Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43BB744A57F811F0A893987FDAE4EC9C.roa
File: 43BB744A57F811F0A893987FDAE4EC9C.roa (raw, json)
Hash identifier: pNzBjJs+uUqLOl+tfErN5u0Rp57LwPEi7EPrU0EyLt4=
Subject key identifier: F3:AD:DC:DA:A3:6D:D9:D3:6D:1B:D9:25:82:7F:A3:9D:65:96:EB:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43BB744A57F811F0A893987FDAE4EC9C.roa
Signing time: Thu 03 Jul 2025 10:27:05 +0000
ROA not before: Thu 03 Jul 2025 10:27:00 +0000
ROA not after: Thu 17 Jul 2025 10:27:00 +0000
asID: 54801
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.214.32.0/19 maxlen: 24
154.215.0.0/24 maxlen: 24
154.216.128.0/18 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100859 (0x189fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 10:27:00 2025 GMT
Not After : Jul 17 10:27:00 2025 GMT
Subject: CN=68665af9-947e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d2:c0:15:77:f9:08:15:b5:72:5c:8b:24:a5:
5e:a7:a3:24:e7:2c:84:7c:73:76:b3:44:b7:75:5c:
c9:f4:4b:d3:94:1d:60:57:05:dd:34:f5:4d:b7:68:
f4:8c:6b:49:2c:7d:e4:ec:f3:da:91:50:83:a4:94:
89:53:fd:74:f5:ed:29:62:98:7d:1b:ed:b3:32:91:
90:64:70:6d:f7:11:89:4d:45:d1:75:83:30:8a:b8:
62:31:13:a4:5b:7a:68:b5:23:4f:c2:e5:be:5e:0b:
9e:ba:c5:94:fe:e2:34:fd:d7:00:94:86:06:4c:05:
2e:ae:de:79:07:9c:ef:6e:1d:b0:dc:4c:fd:0d:e3:
7d:7d:a9:4e:8e:42:13:ef:85:16:44:e1:1f:24:37:
6e:3b:83:20:fa:22:f5:36:3c:4e:fc:a9:a5:e1:bd:
e2:fd:3c:f6:7e:fd:44:af:7e:ca:78:12:2b:a4:25:
5e:59:da:42:a9:b8:33:04:b2:ce:e0:60:29:65:42:
d4:8a:7e:c6:08:bc:29:d1:80:4c:37:5b:0e:24:ce:
f8:e5:a3:be:f3:eb:ed:b7:67:33:9b:9b:71:9e:48:
99:f2:00:92:0e:59:14:92:13:02:25:e0:ab:2e:70:
eb:4a:6d:41:93:62:ea:a3:8f:18:b2:60:a4:fd:c1:
16:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AD:DC:DA:A3:6D:D9:D3:6D:1B:D9:25:82:7F:A3:9D:65:96:EB:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43BB744A57F811F0A893987FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.214.32.0/19
154.215.0.0/24
154.216.128.0/18
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6b:08:cb:46:40:b8:e5:22:60:09:c4:7a:95:f2:ff:cd:47:
f2:92:d4:28:8c:03:07:5a:39:2c:6f:9c:6f:94:6a:b6:5b:59:
43:4c:20:d1:68:48:0d:2c:8b:b8:23:df:b9:71:84:a8:33:fa:
f5:41:68:49:b7:d8:89:eb:4a:59:35:bb:a5:1d:98:16:05:3e:
2d:da:60:1a:80:f4:35:96:9e:18:5c:31:84:e3:06:93:45:fc:
f7:dc:15:58:9f:df:ac:29:bc:22:15:cf:e2:ed:e2:d0:0d:08:
87:67:b4:85:93:3a:67:33:c7:8a:18:91:d0:8b:19:ec:19:aa:
29:32:a0:62:c7:bf:97:18:89:b6:31:9c:97:4c:72:ce:5f:a6:
63:4f:f6:2a:e2:ef:43:d9:dc:c9:2a:aa:6c:c5:05:97:92:f9:
8c:b7:17:c8:f9:23:c5:72:09:63:6a:14:bd:be:60:93:85:82:
59:21:b4:da:7e:65:0a:70:f9:10:f1:20:9c:8c:3a:34:b7:1f:
f2:a4:88:67:e1:06:cd:f2:a8:fa:38:7b:bd:13:25:8a:4f:ae:
c6:b9:a1:7e:f7:cb:b9:fa:cf:07:74:df:c6:de:fc:57:84:29:
1e:05:de:04:ee:f2:2b:47:6b:d6:ff:bd:65:67:51:1e:1a:a1:
16:b0:c2:fd
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAYn7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMTAyNzAwWhcNMjUwNzE3MTAyNzAwWjAYMRYw
FAYDVQQDEw02ODY2NWFmOS05NDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwNLAFXf5CBW1clyLJKVep6Mk5yyEfHN2s0S3dVzJ9EvTlB1gVwXdNPVN
t2j0jGtJLH3k7PPakVCDpJSJU/109e0pYph9G+2zMpGQZHBt9xGJTUXRdYMwirhi
MROkW3potSNPwuW+XgueusWU/uI0/dcAlIYGTAUurt55B5zvbh2w3Ez9DeN9falO
jkIT74UWROEfJDduO4Mg+iL1NjxO/Kml4b3i/Tz2fv1Er37KeBIrpCVeWdpCqbgz
BLLO4GApZULUin7GCLwp0YBMN1sOJM745aO+8+vtt2czm5txnkiZ8gCSDlkUkhMC
JeCrLnDrSm1Bk2Lqo48YsmCk/cEWVQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFPOt
3NqjbdnTbRvZJYJ/o51llusKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0JCNzQ0QTU3RjgxMUYwQTg5Mzk4N0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBAWa1iADBACa1wADBAaa2IADBACa2gADBACa3QAwDQYJKoZIhvcN
AQELBQADggEBAIxrCMtGQLjlImAJxHqV8v/NR/KS1CiMAwdaOSxvnG+UarZbWUNM
INFoSA0si7gj37lxhKgz+vVBaEm32InrSlk1u6UdmBYFPi3aYBqA9DWWnhhcMYTj
BpNF/PfcFVif36wpvCIVz+Lt4tANCIdntIWTOmczx4oYkdCLGewZqikyoGLHv5cY
ibYxnJdMcs5fpmNP9iri70PZ3MkqqmzFBZeS+Yy3F8j5I8VyCWNqFL2+YJOFglkh
tNp+ZQpw+RDxIJyMOjS3H/KkiGfhBs3yqPo4e70TJYpPrsa5oX73y7n6zwd038be
/FeEKR4F3gTu8itHa9b/vWVnUR4aoRawwv0=
-----END CERTIFICATE-----
Generated at Fri Jul 4 10:08:22 2025 by rpki-client