Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54AB76A84E9111F0B707D0DBDAE4EC9C.roa
File: 54AB76A84E9111F0B707D0DBDAE4EC9C.roa (raw, json)
Hash identifier: GhMlRazfnt+bfsxq9V3TGLpomW0QJY/H93EaP/Nw+O0=
Subject key identifier: 8F:E0:5F:CF:A1:52:73:80:93:4D:F6:7D:04:4C:03:57:B3:C5:0F:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54AB76A84E9111F0B707D0DBDAE4EC9C.roa
Signing time: Sat 21 Jun 2025 11:17:35 +0000
ROA not before: Sat 21 Jun 2025 11:17:31 +0000
ROA not after: Sun 27 Jul 2025 11:17:31 +0000
asID: 40779
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 00:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100280 (0x187b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 21 11:17:31 2025 GMT
Not After : Jul 27 11:17:31 2025 GMT
Subject: CN=685694ce-cc37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:bc:07:cf:7b:05:c0:c4:ad:60:a6:30:04:
d2:c6:ba:7d:0a:74:16:b5:c7:75:b5:0c:7e:85:4e:
4b:a3:b1:11:68:a4:4e:df:32:85:aa:7b:b5:78:a6:
74:1f:38:f2:e0:42:0a:0d:a5:16:4a:0b:d9:b5:6e:
a0:91:e6:08:dc:90:d0:af:10:c2:42:c0:89:7f:9d:
e9:14:63:38:f2:31:17:e2:c7:8d:6d:2b:bc:b5:c6:
fd:95:06:13:35:47:09:88:d8:5f:34:7c:e7:57:50:
0f:86:fa:6c:79:f8:4c:3a:2f:54:af:82:82:5e:74:
52:90:ea:62:ff:e8:66:f7:14:df:06:44:b4:b0:a4:
18:81:fc:d4:33:c9:1a:6d:8e:ab:57:53:a2:47:85:
22:e5:35:09:be:12:9f:56:71:e4:cd:7f:36:9e:4f:
6c:5d:94:7c:fa:b9:7d:25:a1:2c:89:fb:72:6e:4f:
6d:34:7e:8c:30:49:ae:c0:ef:ac:4a:fe:cf:6e:1a:
90:f3:bd:c5:dd:6f:81:25:03:dc:cb:88:f7:17:63:
6b:7b:b3:fd:2d:b8:75:2a:cd:6a:d0:13:70:d0:d6:
88:9e:88:26:a1:ba:37:bb:83:97:c0:e1:d5:9d:b9:
fc:63:e0:39:66:d1:bb:dd:6d:da:16:3a:2b:18:56:
39:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E0:5F:CF:A1:52:73:80:93:4D:F6:7D:04:4C:03:57:B3:C5:0F:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/54AB76A84E9111F0B707D0DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:76:43:f5:ca:27:fd:49:f4:98:6a:8e:f1:16:0b:5d:c3:08:
ca:db:dd:e9:d0:9d:2f:73:c9:67:6a:84:33:25:32:b0:2d:61:
f5:25:c4:3f:35:84:f5:83:5a:8c:cf:ae:0a:b8:06:3c:1b:35:
0c:cd:e1:94:6f:d9:b7:f0:0b:0f:d9:ed:02:bd:9a:e4:bc:53:
48:01:db:e5:c0:e1:86:d7:fa:d6:b5:ab:d2:cc:85:22:4f:c7:
99:81:d6:6a:e6:1e:20:8e:38:ff:f4:fd:43:ff:93:0d:29:f0:
5c:59:7c:3d:0e:50:51:03:d6:a9:18:35:41:0e:96:58:ff:ff:
a6:c2:e5:56:d5:2b:12:6d:cc:5f:60:15:5b:bf:b5:02:17:b7:
83:a5:91:ea:0a:37:d3:32:48:8e:20:1d:1f:32:f3:ad:b4:e5:
84:a8:5b:bf:2d:4a:3c:c9:b2:a0:40:34:87:5f:9a:48:f4:03:
46:de:3e:6c:d8:58:21:a3:af:f2:e5:ff:cd:a2:b6:3e:5d:cc:
d1:33:09:a3:b9:01:b0:d1:d4:1c:f3:48:63:26:af:d7:b2:e4:
00:46:63:69:d0:98:cd:b3:c5:5e:35:ca:1c:f9:1b:2b:54:13:
ec:80:24:46:12:18:cd:a2:5b:8d:4f:29:44:8d:d2:77:ea:ee:
c8:4a:88:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYe4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIxMTExNzMxWhcNMjUwNzI3MTExNzMxWjAYMRYw
FAYDVQQDEw02ODU2OTRjZS1jYzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt0+8B897BcDErWCmMATSxrp9CnQWtcd1tQx+hU5Lo7ERaKRO3zKFqnu1
eKZ0Hzjy4EIKDaUWSgvZtW6gkeYI3JDQrxDCQsCJf53pFGM48jEX4seNbSu8tcb9
lQYTNUcJiNhfNHznV1APhvpsefhMOi9Ur4KCXnRSkOpi/+hm9xTfBkS0sKQYgfzU
M8kabY6rV1OiR4Ui5TUJvhKfVnHkzX82nk9sXZR8+rl9JaEsiftybk9tNH6MMEmu
wO+sSv7PbhqQ873F3W+BJQPcy4j3F2Nre7P9Lbh1Ks1q0BNw0NaInogmobo3u4OX
wOHVnbn8Y+A5ZtG73W3aFjorGFY5dwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI/g
X8+hUnOAk032fQRMA1ezxQ8eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NEFCNzZBODRFOTExMUYwQjcwN0QwREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQB6dkP1yif9SfSYao7xFgtdwwjK293p0J0vc8lnaoQzJTKwLWH1JcQ/
NYT1g1qMz64KuAY8GzUMzeGUb9m38AsP2e0CvZrkvFNIAdvlwOGG1/rWtavSzIUi
T8eZgdZq5h4gjjj/9P1D/5MNKfBcWXw9DlBRA9apGDVBDpZY//+mwuVW1SsSbcxf
YBVbv7UCF7eDpZHqCjfTMkiOIB0fMvOttOWEqFu/LUo8ybKgQDSHX5pI9ANG3j5s
2Fgho6/y5f/NorY+XczRMwmjuQGw0dQc80hjJq/XsuQARmNp0JjNs8VeNcoc+Rsr
VBPsgCRGEhjNoluNTylEjdJ36u7ISoiu
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:33:07 2025 by rpki-client