Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59EF4BA44C4711F09A4063F3DAE4EC9C.roa
File: 59EF4BA44C4711F09A4063F3DAE4EC9C.roa (raw, json)
Hash identifier: K9RDbiPl7UNElPxdWpBclFt47WennBs5XGrL7uuatqM=
Subject key identifier: D6:E3:86:91:01:FB:F4:14:D5:98:72:DE:D6:A2:B9:B9:56:21:74:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01873D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59EF4BA44C4711F09A4063F3DAE4EC9C.roa
Signing time: Wed 18 Jun 2025 13:22:59 +0000
ROA not before: Wed 18 Jun 2025 13:22:53 +0000
ROA not after: Sun 21 Jun 2026 13:22:53 +0000
asID: 209242
IP address blocks: 154.202.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 11:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100157 (0x1873d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 18 13:22:53 2025 GMT
Not After : Jun 21 13:22:53 2026 GMT
Subject: CN=6852bdb3-65c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:85:25:38:83:12:bc:12:83:f0:fb:b2:8c:
c7:3a:22:b0:58:bb:1d:22:6e:31:17:fb:bf:50:c5:
9b:43:7b:72:b9:aa:7d:06:e0:7e:be:c6:39:a2:87:
ae:8f:79:eb:04:c9:60:5c:10:2a:ac:e3:69:be:21:
b8:2c:32:74:b8:4c:8c:6f:f5:18:8e:3b:7a:c4:e0:
17:5c:79:d2:71:a8:45:41:d6:b5:92:c9:90:fe:82:
a4:25:ab:58:9a:49:09:3c:d3:39:53:c8:e7:3b:77:
08:28:f5:31:4f:da:fe:6b:09:48:4d:cb:6d:82:e9:
27:c2:e2:7d:f6:d3:12:23:80:90:3e:4d:2d:75:0b:
e8:58:64:7c:51:8b:f0:81:82:eb:59:b0:b9:1c:14:
bc:7c:f3:49:4c:15:7d:a8:7e:8b:7a:a7:80:af:31:
f6:a5:77:d3:8b:ec:76:16:3f:81:14:e4:5b:4b:ee:
29:42:b0:41:b5:c8:7c:ed:d5:ae:f9:9f:f0:72:af:
5a:cf:0b:6d:6c:e0:1e:cb:fd:61:bc:26:5d:d8:68:
26:ce:0a:99:f6:cb:56:a2:07:f8:40:32:c0:cc:8e:
79:1d:7a:ed:68:83:31:f7:43:b5:fb:d5:69:95:15:
a7:76:81:f0:41:d4:42:ed:58:f4:f3:f8:a6:06:e9:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E3:86:91:01:FB:F4:14:D5:98:72:DE:D6:A2:B9:B9:56:21:74:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59EF4BA44C4711F09A4063F3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.89.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:21:b5:85:05:49:14:4b:9f:ae:5a:ea:24:e6:30:c6:b3:2f:
71:56:5b:5d:db:5f:0b:4f:f2:d7:70:99:b7:6e:d7:77:90:74:
b9:f2:56:99:c6:f7:b0:75:0c:a5:81:1b:fb:8e:b6:4e:a3:d8:
e7:87:bb:aa:bd:c4:e0:bb:8b:d2:51:af:c6:07:20:c6:6e:79:
8e:d2:88:cf:19:49:1b:8b:63:56:34:ad:75:1d:4e:a7:f5:e2:
a6:4b:d2:e6:bc:84:85:e9:fc:de:98:56:9c:93:c8:99:f4:4a:
58:25:14:15:3c:25:2c:05:9e:b7:7d:a6:07:39:cc:08:48:d8:
fb:c8:01:6f:7d:9d:94:1f:e2:65:61:b0:43:40:a6:08:d6:83:
14:f7:55:20:3d:04:1b:8b:d4:8f:f8:e9:e8:b8:10:1a:a2:a9:
fb:79:7b:51:6a:bd:4e:1e:3f:15:97:3c:04:57:d0:46:c0:ba:
26:52:bc:e9:d4:c3:49:0f:34:32:a0:cb:da:15:53:21:18:cd:
13:57:de:7a:4d:2d:fa:f3:da:b0:f6:3d:7b:be:c4:c5:95:01:
1a:fd:7f:3e:ed:73:4b:3b:56:34:e4:4a:b9:36:be:2f:e9:40:
c9:5f:5c:0b:7e:22:8a:7e:27:33:f5:a3:2f:28:b3:8a:62:95:
1a:08:96:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYc9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE4MTMyMjUzWhcNMjYwNjIxMTMyMjUzWjAYMRYw
FAYDVQQDEw02ODUyYmRiMy02NWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoa+FJTiDErwSg/D7sozHOiKwWLsdIm4xF/u/UMWbQ3tyuap9BuB+vsY5
ooeuj3nrBMlgXBAqrONpviG4LDJ0uEyMb/UYjjt6xOAXXHnScahFQda1ksmQ/oKk
JatYmkkJPNM5U8jnO3cIKPUxT9r+awlITcttguknwuJ99tMSI4CQPk0tdQvoWGR8
UYvwgYLrWbC5HBS8fPNJTBV9qH6LeqeArzH2pXfTi+x2Fj+BFORbS+4pQrBBtch8
7dWu+Z/wcq9azwttbOAey/1hvCZd2GgmzgqZ9stWogf4QDLAzI55HXrtaIMx90O1
+9VplRWndoHwQdRC7Vj08/imBum4KQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNbj
hpEB+/QU1Zhy3taiublWIXRnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OUVGNEJBNDRDNDcxMUYwOUE0MDYzRjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmspZMA0GCSqGSIb3DQEB
CwUAA4IBAQC0IbWFBUkUS5+uWuok5jDGsy9xVltd218LT/LXcJm3btd3kHS58laZ
xvewdQylgRv7jrZOo9jnh7uqvcTgu4vSUa/GByDGbnmO0ojPGUkbi2NWNK11HU6n
9eKmS9LmvISF6fzemFack8iZ9EpYJRQVPCUsBZ63faYHOcwISNj7yAFvfZ2UH+Jl
YbBDQKYI1oMU91UgPQQbi9SP+OnouBAaoqn7eXtRar1OHj8VlzwEV9BGwLomUrzp
1MNJDzQyoMvaFVMhGM0TV956TS3689qw9j17vsTFlQEa/X8+7XNLO1Y05Eq5Nr4v
6UDJX1wLfiKKficz9aMvKLOKYpUaCJYb
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:07:53 2025 by rpki-client