Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4FC2189A3E3811F0958940E5DAE4EC9C.roa
File: 4FC2189A3E3811F0958940E5DAE4EC9C.roa (raw, json)
Hash identifier: 7tv5VAVUvxmoPmEFfr/p5bBBAgE4J+bnzto99XJe+U0=
Subject key identifier: C2:FC:F5:61:8D:85:CD:9E:95:26:B3:88:77:72:B4:D7:76:EB:18:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018428
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4FC2189A3E3811F0958940E5DAE4EC9C.roa
Signing time: Sat 31 May 2025 16:00:03 +0000
ROA not before: Sat 31 May 2025 15:59:58 +0000
ROA not after: Thu 10 Jul 2025 15:59:58 +0000
asID: 395886
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 11:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99368 (0x18428)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 15:59:58 2025 GMT
Not After : Jul 10 15:59:58 2025 GMT
Subject: CN=683b2783-f08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:62:86:07:4e:20:55:97:f8:52:b6:69:a5:
cb:f7:c9:8c:b8:87:27:94:63:37:2f:08:5a:6c:08:
6e:18:67:ad:d7:c3:95:34:18:05:02:22:00:a7:19:
b2:8e:cc:d7:9c:81:c8:de:e2:e2:c5:48:f4:3d:ff:
53:9b:b8:ab:b6:db:cc:5d:2d:1a:58:47:b2:08:01:
22:23:aa:a7:ec:7f:a3:14:34:bc:20:39:07:48:71:
1a:d6:a8:ab:30:2f:26:50:93:99:e7:09:15:e0:b5:
dd:bb:e2:6b:38:b9:d2:31:e8:a0:d2:29:c0:2d:5a:
38:71:d1:c4:e8:ec:69:fc:18:34:3b:2f:f3:df:2b:
af:35:3f:99:73:55:bb:33:ea:4c:d1:e2:96:af:f5:
01:4f:da:9c:9f:54:72:c6:28:17:7f:79:41:0f:dd:
86:21:bb:48:4f:a5:8d:9f:66:e2:46:25:f8:f7:5e:
46:5a:dd:0d:03:6d:a5:7e:62:88:44:93:90:e1:8f:
bd:14:54:9f:9b:10:6f:5b:16:01:b9:84:a9:e0:ba:
cb:5c:90:96:59:74:d1:07:fb:e9:55:7b:4c:74:79:
10:08:53:2a:a5:c1:1a:d6:ec:e3:e8:13:bb:77:37:
be:7c:ac:ea:5c:85:36:32:b7:89:73:68:8c:95:e2:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:FC:F5:61:8D:85:CD:9E:95:26:B3:88:77:72:B4:D7:76:EB:18:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4FC2189A3E3811F0958940E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
35:72:a9:7f:57:f9:74:48:72:97:30:b6:29:52:d4:ec:2f:7b:
3a:dc:71:d8:a0:db:1d:fb:1e:f0:91:bb:98:61:7e:d2:17:f6:
c8:8c:da:4b:ee:f9:82:2e:ca:cd:94:9e:40:56:21:eb:38:bc:
c4:ad:7d:b6:64:5f:00:1a:6c:cf:d6:32:92:ce:d6:ae:aa:c5:
ab:be:c3:c2:90:97:e9:05:f3:e8:ee:d8:bc:5c:8a:95:5c:31:
59:fa:92:a8:e4:0a:55:a2:df:d7:e7:8a:42:75:6f:b1:e7:52:
63:a5:c4:1c:95:2e:2b:3a:dd:3d:39:2f:9e:bc:d9:bc:b5:5b:
13:70:b2:c8:68:5f:79:24:9a:06:2c:e7:13:7f:69:0e:ba:4d:
f3:d7:26:a5:b9:e2:f9:19:f4:16:ce:41:80:a4:14:bc:b0:a5:
45:d7:34:50:5f:42:9d:46:0c:25:29:e9:9a:4f:06:e7:b4:19:
37:eb:f6:54:0b:e1:d8:a6:d1:41:e6:3a:aa:c6:49:8b:f4:f6:
ba:61:21:0b:7c:12:43:72:b1:cf:2c:22:ba:d4:8b:45:cd:17:
73:2b:c7:82:d8:a7:a7:16:d1:5d:1d:e6:f9:b5:c3:c2:09:12:
f4:94:56:27:4f:d9:a1:35:ea:2e:17:7a:af:df:c4:b0:4d:e7:
08:29:f9:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYQoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTMxMTU1OTU4WhcNMjUwNzEwMTU1OTU4WjAYMRYw
FAYDVQQDEw02ODNiMjc4My1mMDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlRihgdOIFWX+FK2aaXL98mMuIcnlGM3LwhabAhuGGet18OVNBgFAiIA
pxmyjszXnIHI3uLixUj0Pf9Tm7irttvMXS0aWEeyCAEiI6qn7H+jFDS8IDkHSHEa
1qirMC8mUJOZ5wkV4LXdu+JrOLnSMeig0inALVo4cdHE6Oxp/Bg0Oy/z3yuvNT+Z
c1W7M+pM0eKWr/UBT9qcn1RyxigXf3lBD92GIbtIT6WNn2biRiX4915GWt0NA22l
fmKIRJOQ4Y+9FFSfmxBvWxYBuYSp4LrLXJCWWXTRB/vpVXtMdHkQCFMqpcEa1uzj
6BO7dze+fKzqXIU2MreJc2iMleI33QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFML8
9WGNhc2elSaziHdytNd26xjDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RkMyMTg5QTNFMzgxMUYwOTU4OTQwRTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQA1cql/V/l0SHKXMLYpUtTsL3s63HHYoNsd+x7wkbuYYX7SF/bIjNpL
7vmCLsrNlJ5AViHrOLzErX22ZF8AGmzP1jKSztauqsWrvsPCkJfpBfPo7ti8XIqV
XDFZ+pKo5ApVot/X54pCdW+x51JjpcQclS4rOt09OS+evNm8tVsTcLLIaF95JJoG
LOcTf2kOuk3z1yalueL5GfQWzkGApBS8sKVF1zRQX0KdRgwlKemaTwbntBk36/ZU
C+HYptFB5jqqxkmL9Pa6YSELfBJDcrHPLCK61ItFzRdzK8eC2KenFtFdHeb5tcPC
CRL0lFYnT9mhNeouF3qv38SwTecIKfmU
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:56:24 2025 by rpki-client