Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/410144A6576111F0972D0AA2DAE4EC9C.roa
File: 410144A6576111F0972D0AA2DAE4EC9C.roa (raw, json)
Hash identifier: c7FdM03FO/mTBVXp+fJ/xaVKJNwKoRpm43ONyNwFb2I=
Subject key identifier: 7F:E9:44:EC:FE:B0:F5:85:4F:E3:F5:7E:90:27:4B:34:69:D3:0F:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189EA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/410144A6576111F0972D0AA2DAE4EC9C.roa
Signing time: Wed 02 Jul 2025 16:26:07 +0000
ROA not before: Wed 02 Jul 2025 16:26:02 +0000
ROA not after: Thu 25 Jun 2026 16:26:02 +0000
asID: 136744
IP address blocks: 154.206.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100842 (0x189ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 2 16:26:02 2025 GMT
Not After : Jun 25 16:26:02 2026 GMT
Subject: CN=68655d9e-9a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:58:2c:ed:d5:8a:33:c3:ce:ae:fc:f8:81:bc:
cd:43:80:98:66:b8:16:3a:25:45:c5:45:9c:8e:66:
7b:62:77:12:ba:99:ee:e4:f3:d3:46:bd:72:10:97:
55:77:2c:ca:4f:5e:85:8e:5c:41:4e:71:66:4c:fd:
86:75:37:42:02:5e:d7:61:61:db:81:8a:ab:7e:9b:
a3:4d:a4:d2:45:26:e1:d7:5e:52:13:2e:17:50:bc:
c2:c8:88:11:10:3e:c5:5a:d1:59:69:31:41:18:d7:
1f:21:42:a8:9d:08:29:c8:99:03:23:8d:e5:6a:ca:
e4:f5:85:6f:4d:7b:03:0e:04:20:38:e1:c2:2c:2e:
d3:4b:40:45:60:26:f5:ba:66:84:b6:4d:f4:7e:90:
23:fd:77:96:02:f3:71:b0:e5:7d:93:76:43:bf:99:
2e:45:6c:c2:b7:cf:f0:ac:5d:f6:81:90:f7:1e:fe:
21:a2:81:3a:f3:39:a7:a8:13:b3:8a:ee:22:a2:86:
b0:14:44:4b:47:b2:36:e9:09:5e:50:e3:57:09:21:
d2:99:d0:cd:30:95:84:d5:de:8b:63:85:b0:8f:18:
25:50:36:d4:72:05:1c:88:c3:58:ed:0d:84:3b:6a:
37:b5:7d:f7:39:b0:bf:ea:9f:8c:2b:dd:b3:f0:5f:
16:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E9:44:EC:FE:B0:F5:85:4F:E3:F5:7E:90:27:4B:34:69:D3:0F:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/410144A6576111F0972D0AA2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.14.0/23
Signature Algorithm: sha256WithRSAEncryption
09:45:57:7d:35:b4:a7:46:97:15:08:2e:da:ce:70:2a:78:e3:
20:16:33:c8:7b:08:c4:d2:bb:dc:c1:c6:2d:46:cf:c0:71:08:
4c:6a:9e:7e:a6:55:71:3b:e7:1b:f7:b1:11:52:a3:47:1f:77:
4a:5f:90:59:4e:68:db:a3:dd:21:02:6d:62:cf:7c:41:fb:10:
57:9d:a0:1c:87:9a:c8:fd:df:01:bd:2e:79:5b:68:ed:38:ec:
51:eb:13:33:92:98:ee:10:62:92:c1:8e:b2:c9:91:43:48:99:
f7:d7:c6:c9:d1:05:bf:de:dc:12:89:b6:00:a7:09:db:89:f6:
4c:08:f3:61:22:c7:86:07:46:1b:ad:30:32:37:ea:57:15:4f:
ca:0e:32:36:90:dc:21:ef:c7:c7:71:fa:7f:2c:a7:17:9c:40:
a7:41:95:2e:aa:ba:0b:3f:23:f8:df:f1:04:e4:95:94:e5:c3:
6d:2a:b4:31:b5:1d:4a:1f:b5:fa:32:9d:9b:e8:5f:13:7a:58:
c2:ce:5f:1f:ee:3a:03:e1:eb:c1:41:53:27:c0:c1:fc:f0:17:
1a:c1:c9:3d:7f:3f:b5:e1:81:f0:03:27:5b:00:be:da:92:0b:
18:0b:1e:6b:ab:4d:36:7e:1b:69:70:51:cb:fa:81:57:5e:af:
82:86:29:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYnqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAyMTYyNjAyWhcNMjYwNjI1MTYyNjAyWjAYMRYw
FAYDVQQDEw02ODY1NWQ5ZS05YTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFgs7dWKM8POrvz4gbzNQ4CYZrgWOiVFxUWcjmZ7YncSupnu5PPTRr1y
EJdVdyzKT16FjlxBTnFmTP2GdTdCAl7XYWHbgYqrfpujTaTSRSbh115SEy4XULzC
yIgRED7FWtFZaTFBGNcfIUKonQgpyJkDI43lasrk9YVvTXsDDgQgOOHCLC7TS0BF
YCb1umaEtk30fpAj/XeWAvNxsOV9k3ZDv5kuRWzCt8/wrF32gZD3Hv4hooE68zmn
qBOziu4iooawFERLR7I26QleUONXCSHSmdDNMJWE1d6LY4WwjxglUDbUcgUciMNY
7Q2EO2o3tX33ObC/6p+MK92z8F8WIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH/p
ROz+sPWFT+P1fpAnSzRp0w+AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MTAxNDRBNjU3NjExMUYwOTcyRDBBQTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms4OMA0GCSqGSIb3DQEB
CwUAA4IBAQAJRVd9NbSnRpcVCC7aznAqeOMgFjPIewjE0rvcwcYtRs/AcQhMap5+
plVxO+cb97ERUqNHH3dKX5BZTmjbo90hAm1iz3xB+xBXnaAch5rI/d8BvS55W2jt
OOxR6xMzkpjuEGKSwY6yyZFDSJn318bJ0QW/3twSibYApwnbifZMCPNhIseGB0Yb
rTAyN+pXFU/KDjI2kNwh78fHcfp/LKcXnECnQZUuqroLPyP43/EE5JWU5cNtKrQx
tR1KH7X6Mp2b6F8TeljCzl8f7joD4evBQVMnwMH88Bcawck9fz+14YHwAydbAL7a
kgsYCx5rq002fhtpcFHL+oFXXq+ChilM
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:09:42 2025 by rpki-client