Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4917CC064ABD11F0BECA72DDDAE4EC9C.roa
File: 4917CC064ABD11F0BECA72DDDAE4EC9C.roa (raw, json)
Hash identifier: M21BvrQazhEbxni4W01cVU4q3IrKubflkXjClAe2O/A=
Subject key identifier: 7E:F1:84:08:13:04:14:E0:09:FD:B2:A0:F9:54:9A:D1:23:E2:17:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0186E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4917CC064ABD11F0BECA72DDDAE4EC9C.roa
Signing time: Mon 16 Jun 2025 14:22:09 +0000
ROA not before: Mon 16 Jun 2025 14:22:04 +0000
ROA not after: Tue 22 Jul 2025 14:22:04 +0000
asID: 63969
IP address blocks: 154.89.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100067 (0x186e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 16 14:22:04 2025 GMT
Not After : Jul 22 14:22:04 2025 GMT
Subject: CN=68502891-e489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:0a:25:14:5d:97:fb:0a:2f:b6:f7:bd:33:
20:af:28:73:20:4b:04:01:d4:8d:7c:cd:be:57:08:
3c:29:8a:ec:f5:2d:04:37:ca:70:61:c9:cc:86:3b:
d6:55:0a:34:63:8c:1e:bf:34:57:0c:22:27:17:13:
21:1b:ee:29:77:d9:a8:0b:c3:8a:de:71:24:a6:49:
b1:84:02:23:54:b6:ac:23:33:8b:e8:d8:05:97:2d:
a7:0c:0b:d4:4a:38:2b:18:0f:80:6a:6a:f0:e5:04:
79:f2:e3:83:ab:9e:a2:1c:b1:ed:eb:d5:b7:d6:c1:
1f:74:6e:12:72:3c:79:bd:b1:1d:e5:41:4b:4c:68:
af:5f:4d:6a:bf:ea:16:2c:13:c1:b3:ec:40:f8:65:
64:6e:f5:b6:b6:c1:00:39:bc:7a:c8:37:b9:67:3d:
64:f1:82:a7:8c:79:de:a9:64:41:e3:56:c1:62:75:
6e:b4:8d:d1:68:7f:d1:3e:42:a9:4e:e2:3e:c9:61:
0f:0e:aa:ea:3f:62:31:b8:dc:df:12:71:7c:88:b5:
87:13:c3:ed:c7:ca:e4:47:c5:5b:82:e6:dd:08:38:
75:58:a1:6f:2b:27:db:eb:51:20:82:a8:fe:b8:a3:
f5:aa:bb:c9:52:74:5d:ab:93:03:c7:d6:05:cf:84:
4c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F1:84:08:13:04:14:E0:09:FD:B2:A0:F9:54:9A:D1:23:E2:17:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4917CC064ABD11F0BECA72DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.7.0/24
Signature Algorithm: sha256WithRSAEncryption
52:cb:ba:51:cd:57:4e:01:f8:ac:13:65:3d:08:39:ae:8e:27:
d0:55:00:f7:63:7b:81:d9:2f:f7:6d:93:9d:c7:76:0a:c8:9a:
bb:67:da:39:18:db:2d:31:d4:f5:83:20:f5:48:e4:21:30:ff:
8e:ab:04:42:be:4d:ec:72:a3:1f:bb:d9:64:09:b9:bb:90:a2:
96:07:94:f4:c0:b4:37:5a:cb:2a:65:41:65:11:65:fb:d5:4e:
72:c4:2f:98:56:f6:03:98:68:26:b3:f1:3b:be:e7:ee:b0:ac:
54:27:0d:5a:13:44:de:29:66:e5:0e:a7:d4:f7:6e:24:fe:62:
f6:bf:cf:89:3a:cf:42:f2:63:11:ec:d5:52:d0:16:53:75:09:
b1:5c:4a:36:ba:a1:ef:a0:e9:93:7a:f1:a5:17:d0:6d:38:41:
48:c1:72:cb:c6:0c:39:31:64:ce:06:89:0e:dc:20:d8:ec:e2:
21:3a:26:27:65:f2:3b:e2:a7:e1:7a:bb:d3:78:4c:10:e2:ce:
15:da:3c:5d:17:c4:d7:78:50:6f:7e:85:41:24:16:13:83:6a:
f5:bd:4b:49:ca:51:34:3e:9a:4e:68:4f:c7:0c:e1:6f:64:aa:
cf:12:fc:99:46:92:9d:44:f6:20:fd:0c:97:0a:5a:b2:83:32:
e1:63:da:c8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYbjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE2MTQyMjA0WhcNMjUwNzIyMTQyMjA0WjAYMRYw
FAYDVQQDEw02ODUwMjg5MS1lNDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvv0KJRRdl/sKL7b3vTMgryhzIEsEAdSNfM2+Vwg8KYrs9S0EN8pwYcnM
hjvWVQo0Y4wevzRXDCInFxMhG+4pd9moC8OK3nEkpkmxhAIjVLasIzOL6NgFly2n
DAvUSjgrGA+Aamrw5QR58uODq56iHLHt69W31sEfdG4Scjx5vbEd5UFLTGivX01q
v+oWLBPBs+xA+GVkbvW2tsEAObx6yDe5Zz1k8YKnjHneqWRB41bBYnVutI3RaH/R
PkKpTuI+yWEPDqrqP2IxuNzfEnF8iLWHE8Ptx8rkR8VbgubdCDh1WKFvKyfb61Eg
gqj+uKP1qrvJUnRdq5MDx9YFz4RMrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH7x
hAgTBBTgCf2yoPlUmtEj4hfbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTE3Q0MwNjRBQkQxMUYwQkVDQTcyREREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkHMA0GCSqGSIb3DQEB
CwUAA4IBAQBSy7pRzVdOAfisE2U9CDmujifQVQD3Y3uB2S/3bZOdx3YKyJq7Z9o5
GNstMdT1gyD1SOQhMP+OqwRCvk3scqMfu9lkCbm7kKKWB5T0wLQ3WssqZUFlEWX7
1U5yxC+YVvYDmGgms/E7vufusKxUJw1aE0TeKWblDqfU924k/mL2v8+JOs9C8mMR
7NVS0BZTdQmxXEo2uqHvoOmTevGlF9BtOEFIwXLLxgw5MWTOBokO3CDY7OIhOiYn
ZfI74qfhervTeEwQ4s4V2jxdF8TXeFBvfoVBJBYTg2r1vUtJylE0PppOaE/HDOFv
ZKrPEvyZRpKdRPYg/QyXClqygzLhY9rI
-----END CERTIFICATE-----
Generated at Wed Jul 2 00:15:46 2025 by rpki-client