Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CB105BC452E11F086895FA9DAE4EC9C.roa
File: 7CB105BC452E11F086895FA9DAE4EC9C.roa (raw, json)
Hash identifier: HD95HXL9p0WZd7i5n0YfQkoMZfxZlFM3zjoUuozNb0g=
Subject key identifier: 76:6F:56:FE:9C:0C:29:9E:E8:C3:53:7B:4C:2F:EE:2E:B2:4D:9F:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01859C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CB105BC452E11F086895FA9DAE4EC9C.roa
Signing time: Mon 09 Jun 2025 12:37:21 +0000
ROA not before: Mon 09 Jun 2025 12:37:16 +0000
ROA not after: Tue 11 Nov 2025 12:37:16 +0000
asID: 152849
IP address blocks: 154.210.16.0/20 maxlen: 24
154.213.64.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99740 (0x1859c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 9 12:37:16 2025 GMT
Not After : Nov 11 12:37:16 2025 GMT
Subject: CN=6846d581-4d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:da:c9:f0:84:ce:69:90:93:bf:2e:cb:e9:cf:
dd:89:05:52:10:a1:f9:c3:83:80:b8:5a:b0:f5:b7:
5e:ec:be:b5:d7:ba:97:d6:4f:f5:f5:fb:5a:fc:d0:
57:5b:fd:ab:cd:2c:4b:66:f8:59:1b:e1:0e:71:0c:
5d:c9:3b:22:21:a7:01:7e:ed:a8:01:3b:44:87:7c:
32:e5:07:8f:65:ff:0f:81:3e:92:c0:26:71:8f:8c:
10:04:41:fd:ff:6a:80:96:1c:a6:95:20:dc:4e:96:
58:ca:71:d7:c3:2a:8d:f4:28:60:cd:33:60:0d:4c:
ac:24:77:bf:f6:54:ad:b4:38:ca:71:ae:7a:10:96:
1e:6f:bc:fb:c4:80:bf:9b:ad:e1:03:79:3e:6e:17:
32:69:54:3e:d0:eb:9e:01:d5:0e:1e:b1:06:3a:33:
1c:ef:92:74:a8:07:e4:a2:9d:04:af:98:1b:4a:52:
0f:bb:14:05:a6:e4:91:9c:e4:cc:bc:73:a4:c3:60:
2b:c3:0f:98:d9:c2:5d:10:ec:d8:87:b1:f8:51:9e:
c8:00:4c:16:87:a2:b5:b4:6f:82:ed:d2:9d:44:d7:
12:00:54:2c:f2:cd:23:24:57:01:bf:d8:f1:5a:ea:
29:8f:94:55:b3:5c:72:c5:15:02:1e:df:eb:3e:a2:
e5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6F:56:FE:9C:0C:29:9E:E8:C3:53:7B:4C:2F:EE:2E:B2:4D:9F:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CB105BC452E11F086895FA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.213.64.0/20
Signature Algorithm: sha256WithRSAEncryption
cb:78:e1:9f:9c:82:e7:62:03:96:ce:19:67:91:b0:99:b2:3d:
e8:d7:01:91:6c:b5:7f:3c:82:b7:f7:69:d7:a0:d7:c3:2b:c4:
c9:ad:14:d9:da:c9:ef:67:b1:1e:0e:3a:0a:4a:bd:ad:be:94:
cd:4a:c4:44:a6:2a:3d:2b:3f:63:d1:4d:f6:79:2d:a1:df:4b:
bf:59:bc:7a:c6:ff:fa:9f:e7:de:f3:f2:33:3a:75:24:c3:5f:
0d:6f:f6:e0:9a:77:b4:9d:d5:d9:d0:fe:26:ce:12:3b:79:f5:
38:b5:73:38:b4:fc:2f:93:0f:16:a3:06:de:32:fe:57:58:a0:
fc:9d:b7:b4:df:bb:ef:79:aa:60:5c:f5:25:df:d0:52:6b:73:
48:2f:f6:5c:90:bb:c7:a6:7a:59:4a:22:ce:c8:37:cd:ba:a5:
9c:70:cb:97:c7:77:14:fd:a7:13:bc:11:ec:cb:24:ed:89:c5:
94:b5:18:4e:21:c3:25:43:b0:1c:e5:dd:97:99:f0:d6:b0:55:
54:27:6c:9f:79:de:89:67:a3:13:32:77:db:4d:40:e0:d4:d4:
62:72:53:84:64:9a:7b:bb:60:a0:d1:ac:55:26:48:f7:3c:40:
68:81:c8:31:4f:17:bd:a9:fa:5e:b6:93:09:18:fa:af:0e:0f:
8f:37:31:90
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYWcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA5MTIzNzE2WhcNMjUxMTExMTIzNzE2WjAYMRYw
FAYDVQQDEw02ODQ2ZDU4MS00ZDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA19rJ8ITOaZCTvy7L6c/diQVSEKH5w4OAuFqw9bde7L6117qX1k/19fta
/NBXW/2rzSxLZvhZG+EOcQxdyTsiIacBfu2oATtEh3wy5QePZf8PgT6SwCZxj4wQ
BEH9/2qAlhymlSDcTpZYynHXwyqN9ChgzTNgDUysJHe/9lSttDjKca56EJYeb7z7
xIC/m63hA3k+bhcyaVQ+0OueAdUOHrEGOjMc75J0qAfkop0Er5gbSlIPuxQFpuSR
nOTMvHOkw2Arww+Y2cJdEOzYh7H4UZ7IAEwWh6K1tG+C7dKdRNcSAFQs8s0jJFcB
v9jxWuopj5RVs1xyxRUCHt/rPqLllwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHZv
Vv6cDCme6MNTe0wv7i6yTZ8HMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83Q0IxMDVCQzQ1MkUxMUYwODY4OTVGQTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmtIQAwQEmtVAMA0GCSqG
SIb3DQEBCwUAA4IBAQDLeOGfnILnYgOWzhlnkbCZsj3o1wGRbLV/PIK392nXoNfD
K8TJrRTZ2snvZ7EeDjoKSr2tvpTNSsREpio9Kz9j0U32eS2h30u/Wbx6xv/6n+fe
8/IzOnUkw18Nb/bgmne0ndXZ0P4mzhI7efU4tXM4tPwvkw8WowbeMv5XWKD8nbe0
37vveapgXPUl39BSa3NIL/ZckLvHpnpZSiLOyDfNuqWccMuXx3cU/acTvBHsyyTt
icWUtRhOIcMlQ7Ac5d2XmfDWsFVUJ2yfed6JZ6MTMnfbTUDg1NRiclOEZJp7u2Cg
0axVJkj3PEBogcgxTxe9qfpetpMJGPqvDg+PNzGQ
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:11:59 2025 by rpki-client