Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4951740C45F811F0A806BEC9DAE4EC9C.roa
File: 4951740C45F811F0A806BEC9DAE4EC9C.roa (raw, json)
Hash identifier: Ft0EgaiPyy4lbQQ7hzJbLTQKf1XfbWLOsJfTPwkvSAM=
Subject key identifier: 21:DB:38:DE:0F:4C:BA:67:5C:34:D1:C9:DE:07:56:18:6D:68:BB:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4951740C45F811F0A806BEC9DAE4EC9C.roa
Signing time: Tue 10 Jun 2025 12:41:54 +0000
ROA not before: Tue 10 Jun 2025 12:41:47 +0000
ROA not after: Thu 17 Jul 2025 12:41:47 +0000
asID: 214120
IP address blocks: 154.199.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 13:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99774 (0x185be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 10 12:41:47 2025 GMT
Not After : Jul 17 12:41:47 2025 GMT
Subject: CN=68482811-a77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:97:b2:21:6d:06:f5:07:20:26:86:b0:16:86:
ff:15:c6:6f:22:ea:09:69:e1:9b:70:3a:e0:a0:11:
92:42:eb:63:32:de:64:c4:af:78:24:ee:b8:2f:ae:
c6:93:06:d8:15:ae:0b:19:0c:78:ac:7a:ca:c1:eb:
ee:9f:84:87:e8:65:7d:b6:ee:2b:c3:16:9b:11:05:
dc:ab:4a:4a:9b:d3:86:d2:e5:20:45:7d:dd:18:ce:
c8:d9:25:7a:01:0e:ef:4b:51:0b:83:62:0b:e1:20:
c2:6b:8c:40:e4:18:15:6b:1d:af:a6:57:93:90:ca:
9e:10:f4:0b:c6:48:40:bb:12:7d:bd:a7:06:b2:4f:
1d:c8:03:17:d0:ef:1d:2e:5b:6b:cf:fb:15:58:dd:
73:4d:0d:18:bd:eb:61:e9:75:66:a3:ec:ad:b6:fa:
1a:f0:cf:93:23:fe:d5:db:27:35:19:18:76:5c:22:
fc:65:68:f2:ff:68:b9:b5:3a:1d:30:34:0f:7b:b5:
df:f9:7f:94:1a:92:1a:76:7d:db:dc:09:4b:4d:ef:
5d:52:97:f8:20:71:66:e4:68:e6:dd:c8:15:55:be:
0f:70:52:75:91:01:bd:ad:bf:42:41:e6:e2:18:df:
9e:fd:a9:3a:3b:61:1d:47:ea:0e:2f:6e:cb:21:32:
58:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DB:38:DE:0F:4C:BA:67:5C:34:D1:C9:DE:07:56:18:6D:68:BB:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4951740C45F811F0A806BEC9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.1.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:89:70:a5:7e:f4:58:f9:af:c8:86:ae:2e:98:0d:92:d7:17:
2e:3c:92:4e:4c:5f:81:45:a3:eb:f9:68:53:b5:54:6c:74:ae:
f1:66:0e:0e:a0:3a:70:34:1b:5c:68:43:e8:02:2e:ad:c0:a0:
2c:11:ed:b6:bd:d8:c6:76:93:24:13:ef:6e:25:a4:d0:e1:bb:
65:49:f8:8f:04:7d:17:4e:32:cb:93:b3:d7:f0:19:1f:92:63:
b4:00:59:6f:fd:5e:b4:91:d2:07:6f:ef:6c:9c:2e:01:1c:0d:
d1:c1:e5:c5:6a:04:a7:7e:5d:78:b4:26:e8:be:01:fd:2d:e9:
cf:6c:38:37:91:1d:de:18:4f:26:04:96:e6:d5:3a:9c:23:ea:
f1:a3:6e:a0:53:b1:0c:9f:b9:91:5b:1a:d1:d0:64:35:99:c2:
49:7e:75:f8:f0:53:69:63:60:13:8c:89:03:95:de:3f:36:96:
4b:29:4e:d6:de:99:f4:25:0b:bc:53:9e:b8:c8:f9:62:52:0d:
47:42:58:5a:39:de:fb:84:54:6c:b0:43:00:b5:5e:48:33:6a:
7a:f5:af:18:b2:ef:27:e6:5a:66:36:d8:94:8d:81:0d:13:c8:
09:6f:e3:ce:b0:b9:04:01:be:0e:ea:56:b7:6b:1a:fa:af:ea:
d9:ba:19:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYW+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEwMTI0MTQ3WhcNMjUwNzE3MTI0MTQ3WjAYMRYw
FAYDVQQDEw02ODQ4MjgxMS1hNzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn5eyIW0G9QcgJoawFob/FcZvIuoJaeGbcDrgoBGSQutjMt5kxK94JO64
L67GkwbYFa4LGQx4rHrKwevun4SH6GV9tu4rwxabEQXcq0pKm9OG0uUgRX3dGM7I
2SV6AQ7vS1ELg2IL4SDCa4xA5BgVax2vpleTkMqeEPQLxkhAuxJ9vacGsk8dyAMX
0O8dLltrz/sVWN1zTQ0Yveth6XVmo+yttvoa8M+TI/7V2yc1GRh2XCL8ZWjy/2i5
tTodMDQPe7Xf+X+UGpIadn3b3AlLTe9dUpf4IHFm5Gjm3cgVVb4PcFJ1kQG9rb9C
QebiGN+e/ak6O2EdR+oOL27LITJY3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCHb
ON4PTLpnXDTRyd4HVhhtaLvZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTUxNzQwQzQ1RjgxMUYwQTgwNkJFQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscBMA0GCSqGSIb3DQEB
CwUAA4IBAQCziXClfvRY+a/Ihq4umA2S1xcuPJJOTF+BRaPr+WhTtVRsdK7xZg4O
oDpwNBtcaEPoAi6twKAsEe22vdjGdpMkE+9uJaTQ4btlSfiPBH0XTjLLk7PX8Bkf
kmO0AFlv/V60kdIHb+9snC4BHA3RweXFagSnfl14tCbovgH9LenPbDg3kR3eGE8m
BJbm1TqcI+rxo26gU7EMn7mRWxrR0GQ1mcJJfnX48FNpY2ATjIkDld4/NpZLKU7W
3pn0JQu8U564yPliUg1HQlhaOd77hFRssEMAtV5IM2p69a8Ysu8n5lpmNtiUjYEN
E8gJb+POsLkEAb4O6la3axr6r+rZuhmt
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:35:28 2025 by rpki-client