Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40E83FFA4B8C11F0A38EFB9CDAE4EC9C.roa
File: 40E83FFA4B8C11F0A38EFB9CDAE4EC9C.roa (raw, json)
Hash identifier: 4u1yrKOCpR1ZgrBvi/PXrtb7ST75vI/qH83pJzDKnW0=
Subject key identifier: DE:60:D1:8B:C3:A4:99:E6:96:E0:A9:FD:7C:08:AF:CD:7B:29:EA:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018731
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40E83FFA4B8C11F0A38EFB9CDAE4EC9C.roa
Signing time: Tue 17 Jun 2025 15:03:41 +0000
ROA not before: Tue 17 Jun 2025 15:03:32 +0000
ROA not after: Mon 04 Aug 2025 15:03:32 +0000
asID: 394432
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100145 (0x18731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 15:03:32 2025 GMT
Not After : Aug 4 15:03:32 2025 GMT
Subject: CN=685183cd-fa02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5f:74:b9:7e:5a:6a:34:a6:4c:17:6b:ff:5b:
ca:24:3d:59:1e:4f:5a:bc:dc:ae:3b:2f:e0:6e:7f:
9c:31:9f:b7:ad:98:cb:60:e0:24:7d:57:62:26:7c:
b5:a9:53:5b:b1:af:d1:b9:13:27:77:a7:b0:9b:2d:
18:84:56:2e:fe:cf:9e:53:80:51:03:c9:38:db:09:
dd:e1:d4:c4:9c:23:dc:a1:98:63:1c:ed:3f:8a:4c:
81:54:b5:49:8b:04:2a:cc:a0:06:a2:7d:61:96:2d:
24:70:00:72:b4:00:53:77:bb:01:25:06:76:8f:57:
be:8a:a2:b5:13:d2:b6:2f:6a:ba:ec:5e:99:c5:8b:
60:6b:9d:13:71:47:19:40:e9:aa:d8:f6:ba:9e:81:
c8:5e:37:ea:9d:aa:58:8c:7e:e6:b8:cc:f1:96:05:
7b:a7:80:85:81:7a:aa:e9:eb:dc:96:ef:d2:26:df:
c4:9a:0e:ed:b0:81:63:04:6b:b8:32:5a:c0:ef:aa:
90:bc:04:05:ab:c7:07:58:f0:4e:75:b3:f2:9f:3f:
a4:f4:73:99:1d:82:ea:56:56:1c:0f:f0:19:5f:61:
1e:5a:3b:9e:85:c2:83:87:4e:a4:bd:cd:a0:2f:fb:
d9:55:51:63:77:e0:28:07:69:fe:37:09:99:9a:fb:
8d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:60:D1:8B:C3:A4:99:E6:96:E0:A9:FD:7C:08:AF:CD:7B:29:EA:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40E83FFA4B8C11F0A38EFB9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
c5:9d:91:5e:72:8d:ff:cd:08:40:ad:82:31:5d:0c:11:96:d7:
14:5f:10:a7:b3:cd:40:51:33:74:78:27:44:7a:9d:45:92:64:
f4:4f:8d:a4:d3:ba:96:16:3e:2e:e6:fe:7b:81:a2:a1:63:5f:
b6:e0:0b:d7:2e:2b:5e:3e:ff:e7:c1:2d:ed:2e:55:c8:17:7e:
16:cc:9a:e3:d4:2f:ee:cc:fd:29:b1:53:79:71:26:4a:13:e2:
4a:ff:98:fb:23:8c:60:8b:19:b9:7d:fd:0c:78:af:23:f5:40:
bf:a9:1b:e0:c5:a6:08:cf:99:6e:16:4f:77:c1:50:35:48:b3:
87:e9:c1:01:30:d0:50:10:35:05:02:d1:92:9d:26:7b:97:1b:
0f:8b:0f:5f:b5:58:49:68:8e:03:82:60:c5:0a:b8:86:d4:a0:
55:e0:8a:40:40:2c:14:31:22:66:d0:e1:aa:10:dc:62:3b:26:
2d:b4:4a:9f:ab:a1:bc:92:db:c6:e5:d8:de:39:60:83:c3:61:
a5:7e:7b:75:c9:ac:ff:1f:91:2e:11:d4:83:72:50:0a:0c:ba:
09:57:8c:d3:19:f2:fe:fc:8e:fb:37:ea:35:df:b6:47:15:2e:
0a:1b:26:d4:07:3a:28:02:0c:ab:74:a6:22:07:68:25:e0:ba:
49:36:88:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYcxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTUwMzMyWhcNMjUwODA0MTUwMzMyWjAYMRYw
FAYDVQQDEw02ODUxODNjZC1mYTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0l90uX5aajSmTBdr/1vKJD1ZHk9avNyuOy/gbn+cMZ+3rZjLYOAkfVdi
Jny1qVNbsa/RuRMnd6ewmy0YhFYu/s+eU4BRA8k42wnd4dTEnCPcoZhjHO0/ikyB
VLVJiwQqzKAGon1hli0kcABytABTd7sBJQZ2j1e+iqK1E9K2L2q67F6ZxYtga50T
cUcZQOmq2Pa6noHIXjfqnapYjH7muMzxlgV7p4CFgXqq6evclu/SJt/Emg7tsIFj
BGu4MlrA76qQvAQFq8cHWPBOdbPynz+k9HOZHYLqVlYcD/AZX2EeWjuehcKDh06k
vc2gL/vZVVFjd+AoB2n+NwmZmvuNQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN5g
0YvDpJnmluCp/XwIr817KerlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEU4M0ZGQTRCOEMxMUYwQTM4RUZCOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQDFnZFeco3/zQhArYIxXQwRltcUXxCns81AUTN0eCdEep1FkmT0T42k
07qWFj4u5v57gaKhY1+24AvXLitePv/nwS3tLlXIF34WzJrj1C/uzP0psVN5cSZK
E+JK/5j7I4xgixm5ff0MeK8j9UC/qRvgxaYIz5luFk93wVA1SLOH6cEBMNBQEDUF
AtGSnSZ7lxsPiw9ftVhJaI4DgmDFCriG1KBV4IpAQCwUMSJm0OGqENxiOyYttEqf
q6G8ktvG5djeOWCDw2Glfnt1yaz/H5EuEdSDclAKDLoJV4zTGfL+/I77N+o137ZH
FS4KGybUBzooAgyrdKYiB2gl4LpJNogC
-----END CERTIFICATE-----
Generated at Mon Jun 30 06:39:45 2025 by rpki-client