Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/510836AE580911F0B8ECF4E9DAE4EC9C.roa
File: 510836AE580911F0B8ECF4E9DAE4EC9C.roa (raw, json)
Hash identifier: H+E7LCAHnOkD8YaH7+A7CGAq+sijxJH7Xipnw8CFS7s=
Subject key identifier: 08:FD:12:AB:ED:DD:B2:D6:25:3C:D1:B5:7E:15:B2:20:13:68:C2:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A13
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/510836AE580911F0B8ECF4E9DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 12:29:09 +0000
ROA not before: Thu 03 Jul 2025 12:29:03 +0000
ROA not after: Sun 02 Aug 2026 12:29:03 +0000
asID: 984
IP address blocks: 154.200.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 10:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100883 (0x18a13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 12:29:03 2025 GMT
Not After : Aug 2 12:29:03 2026 GMT
Subject: CN=68667795-fea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bb:f3:0a:f0:e4:46:cd:ba:d8:c2:2c:99:ec:
87:f6:82:e2:fb:0c:a3:a6:a4:49:fc:e4:55:71:a1:
99:8d:1a:dd:5a:e5:1a:3d:65:00:fb:62:10:cb:9a:
c6:b8:b9:83:ed:31:d3:ad:10:30:38:8d:5f:c0:c3:
cc:d2:04:2c:4d:01:c3:49:a7:a5:ef:5c:00:7d:84:
b5:7d:99:cd:d5:c2:75:b6:16:2a:98:e7:7a:5e:7b:
3b:32:e4:40:a1:39:b1:3c:a2:83:26:69:7d:cb:18:
72:e2:e9:fd:97:c4:f6:99:77:53:ec:df:3a:13:3e:
b9:13:c1:51:4c:b4:93:d2:20:52:dc:ed:47:75:38:
30:33:47:30:89:ff:95:34:8e:0b:0b:da:42:e4:cf:
ea:51:68:0d:c4:53:c3:b4:0d:c6:fa:72:20:1a:60:
96:68:1e:f1:bb:af:34:37:f4:30:fe:ef:6e:1e:05:
59:1d:33:68:e8:d6:c2:53:e5:65:e1:ee:18:60:70:
c0:64:f0:72:82:bd:a9:d9:c3:74:a8:6a:5a:c2:77:
3c:24:91:05:6c:91:b9:5c:eb:1c:7f:77:66:e5:9f:
d2:07:e1:04:36:e7:db:4b:db:bc:0c:e8:9e:dd:2e:
e0:66:c8:a7:e9:8e:d5:e2:26:ce:e7:e8:46:a2:07:
2b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FD:12:AB:ED:DD:B2:D6:25:3C:D1:B5:7E:15:B2:20:13:68:C2:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/510836AE580911F0B8ECF4E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.44.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:31:d4:53:12:61:68:4a:c6:47:7f:15:59:63:c0:bc:b2:89:
2f:ae:6a:0f:c2:15:f8:cf:c7:40:44:ef:b1:09:31:76:0d:d7:
33:9d:94:fa:8d:0e:84:f7:60:94:c1:e2:07:1f:e2:2f:1a:d9:
99:77:6d:02:fd:ff:c7:ad:25:32:ba:d7:a3:49:cf:01:a2:57:
83:a4:5b:a4:76:5e:48:19:53:19:b3:93:27:f5:f3:e5:c4:c8:
6a:83:a7:c2:1b:cd:34:40:46:c2:cb:49:a2:b4:42:7c:db:7a:
6b:d9:ba:6b:4c:32:22:0e:47:be:e3:52:3b:a8:81:64:69:11:
cb:1d:90:c4:06:02:4c:dd:b9:18:49:59:bb:02:d2:84:9b:ba:
3a:e2:af:62:69:c9:01:c3:e0:af:9d:43:ee:17:aa:60:6f:03:
89:d2:e3:5c:28:f8:93:79:ff:c4:ae:d6:80:9c:90:b5:86:7b:
2e:59:12:20:5d:2e:c7:82:71:1a:42:b0:75:76:c5:c4:1a:fc:
14:4b:da:f4:97:73:af:82:f9:c9:d1:53:7c:be:db:a3:36:1d:
3a:20:07:1b:77:dc:58:3a:f5:ec:96:27:ea:d2:4b:da:84:60:
1b:ae:9a:63:a7:d6:c4:1b:4f:1b:5c:03:40:a8:7f:47:d3:96:
44:36:f7:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYoTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMTIyOTAzWhcNMjYwODAyMTIyOTAzWjAYMRYw
FAYDVQQDEw02ODY2Nzc5NS1mZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA77vzCvDkRs262MIsmeyH9oLi+wyjpqRJ/ORVcaGZjRrdWuUaPWUA+2IQ
y5rGuLmD7THTrRAwOI1fwMPM0gQsTQHDSael71wAfYS1fZnN1cJ1thYqmOd6Xns7
MuRAoTmxPKKDJml9yxhy4un9l8T2mXdT7N86Ez65E8FRTLST0iBS3O1HdTgwM0cw
if+VNI4LC9pC5M/qUWgNxFPDtA3G+nIgGmCWaB7xu680N/Qw/u9uHgVZHTNo6NbC
U+Vl4e4YYHDAZPBygr2p2cN0qGpawnc8JJEFbJG5XOscf3dm5Z/SB+EENufbS9u8
DOie3S7gZsin6Y7V4ibO5+hGogcrgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAj9
Eqvt3bLWJTzRtX4VsiATaMKKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MTA4MzZBRTU4MDkxMUYwQjhFQ0Y0RTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsgsMA0GCSqGSIb3DQEB
CwUAA4IBAQANMdRTEmFoSsZHfxVZY8C8sokvrmoPwhX4z8dARO+xCTF2DdcznZT6
jQ6E92CUweIHH+IvGtmZd20C/f/HrSUyutejSc8BoleDpFukdl5IGVMZs5Mn9fPl
xMhqg6fCG800QEbCy0mitEJ823pr2bprTDIiDke+41I7qIFkaRHLHZDEBgJM3bkY
SVm7AtKEm7o64q9iackBw+CvnUPuF6pgbwOJ0uNcKPiTef/ErtaAnJC1hnsuWRIg
XS7HgnEaQrB1dsXEGvwUS9r0l3OvgvnJ0VN8vtujNh06IAcbd9xYOvXslifq0kva
hGAbrppjp9bEG08bXANAqH9H05ZENveK
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:37:35 2025 by rpki-client