Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70DF59D857DE11F0B286BDD7DAE4EC9C.roa
File: 70DF59D857DE11F0B286BDD7DAE4EC9C.roa (raw, json)
Hash identifier: EhLVmuCsaAJI6E/vnsP4IUPevuQOvNPvQ/QcOJOaRfo=
Subject key identifier: 5B:F4:E6:E3:AE:03:99:1A:DD:D6:3C:75:52:07:F2:EE:E1:2A:71:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70DF59D857DE11F0B286BDD7DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 07:22:14 +0000
ROA not before: Thu 03 Jul 2025 07:22:09 +0000
ROA not after: Thu 10 Jul 2025 07:22:09 +0000
asID: 139646
IP address blocks: 154.214.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 11:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100851 (0x189f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 07:22:09 2025 GMT
Not After : Jul 10 07:22:09 2025 GMT
Subject: CN=68662fa6-f842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5b:cb:75:78:aa:f0:3b:2a:f8:00:bc:3c:92:
38:40:27:59:5a:08:29:50:ee:b0:c9:d0:69:97:40:
65:af:ce:40:98:7b:22:b8:30:4c:d8:b2:ac:45:71:
aa:fc:aa:21:ed:93:58:a7:24:5a:72:47:24:8d:90:
d2:19:b5:39:0b:68:09:2d:e3:e0:f1:89:14:3e:16:
ae:fd:da:91:d4:ff:d6:fc:bb:34:76:73:ce:0b:5e:
85:84:02:bc:97:39:54:6f:4b:74:6b:00:7a:bc:d1:
26:a4:32:b5:c8:72:ff:8e:1a:e2:63:74:b8:2c:ea:
e6:a0:ac:68:8f:60:7c:2b:b4:74:e5:0a:b0:c8:75:
c6:75:55:cb:a6:32:08:1d:17:6c:1e:c4:af:ec:61:
9c:92:4d:ee:60:26:12:3f:c1:c5:5c:cc:11:22:00:
af:ff:dd:91:62:8d:11:52:dd:47:77:7e:4c:1c:1c:
b6:9d:b0:8b:38:23:d6:7e:3b:8e:2c:74:9c:d9:ed:
d1:0c:f8:94:2e:c6:98:15:74:61:ac:86:a6:be:70:
67:35:de:76:fc:57:73:ec:dd:7c:81:b2:36:4b:7d:
04:1c:28:db:52:f1:26:99:f6:b9:00:ef:6c:7d:08:
e8:8b:f6:b1:38:7d:d9:3d:0b:b4:29:36:b6:4a:44:
d0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F4:E6:E3:AE:03:99:1A:DD:D6:3C:75:52:07:F2:EE:E1:2A:71:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70DF59D857DE11F0B286BDD7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0c:73:a7:41:47:50:34:4d:76:c0:75:14:f8:12:1f:d8:d8:8e:
39:63:a8:bd:9c:c3:71:c6:f0:4e:e8:3a:2a:d2:8a:27:2f:d4:
54:31:3d:b8:91:7d:48:19:35:1e:d2:14:b1:6c:1e:d4:e3:2b:
e9:c9:9a:b5:95:4b:91:ab:e7:3c:7f:60:06:3f:37:9c:3f:76:
41:c1:22:55:19:8c:09:e5:6e:fd:5e:3e:3f:e6:81:da:ad:48:
2b:42:36:d1:3b:3d:f7:5d:89:72:bf:ab:1c:bf:c5:2a:bb:4a:
19:cb:51:2a:a1:d9:cd:92:38:ba:db:cc:9e:5f:08:4a:51:2d:
74:aa:67:7f:dd:dd:7d:70:49:dc:8c:e7:10:23:8e:a3:12:b4:
88:e0:31:6e:1c:3a:0f:54:75:4b:dc:65:9c:67:96:71:e5:8b:
de:57:cd:78:67:f8:2c:30:56:d3:0b:a2:7a:ee:3f:8b:a8:23:
bc:20:7a:9c:9e:77:4a:4c:86:cf:d4:7d:05:bb:9f:e4:1e:75:
36:69:57:27:cd:b8:9f:d2:96:a2:f3:17:65:f1:2c:06:50:4b:
48:d6:13:57:11:cb:49:a0:05:e3:36:a6:96:cc:01:3a:25:74:
a0:8d:a5:a3:ac:01:6f:a1:17:b3:cc:25:e5:15:70:b5:28:c1:
bc:61:f9:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYnzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMDcyMjA5WhcNMjUwNzEwMDcyMjA5WjAYMRYw
FAYDVQQDEw02ODY2MmZhNi1mODQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9VvLdXiq8Dsq+AC8PJI4QCdZWggpUO6wydBpl0Blr85AmHsiuDBM2LKs
RXGq/Koh7ZNYpyRackckjZDSGbU5C2gJLePg8YkUPhau/dqR1P/W/Ls0dnPOC16F
hAK8lzlUb0t0awB6vNEmpDK1yHL/jhriY3S4LOrmoKxoj2B8K7R05QqwyHXGdVXL
pjIIHRdsHsSv7GGckk3uYCYSP8HFXMwRIgCv/92RYo0RUt1Hd35MHBy2nbCLOCPW
fjuOLHSc2e3RDPiULsaYFXRhrIamvnBnNd52/Fdz7N18gbI2S30EHCjbUvEmmfa5
AO9sfQjoi/axOH3ZPQu0KTa2SkTQWQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFv0
5uOuA5ka3dY8dVIH8u7hKnFrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MERGNTlEODU3REUxMUYwQjI4NkJERDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtYgMA0GCSqGSIb3DQEB
CwUAA4IBAQAMc6dBR1A0TXbAdRT4Eh/Y2I45Y6i9nMNxxvBO6Doq0oonL9RUMT24
kX1IGTUe0hSxbB7U4yvpyZq1lUuRq+c8f2AGPzecP3ZBwSJVGYwJ5W79Xj4/5oHa
rUgrQjbROz33XYlyv6scv8Uqu0oZy1EqodnNkji628yeXwhKUS10qmd/3d19cEnc
jOcQI46jErSI4DFuHDoPVHVL3GWcZ5Zx5YveV814Z/gsMFbTC6J67j+LqCO8IHqc
nndKTIbP1H0Fu5/kHnU2aVcnzbif0pai8xdl8SwGUEtI1hNXEctJoAXjNqaWzAE6
JXSgjaWjrAFvoRezzCXlFXC1KMG8Yfk7
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:46:35 2025 by rpki-client