Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8693506249D411F0A1835079DAE4EC9C.roa
File: 8693506249D411F0A1835079DAE4EC9C.roa (raw, json)
Hash identifier: 1m9x/sXFu2Ezb77S/YT6WbMn8ClpTjm2BS/j2n58Sas=
Subject key identifier: 9C:FC:A8:98:62:BF:39:52:AF:42:49:B2:D3:B9:B3:6C:0E:08:9C:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0186BC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8693506249D411F0A1835079DAE4EC9C.roa
Signing time: Sun 15 Jun 2025 10:35:59 +0000
ROA not before: Sun 15 Jun 2025 10:35:55 +0000
ROA not after: Sun 20 Jul 2025 10:35:55 +0000
asID: 18779
IP address blocks: 154.205.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100028 (0x186bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 15 10:35:55 2025 GMT
Not After : Jul 20 10:35:55 2025 GMT
Subject: CN=684ea20f-6a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:db:4d:fc:18:0e:1d:ec:06:77:09:b1:44:86:
c7:5f:64:fd:e0:d7:19:de:dc:8c:c4:af:c3:ce:19:
50:7c:8b:ef:50:b9:d7:79:f8:a4:79:78:f9:52:66:
09:dc:6d:77:2f:34:ab:72:07:12:73:12:ec:3f:c5:
61:93:f9:23:d9:0d:1e:4c:3f:31:0c:f3:37:43:4a:
f4:f3:53:bf:e8:0a:d0:6f:60:5f:f2:30:fd:03:3e:
8c:7f:5e:10:26:4e:0f:21:a8:1e:c8:7c:f5:0a:2d:
f8:7e:d1:5d:85:41:5e:1e:e2:5a:2e:f7:ee:11:b1:
e1:a9:1d:6d:06:b5:ea:46:78:61:ab:49:d7:c0:f0:
02:7e:be:96:1c:e6:64:c0:77:c0:dc:35:13:03:d7:
18:e2:cf:d5:b9:fe:55:5d:f8:f6:8c:c9:69:ae:ab:
a6:7d:2c:9f:52:59:cf:8f:91:a8:f5:36:6e:3f:1c:
09:73:2c:4f:b4:45:38:d6:1f:ec:9b:e8:36:9a:fb:
dc:a9:5b:95:9b:a4:43:57:f9:e6:59:3d:91:7b:58:
db:41:4a:8c:d4:d0:2e:60:bb:61:de:46:14:35:69:
8c:0d:1c:3e:f5:3c:72:52:4b:dc:9e:da:9d:d1:2a:
4d:6d:c8:98:ea:06:19:f1:bf:ba:36:48:fe:12:41:
8f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FC:A8:98:62:BF:39:52:AF:42:49:B2:D3:B9:B3:6C:0E:08:9C:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8693506249D411F0A1835079DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.30.0/23
Signature Algorithm: sha256WithRSAEncryption
98:2f:d1:bf:61:21:e8:91:8e:14:40:2c:77:bb:3f:0f:86:90:
c6:5d:ab:f3:a0:6c:00:e0:b0:ae:fd:73:72:7f:85:c5:ee:a5:
40:4b:87:c2:be:21:26:fa:49:d4:68:dc:62:73:e3:27:e0:22:
af:83:71:54:a3:7e:83:f9:61:a1:fd:4e:9a:8a:d2:6f:bc:62:
4a:91:11:bb:1f:0a:56:23:ed:a6:3c:60:6f:b7:16:a3:fd:ae:
e7:ee:81:fe:99:09:fe:50:ba:3b:69:ee:99:56:e7:4c:d0:ce:
8a:75:1a:4c:42:43:18:51:08:8e:48:99:65:24:fe:05:52:e7:
95:90:e2:0a:bf:83:e0:10:36:63:18:26:ca:20:19:1d:94:cb:
5a:7b:19:86:08:aa:71:87:6f:20:dc:fb:2b:40:9b:da:49:c4:
d5:42:21:80:f3:9a:aa:bf:3f:40:9b:0d:be:37:93:12:8e:d6:
32:6f:38:93:44:1e:0e:a2:ad:c6:53:27:ea:bf:46:01:c4:11:
06:0e:ff:d3:4c:37:0f:62:e0:00:bf:c0:e0:5d:7f:03:85:27:
df:e6:1d:f8:70:74:89:94:e0:61:40:06:3f:d1:a3:c0:fa:a2:
25:4d:49:39:ee:26:28:8d:c6:f9:e4:12:c8:6a:11:b0:2d:16:
4c:d9:75:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYa8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE1MTAzNTU1WhcNMjUwNzIwMTAzNTU1WjAYMRYw
FAYDVQQDEw02ODRlYTIwZi02YTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ttN/BgOHewGdwmxRIbHX2T94NcZ3tyMxK/DzhlQfIvvULnXefikeXj5
UmYJ3G13LzSrcgcScxLsP8Vhk/kj2Q0eTD8xDPM3Q0r081O/6ArQb2Bf8jD9Az6M
f14QJk4PIageyHz1Ci34ftFdhUFeHuJaLvfuEbHhqR1tBrXqRnhhq0nXwPACfr6W
HOZkwHfA3DUTA9cY4s/Vuf5VXfj2jMlprqumfSyfUlnPj5Go9TZuPxwJcyxPtEU4
1h/sm+g2mvvcqVuVm6RDV/nmWT2Re1jbQUqM1NAuYLth3kYUNWmMDRw+9TxyUkvc
ntqd0SpNbciY6gYZ8b+6Nkj+EkGPEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJz8
qJhivzlSr0JJstO5s2wOCJyLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjkzNTA2MjQ5RDQxMUYwQTE4MzUwNzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms0eMA0GCSqGSIb3DQEB
CwUAA4IBAQCYL9G/YSHokY4UQCx3uz8PhpDGXavzoGwA4LCu/XNyf4XF7qVAS4fC
viEm+knUaNxic+Mn4CKvg3FUo36D+WGh/U6aitJvvGJKkRG7HwpWI+2mPGBvtxaj
/a7n7oH+mQn+ULo7ae6ZVudM0M6KdRpMQkMYUQiOSJllJP4FUueVkOIKv4PgEDZj
GCbKIBkdlMtaexmGCKpxh28g3PsrQJvaScTVQiGA85qqvz9Amw2+N5MSjtYybziT
RB4Ooq3GUyfqv0YBxBEGDv/TTDcPYuAAv8DgXX8DhSff5h34cHSJlOBhQAY/0aPA
+qIlTUk57iYojcb55BLIahGwLRZM2XWv
-----END CERTIFICATE-----
Generated at Tue Jul 1 22:46:58 2025 by rpki-client