Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F952546580B11F08ADC3E78DAE4EC9C.roa
File: 4F952546580B11F08ADC3E78DAE4EC9C.roa (raw, json)
Hash identifier: kuUWylGbTbVEY0hbYLX+XtY0qlT2JMoCAwGRISkfRg8=
Subject key identifier: 10:D2:DC:1F:14:68:EB:8D:88:4D:B1:14:5E:4D:41:D1:39:1A:32:4C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A17
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F952546580B11F08ADC3E78DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 12:43:25 +0000
ROA not before: Thu 03 Jul 2025 12:43:21 +0000
ROA not after: Sat 02 Aug 2025 12:43:21 +0000
asID: 20326
IP address blocks: 154.198.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100887 (0x18a17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 12:43:21 2025 GMT
Not After : Aug 2 12:43:21 2025 GMT
Subject: CN=68667aed-ff72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0f:b6:f4:fa:6c:ec:9a:b3:b9:80:c5:67:a1:
fa:85:15:de:af:79:33:65:2c:b3:bc:1e:71:fa:94:
62:a6:0b:09:1f:31:4e:2a:50:0d:a2:8c:cd:9b:5c:
41:61:8c:d0:65:f2:2d:c9:8b:7a:61:31:c1:cb:b8:
c2:19:54:fc:d5:ab:df:75:83:a3:3d:22:5f:33:e6:
cf:ab:ce:60:68:db:e5:c1:7b:e5:15:07:96:eb:2d:
c4:00:37:fb:3b:8a:73:b3:c1:ae:b2:4b:46:7f:8f:
46:9a:48:cd:27:80:55:02:5f:3e:37:9b:2e:ac:2c:
bf:dc:62:69:1b:0d:3b:3b:0e:a4:60:50:86:87:e0:
2a:51:36:04:96:5c:8f:cd:a4:40:6c:50:8a:97:b6:
ad:29:34:c2:75:9b:69:24:40:3f:b1:b3:7d:bd:94:
78:66:d8:25:13:9f:a5:7c:cd:24:5d:b1:08:63:3b:
7e:44:6c:05:1d:f7:a9:6b:cc:48:59:49:c2:0b:e0:
50:8d:f4:1b:73:57:64:d3:69:4b:58:af:dc:c8:12:
34:f8:61:93:ae:bf:6a:f1:fd:9c:63:37:56:9d:cd:
6f:1c:d9:68:1d:5d:aa:83:36:a1:03:7f:7c:18:e6:
cc:19:65:25:17:6d:8a:55:30:5f:b7:e3:d7:25:78:
50:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D2:DC:1F:14:68:EB:8D:88:4D:B1:14:5E:4D:41:D1:39:1A:32:4C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F952546580B11F08ADC3E78DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.176.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:ca:b9:7e:2f:1f:ca:d3:ef:96:95:a8:d8:c6:52:9a:ae:72:
8a:78:88:97:d0:64:51:81:1e:53:d2:c0:34:fe:ae:d2:a5:17:
a6:e4:db:e9:08:fd:be:59:b3:88:c3:8e:34:f6:08:0a:b7:6a:
90:0a:ee:d6:52:6a:42:3d:4a:d5:5e:c2:88:89:f8:e5:18:b1:
bd:c5:2d:3b:bb:87:f2:31:cf:9a:7b:98:e0:91:ad:44:60:b8:
c0:7a:e6:99:df:6a:4b:8b:b1:fb:f9:e3:0f:ce:01:03:bc:a9:
87:69:dc:5e:22:35:d5:3a:bb:33:fc:4e:fa:fe:fd:17:53:92:
6c:7d:8b:f6:aa:1d:a2:29:8a:fd:39:38:08:c8:29:bd:b6:4c:
89:f2:ad:b0:95:c8:86:f2:07:b8:94:70:6f:3f:49:7e:12:56:
f9:f9:3c:b8:71:f7:e8:45:18:08:22:fc:f0:9d:81:98:44:17:
8a:7c:7d:71:03:a2:3b:be:ff:17:bf:d8:2d:bc:6d:ff:a9:93:
2b:64:4f:be:1d:0d:63:ca:d1:d7:67:b2:47:23:8e:a7:f8:87:
47:0c:56:7b:40:f8:1b:f2:bc:04:b8:8a:72:91:44:c7:d9:a1:
92:47:3e:86:a0:43:58:c2:e3:95:6e:88:d1:51:0e:84:59:36:
28:8d:b8:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYoXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMTI0MzIxWhcNMjUwODAyMTI0MzIxWjAYMRYw
FAYDVQQDEw02ODY2N2FlZC1mZjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtg+29Pps7JqzuYDFZ6H6hRXer3kzZSyzvB5x+pRipgsJHzFOKlANoozN
m1xBYYzQZfItyYt6YTHBy7jCGVT81avfdYOjPSJfM+bPq85gaNvlwXvlFQeW6y3E
ADf7O4pzs8GusktGf49GmkjNJ4BVAl8+N5surCy/3GJpGw07Ow6kYFCGh+AqUTYE
llyPzaRAbFCKl7atKTTCdZtpJEA/sbN9vZR4ZtglE5+lfM0kXbEIYzt+RGwFHfep
a8xIWUnCC+BQjfQbc1dk02lLWK/cyBI0+GGTrr9q8f2cYzdWnc1vHNloHV2qgzah
A398GObMGWUlF22KVTBft+PXJXhQXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBDS
3B8UaOuNiE2xFF5NQdE5GjJMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Rjk1MjU0NjU4MEIxMUYwOEFEQzNFNzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsawMA0GCSqGSIb3DQEB
CwUAA4IBAQC1yrl+Lx/K0++WlajYxlKarnKKeIiX0GRRgR5T0sA0/q7SpRem5Nvp
CP2+WbOIw4409ggKt2qQCu7WUmpCPUrVXsKIifjlGLG9xS07u4fyMc+ae5jgka1E
YLjAeuaZ32pLi7H7+eMPzgEDvKmHadxeIjXVOrsz/E76/v0XU5JsfYv2qh2iKYr9
OTgIyCm9tkyJ8q2wlciG8ge4lHBvP0l+Elb5+Ty4cffoRRgIIvzwnYGYRBeKfH1x
A6I7vv8Xv9gtvG3/qZMrZE++HQ1jytHXZ7JHI46n+IdHDFZ7QPgb8rwEuIpykUTH
2aGSRz6GoENYwuOVbojRUQ6EWTYojbgf
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:08:18 2025 by rpki-client