Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7F034C2857C911F0B98399CFDAE4EC9C.roa
File: 7F034C2857C911F0B98399CFDAE4EC9C.roa (raw, json)
Hash identifier: /547L9tWAX4sewGiN6Hi3ri3xS1If30KuK666c2SduU=
Subject key identifier: 32:8D:B5:C9:86:66:98:75:91:A8:3E:DF:AF:00:4B:76:2D:EF:B7:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7F034C2857C911F0B98399CFDAE4EC9C.roa
Signing time: Thu 03 Jul 2025 04:52:18 +0000
ROA not before: Thu 03 Jul 2025 04:52:14 +0000
ROA not after: Thu 17 Jul 2025 04:52:14 +0000
asID: 54801
IP address blocks: 154.91.224.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100845 (0x189ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 3 04:52:14 2025 GMT
Not After : Jul 17 04:52:14 2025 GMT
Subject: CN=68660c82-2436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:ee:67:7b:88:e5:4b:7e:8d:2b:ea:0e:fa:
ea:29:44:c9:5c:77:c8:a5:94:45:3e:ee:c9:a5:53:
bf:e7:8a:3e:16:fa:84:89:c8:74:d6:55:66:da:1e:
6e:8a:23:f6:13:e0:2d:3c:42:8c:7a:af:00:31:b6:
dd:40:99:51:4a:89:58:d7:86:65:36:da:76:1c:b6:
ac:5f:d7:37:19:72:99:e1:f0:67:d8:b1:a8:05:eb:
f2:ba:2d:b8:ad:c9:7e:0e:2c:b3:36:86:09:68:61:
60:de:76:8a:94:80:66:47:53:ed:62:d9:20:0f:8a:
4f:ea:ed:4c:59:55:a7:a7:32:43:a9:a0:83:26:d2:
ef:00:14:05:5f:1a:f0:ef:7a:c7:55:15:0e:2c:00:
a6:9a:1c:95:83:76:b6:af:2b:a3:77:9f:f1:99:9d:
21:12:2c:07:76:c6:51:90:fc:b8:d4:98:4e:a7:84:
59:ee:e6:e0:a0:0c:88:d4:a1:48:54:4e:f7:29:e4:
37:75:f1:0e:02:39:aa:55:9b:30:ea:48:2e:be:72:
55:e2:51:cd:06:97:fb:6b:79:82:45:56:8d:5e:d0:
64:cf:01:ba:57:73:45:05:2e:19:4d:19:36:27:95:
c0:bb:60:1a:bf:0c:86:78:7a:a6:5a:25:13:63:62:
3e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8D:B5:C9:86:66:98:75:91:A8:3E:DF:AF:00:4B:76:2D:EF:B7:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7F034C2857C911F0B98399CFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.224.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
20:f2:7a:de:a1:49:2f:17:2a:60:65:ee:49:94:09:45:bc:4d:
6f:f8:03:da:9e:d6:93:ad:f1:92:3d:5f:bd:1d:ef:a3:9b:0c:
2f:7c:76:a6:07:56:88:b6:82:2f:84:2b:fe:5c:5c:b8:d5:c8:
6b:e1:6a:a7:7d:76:ee:05:4e:24:2e:b1:ba:ef:05:08:7f:00:
39:5f:5a:f4:87:73:c3:1e:10:18:1f:d2:75:d1:78:2e:bb:58:
67:67:95:20:48:65:1c:d1:bc:00:e1:b3:8c:03:52:44:6f:c3:
a6:4f:d9:43:11:f9:54:0c:6a:03:ba:3e:73:02:bd:61:93:0c:
ac:99:c7:0c:c0:06:a1:14:1f:4f:1f:11:8a:82:2b:5a:b5:5b:
6c:0d:c9:49:4a:41:54:df:5c:a5:d7:a5:4a:f6:02:6b:fb:28:
c2:13:4f:13:0b:0f:29:42:d5:78:89:c3:f0:f8:be:cb:92:5d:
1e:00:a9:67:5e:d4:d3:86:3c:69:27:c8:7c:71:ac:5e:49:70:
13:14:e2:eb:e9:c8:18:63:31:d6:9f:b5:6f:54:51:6f:ce:a4:
a2:bb:f4:15:38:77:a4:17:3a:3c:34:ac:3e:ba:ed:e1:04:33:
b9:5d:2a:84:95:64:77:4a:93:18:50:4a:46:a8:7d:a5:c4:56:
17:9c:15:e9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYntMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAzMDQ1MjE0WhcNMjUwNzE3MDQ1MjE0WjAYMRYw
FAYDVQQDEw02ODY2MGM4Mi0yNDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAui/uZ3uI5Ut+jSvqDvrqKUTJXHfIpZRFPu7JpVO/54o+FvqEich01lVm
2h5uiiP2E+AtPEKMeq8AMbbdQJlRSolY14ZlNtp2HLasX9c3GXKZ4fBn2LGoBevy
ui24rcl+DiyzNoYJaGFg3naKlIBmR1PtYtkgD4pP6u1MWVWnpzJDqaCDJtLvABQF
Xxrw73rHVRUOLACmmhyVg3a2ryujd5/xmZ0hEiwHdsZRkPy41JhOp4RZ7ubgoAyI
1KFIVE73KeQ3dfEOAjmqVZsw6kguvnJV4lHNBpf7a3mCRVaNXtBkzwG6V3NFBS4Z
TRk2J5XAu2AavwyGeHqmWiUTY2I+QQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDKN
tcmGZph1kag+368AS3Yt77egMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RjAzNEMyODU3QzkxMUYwQjk4Mzk5Q0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmlvgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQAg8nreoUkvFypgZe5JlAlFvE1v+APantaTrfGSPV+9He+j
mwwvfHamB1aItoIvhCv+XFy41chr4WqnfXbuBU4kLrG67wUIfwA5X1r0h3PDHhAY
H9J10Xguu1hnZ5UgSGUc0bwA4bOMA1JEb8OmT9lDEflUDGoDuj5zAr1hkwysmccM
wAahFB9PHxGKgitatVtsDclJSkFU31yl16VK9gJr+yjCE08TCw8pQtV4icPw+L7L
kl0eAKlnXtTThjxpJ8h8caxeSXATFOLr6cgYYzHWn7VvVFFvzqSiu/QVOHekFzo8
NKw+uu3hBDO5XSqElWR3SpMYUEpGqH2lxFYXnBXp
-----END CERTIFICATE-----
Generated at Thu Jul 3 16:42:57 2025 by rpki-client