Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65FCE4C0439A11F0BB703CE6DAE4EC9C.roa
File: 65FCE4C0439A11F0BB703CE6DAE4EC9C.roa (raw, json)
Hash identifier: 2s+w06DvNe7Lx34SvdrYu32gG3/WsdgOXFJ5XJMHUk0=
Subject key identifier: 3C:D5:55:5F:E1:05:00:6D:8C:5B:0D:65:EF:80:5F:E4:21:00:66:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018564
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65FCE4C0439A11F0BB703CE6DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 12:24:47 +0000
ROA not before: Sat 07 Jun 2025 12:24:42 +0000
ROA not after: Fri 11 Jul 2025 12:24:42 +0000
asID: 401664
IP address blocks: 154.81.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99684 (0x18564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 12:24:42 2025 GMT
Not After : Jul 11 12:24:42 2025 GMT
Subject: CN=68442f8f-487f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:66:66:dd:78:55:85:06:c9:25:d4:e0:c4:c3:
ef:02:7a:64:8a:06:32:80:f7:0e:a8:9f:56:46:a1:
a7:63:18:54:26:9d:aa:31:07:d6:0c:eb:c0:e8:06:
91:a2:43:68:c6:33:d7:4f:56:c0:82:d2:57:08:dc:
b4:9f:43:d8:31:ba:c9:42:95:73:60:0f:5f:23:46:
11:ff:1c:fb:27:11:ce:e1:c8:d3:ab:02:fa:ba:68:
7d:55:ed:99:e5:d7:68:cd:dd:a2:a4:bd:7f:3f:71:
fd:05:91:17:28:81:73:65:1c:e0:63:12:6c:8d:99:
95:b2:7a:f5:7c:57:c9:30:9c:23:5a:0a:e3:44:d4:
5a:4e:a6:3c:05:02:1d:29:41:73:00:8b:5b:29:c0:
13:c4:f0:3e:4a:12:18:00:66:60:9a:46:1c:8a:67:
65:23:f6:16:e2:90:eb:92:21:9e:14:9f:8e:02:33:
82:04:1a:9a:d3:69:7b:a8:38:69:4d:6a:c1:b4:5e:
7a:92:36:2a:e8:06:45:c3:eb:3b:bc:15:93:83:1e:
3e:73:db:a2:65:93:21:c0:68:4a:43:c0:1d:e7:64:
08:16:c1:37:2e:54:8c:b3:48:92:b3:16:bc:72:3d:
75:10:31:b1:ae:4c:32:1c:6c:d9:c3:b4:6b:c6:ab:
a1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D5:55:5F:E1:05:00:6D:8C:5B:0D:65:EF:80:5F:E4:21:00:66:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65FCE4C0439A11F0BB703CE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.8.0/23
Signature Algorithm: sha256WithRSAEncryption
36:bb:d1:b4:e3:0a:e5:ce:6b:bc:e0:45:4c:ab:6e:7b:42:ac:
a4:a2:97:ef:a2:03:74:1b:d4:c5:a5:b4:eb:07:84:c1:b0:ec:
2a:f6:88:7f:43:de:e0:f5:b8:aa:65:59:17:4c:0d:b7:28:f7:
31:7f:ef:5c:1c:7a:29:74:dd:39:16:42:20:c5:9a:53:21:e4:
a1:93:eb:18:5d:cd:50:0f:cc:46:5a:30:bf:e3:6a:fb:84:bb:
b0:7e:92:35:a7:16:a9:ae:a0:4b:88:9e:ba:ee:2d:66:68:04:
aa:fe:7a:ed:6b:a4:d9:56:22:ff:26:35:ad:de:cb:9e:a2:d5:
bd:50:4d:27:a8:cf:9e:e9:9f:6c:e1:bb:66:74:0f:ae:67:47:
50:92:f6:59:38:5d:b2:5f:14:31:b3:92:c5:cd:95:7e:33:f3:
a9:a6:39:dc:bc:9a:06:c9:ff:ed:b6:de:cc:1d:b3:7b:4a:e1:
e4:39:51:82:e5:47:d2:42:7e:42:cd:a4:b9:e9:3c:c9:df:e9:
5c:c6:81:fe:f7:d6:a2:5c:0a:29:33:4c:21:e5:89:81:bc:32:
16:fc:b6:0e:78:25:d0:21:a1:51:6f:21:78:93:b7:75:be:27:
45:85:dd:c4:06:d9:12:f3:b4:fd:c0:a4:50:61:78:dd:79:e0:
2e:fe:08:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYVkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MTIyNDQyWhcNMjUwNzExMTIyNDQyWjAYMRYw
FAYDVQQDEw02ODQ0MmY4Zi00ODdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA52Zm3XhVhQbJJdTgxMPvAnpkigYygPcOqJ9WRqGnYxhUJp2qMQfWDOvA
6AaRokNoxjPXT1bAgtJXCNy0n0PYMbrJQpVzYA9fI0YR/xz7JxHO4cjTqwL6umh9
Ve2Z5ddozd2ipL1/P3H9BZEXKIFzZRzgYxJsjZmVsnr1fFfJMJwjWgrjRNRaTqY8
BQIdKUFzAItbKcATxPA+ShIYAGZgmkYcimdlI/YW4pDrkiGeFJ+OAjOCBBqa02l7
qDhpTWrBtF56kjYq6AZFw+s7vBWTgx4+c9uiZZMhwGhKQ8Ad52QIFsE3LlSMs0iS
sxa8cj11EDGxrkwyHGzZw7RrxquhHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDzV
VV/hBQBtjFsNZe+AX+QhAGYmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NUZDRTRDMDQzOUExMUYwQkI3MDNDRTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlEIMA0GCSqGSIb3DQEB
CwUAA4IBAQA2u9G04wrlzmu84EVMq257QqykopfvogN0G9TFpbTrB4TBsOwq9oh/
Q97g9biqZVkXTA23KPcxf+9cHHopdN05FkIgxZpTIeShk+sYXc1QD8xGWjC/42r7
hLuwfpI1pxaprqBLiJ667i1maASq/nrta6TZViL/JjWt3sueotW9UE0nqM+e6Z9s
4btmdA+uZ0dQkvZZOF2yXxQxs5LFzZV+M/OppjncvJoGyf/ttt7MHbN7SuHkOVGC
5UfSQn5CzaS56TzJ3+lcxoH+99aiXAopM0wh5YmBvDIW/LYOeCXQIaFRbyF4k7d1
vidFhd3EBtkS87T9wKRQYXjdeeAu/ggk
-----END CERTIFICATE-----
Generated at Fri Jul 4 09:59:32 2025 by rpki-client