Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/599E5BD455B811F0956061D9DAE4EC9C.roa
File: 599E5BD455B811F0956061D9DAE4EC9C.roa (raw, json)
Hash identifier: ZtuRcJhQHQBpubPcriiMXwVywnpMberAMmI1TQ37sR0=
Subject key identifier: A9:5F:F7:68:6E:19:27:7C:8A:F6:A3:E1:5B:62:C0:12:1D:E5:02:06
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01898A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/599E5BD455B811F0956061D9DAE4EC9C.roa
Signing time: Mon 30 Jun 2025 13:44:32 +0000
ROA not before: Mon 30 Jun 2025 13:44:27 +0000
ROA not after: Mon 07 Jul 2025 13:44:27 +0000
asID: 9009
IP address blocks: 154.194.8.0/23 maxlen: 24
154.194.10.0/24 maxlen: 24
154.194.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100746 (0x1898a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 30 13:44:27 2025 GMT
Not After : Jul 7 13:44:27 2025 GMT
Subject: CN=686294c0-ca7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:34:27:eb:fa:38:3b:32:e6:9a:79:fe:fe:78:
4d:61:e0:42:bb:b1:ff:01:16:16:b0:9f:ab:41:59:
e8:3e:79:e6:01:77:8e:27:04:bd:ba:0b:d5:12:16:
2c:9b:34:c2:f6:ce:f8:bd:7f:b2:5f:48:f3:2e:6f:
e7:d1:59:bf:c1:bf:14:39:1a:d2:7b:e1:8c:d8:92:
b9:a6:e4:96:8d:2e:5a:65:9c:ac:20:b1:dd:bc:ee:
5e:d0:6a:d3:3a:e2:9d:f5:a3:32:c4:cd:95:da:f9:
d7:dd:17:3f:a1:ac:bd:7e:31:2e:60:e2:8b:96:ce:
1c:66:0a:b3:58:52:a4:da:ec:39:b2:aa:ba:ba:dc:
39:2b:1f:82:dd:02:16:2f:14:a4:1b:d6:40:d5:65:
03:e2:c0:76:6d:3a:50:41:5c:bd:cf:6e:3f:e3:80:
d0:74:a7:e8:51:7a:46:31:96:22:ca:20:ae:50:7e:
82:c4:b9:fe:23:7a:fc:5b:0a:e8:60:64:a5:0a:7f:
60:9a:f8:63:9c:e7:16:6d:85:1c:39:4c:dc:09:fe:
41:f8:30:b9:29:cb:d3:2f:63:b2:c3:27:17:87:19:
a5:4b:6e:7a:a2:a8:ec:fe:2d:22:c1:b5:99:07:5e:
24:55:53:e1:6a:2e:58:34:b2:4f:04:e0:02:5e:68:
27:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5F:F7:68:6E:19:27:7C:8A:F6:A3:E1:5B:62:C0:12:1D:E5:02:06
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/599E5BD455B811F0956061D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:96:39:66:99:4d:da:84:6a:9e:ff:69:5e:2c:f0:9a:ea:91:
5d:9d:9b:28:62:d4:6e:97:73:97:b7:7b:b5:40:2c:47:91:3f:
ae:f9:83:3a:25:1a:6f:a3:4f:8a:e9:2a:c1:db:bf:f8:a6:7a:
13:6c:3b:91:66:96:d2:23:de:0f:e7:00:00:17:8d:76:60:91:
99:74:86:fd:6d:09:b1:e0:7e:0e:ba:70:f5:66:31:23:64:4e:
dd:fb:45:97:d6:87:f6:4f:eb:c3:34:28:0b:ff:51:e2:7d:ad:
d6:9b:79:25:35:e2:f6:60:4e:be:2a:bc:61:0c:7e:8a:c0:f8:
0b:11:80:09:b5:4a:27:8a:bc:6d:6d:1b:69:0f:03:e1:b3:8a:
d0:11:51:f1:3b:26:59:ab:95:ae:13:56:ef:28:d6:74:3d:98:
7b:0e:0c:c5:ca:1f:e7:57:d2:63:f0:29:93:0e:1f:b1:1c:e2:
94:0d:b4:e2:da:95:eb:fa:be:e2:4c:fa:b3:cc:52:08:fe:7c:
05:85:32:b9:7d:18:4a:8f:b5:bf:63:3d:bf:08:2b:cb:3d:1a:
e1:ed:16:13:b4:18:19:95:85:ad:e5:3d:3e:dd:83:9e:d1:a3:
3e:86:04:33:89:07:24:1f:8c:21:22:5c:b1:09:e6:92:8c:1e:
f4:aa:6e:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYmKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjMwMTM0NDI3WhcNMjUwNzA3MTM0NDI3WjAYMRYw
FAYDVQQDEw02ODYyOTRjMC1jYTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvTQn6/o4OzLmmnn+/nhNYeBCu7H/ARYWsJ+rQVnoPnnmAXeOJwS9ugvV
EhYsmzTC9s74vX+yX0jzLm/n0Vm/wb8UORrSe+GM2JK5puSWjS5aZZysILHdvO5e
0GrTOuKd9aMyxM2V2vnX3Rc/oay9fjEuYOKLls4cZgqzWFKk2uw5sqq6utw5Kx+C
3QIWLxSkG9ZA1WUD4sB2bTpQQVy9z24/44DQdKfoUXpGMZYiyiCuUH6CxLn+I3r8
WwroYGSlCn9gmvhjnOcWbYUcOUzcCf5B+DC5KcvTL2OywycXhxmlS256oqjs/i0i
wbWZB14kVVPhai5YNLJPBOACXmgnswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKlf
92huGSd8ivaj4VtiwBId5QIGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OTlFNUJENDU1QjgxMUYwOTU2MDYxRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsIIMA0GCSqGSIb3DQEB
CwUAA4IBAQBeljlmmU3ahGqe/2leLPCa6pFdnZsoYtRul3OXt3u1QCxHkT+u+YM6
JRpvo0+K6SrB27/4pnoTbDuRZpbSI94P5wAAF412YJGZdIb9bQmx4H4OunD1ZjEj
ZE7d+0WX1of2T+vDNCgL/1Hifa3Wm3klNeL2YE6+KrxhDH6KwPgLEYAJtUonirxt
bRtpDwPhs4rQEVHxOyZZq5WuE1bvKNZ0PZh7DgzFyh/nV9Jj8CmTDh+xHOKUDbTi
2pXr+r7iTPqzzFII/nwFhTK5fRhKj7W/Yz2/CCvLPRrh7RYTtBgZlYWt5T0+3YOe
0aM+hgQziQckH4whIlyxCeaSjB70qm6j
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:12:53 2025 by rpki-client