSIb3DQEBCwUAA4IBAQCH5jxWYSSdYZqCYaLnbVPiEahnjfUJ
DcL1yDShmLcc2Cr+6is4lriKHrt2QS6G8qZFQfP5nAvFy7BqGBLUfmKR0Fy/Aeqy
KKMmnwR/9uld7tFZQ5Gr7CImO5TcHaJct/VVebGEBPDoKsvK0LUNvxYhEHE/41dx
NdJF9fH7+gsnwi5O4g3saL3a2O/8WJIje+lpTTgjGb2Ag8p/cdEo78I5em47mg9K
Gp65y1n/CMh1twLxF51AD2m7Q2dDxkVKBe3eLgt2Ihx+eKfBCpygxnkcgeoaYA8m
8QytptDkkWT0Ly9kGU2DrjeM0ZP+IZLK+BXialtbVbKrTlLk+N4VmxZt
-----END CERTIFICATE-----
Generated at Fri Jul 4 10:03:42 2025 by rpki-client