Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6847C60C4B6311F08FAEA599DAE4EC9C.roa
File: 6847C60C4B6311F08FAEA599DAE4EC9C.roa (raw, json)
Hash identifier: Bid02xxf4stnu294IteU7kFugq81rG+TQOtUu6MzP8k=
Subject key identifier: 40:69:6C:07:42:B5:1B:55:6B:77:C8:5B:00:42:76:96:81:7A:36:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0186FA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6847C60C4B6311F08FAEA599DAE4EC9C.roa
Signing time: Tue 17 Jun 2025 10:11:18 +0000
ROA not before: Tue 17 Jun 2025 10:11:12 +0000
ROA not after: Thu 24 Jul 2025 10:11:12 +0000
asID: 40065
IP address blocks: 154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 00:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100090 (0x186fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 10:11:12 2025 GMT
Not After : Jul 24 10:11:12 2025 GMT
Subject: CN=68513f46-ffdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:17:15:ce:1b:53:24:eb:13:68:dd:c3:6e:
c8:ab:26:f7:8e:8d:03:b3:c2:85:e0:9d:de:58:52:
90:a1:55:fa:d2:28:b8:6f:95:35:01:c8:66:69:c9:
a0:b8:2b:ba:80:70:c1:c4:a0:d8:b4:b8:ee:e5:0f:
6c:16:10:1a:60:16:a6:c7:f6:dd:6c:4d:05:b0:dd:
5e:a9:0f:4b:55:d8:f2:34:72:8a:fa:26:29:30:67:
77:6d:c7:05:da:34:f9:32:ed:31:c6:de:f0:79:59:
3f:6a:68:04:69:9b:46:a2:2a:74:a5:4b:fe:4b:c2:
7d:38:21:fa:86:2b:c4:1d:77:08:38:20:df:cb:f7:
54:00:22:e6:a9:e0:c6:ea:ca:7d:66:69:35:32:1b:
d0:f1:6f:be:c4:ee:97:d0:06:9b:89:5a:d3:1f:73:
f9:01:13:3b:39:d6:7c:67:63:60:b3:db:9c:7d:86:
ac:0c:fe:96:ce:e3:56:03:b4:ae:7f:6e:ed:8c:1b:
a7:3f:d3:17:44:e1:be:31:d3:1e:1d:7d:a6:7b:0d:
df:4d:37:59:b7:6f:c1:ee:2d:5f:f1:f7:9c:72:12:
1f:ee:fc:59:07:27:a2:f8:d4:b5:2d:49:e0:06:d7:
51:7a:1c:54:b2:a4:fd:93:3d:02:2d:73:25:8a:78:
fa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:69:6C:07:42:B5:1B:55:6B:77:C8:5B:00:42:76:96:81:7A:36:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6847C60C4B6311F08FAEA599DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/20
Signature Algorithm: sha256WithRSAEncryption
97:1b:d9:09:05:b5:c8:99:4b:4e:91:65:28:32:e0:02:ea:07:
8f:88:47:c6:36:78:2a:18:1e:2d:4c:fd:fa:6a:ca:8d:31:14:
30:f4:a1:5a:b2:1a:ea:ce:81:0b:ef:62:b2:75:93:dd:d2:32:
c2:95:9f:bb:0d:f2:90:d4:4c:43:37:54:7b:15:3b:86:9c:63:
7b:56:46:b3:b5:1a:97:f1:a8:e8:7d:1b:7d:73:f1:2f:8a:ee:
e1:2e:fc:da:73:74:eb:cc:78:09:a8:a7:a1:70:bf:a4:8d:d2:
f8:38:ea:cd:45:c2:da:44:9a:c7:d1:8a:c3:22:f7:40:2b:f6:
28:cc:ed:c3:19:7f:9b:10:ff:a4:b1:d8:3b:32:8d:b0:e3:97:
fa:ea:5c:c2:02:70:6e:a3:0b:dc:d4:cd:f7:82:41:a2:6a:fb:
fa:41:35:51:8a:cd:01:68:f8:60:aa:04:a8:4b:61:11:d1:d6:
7c:85:34:43:af:04:d0:47:13:9b:af:3b:3d:6f:05:6b:54:52:
bd:8c:7e:97:d3:31:56:b8:ea:7b:dd:c4:d7:54:db:72:f7:ba:
f9:da:22:6d:db:cd:e6:7b:c2:e6:56:35:c3:0e:d0:c3:07:c9:
10:ee:8e:78:a3:1b:d5:1d:c1:e2:5e:2a:82:90:7f:2c:f0:6d:
76:81:40:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYb6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTAxMTEyWhcNMjUwNzI0MTAxMTEyWjAYMRYw
FAYDVQQDEw02ODUxM2Y0Ni1mZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAkl4XFc4bUyTrE2jdw27Iqyb3jo0Ds8KF4J3eWFKQoVX60ii4b5U1Achm
acmguCu6gHDBxKDYtLju5Q9sFhAaYBamx/bdbE0FsN1eqQ9LVdjyNHKK+iYpMGd3
bccF2jT5Mu0xxt7weVk/amgEaZtGoip0pUv+S8J9OCH6hivEHXcIOCDfy/dUACLm
qeDG6sp9Zmk1MhvQ8W++xO6X0AabiVrTH3P5ARM7OdZ8Z2Ngs9ucfYasDP6WzuNW
A7Suf27tjBunP9MXROG+MdMeHX2mew3fTTdZt2/B7i1f8fecchIf7vxZByei+NS1
LUngBtdRehxUsqT9kz0CLXMlinj6RwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEBp
bAdCtRtVa3fIWwBCdpaBejb6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODQ3QzYwQzRCNjMxMUYwOEZBRUE1OTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQCXG9kJBbXImUtOkWUoMuAC6gePiEfGNngqGB4tTP36asqNMRQw9KFa
shrqzoEL72KydZPd0jLClZ+7DfKQ1ExDN1R7FTuGnGN7VkaztRqX8ajofRt9c/Ev
iu7hLvzac3TrzHgJqKehcL+kjdL4OOrNRcLaRJrH0YrDIvdAK/YozO3DGX+bEP+k
sdg7Mo2w45f66lzCAnBuowvc1M33gkGiavv6QTVRis0BaPhgqgSoS2ER0dZ8hTRD
rwTQRxObrzs9bwVrVFK9jH6X0zFWuOp73cTXVNty97r52iJt283me8LmVjXDDtDD
B8kQ7o54oxvVHcHiXiqCkH8s8G12gUCx
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:12:22 2025 by rpki-client