Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8AA73C74565711F0834DE8E9DAE4EC9C.roa
File: 8AA73C74565711F0834DE8E9DAE4EC9C.roa (raw, json)
Hash identifier: 38xr5OZ52h/xuLFtm/s9R+FxFxU35BVLo6RhkhenxdY=
Subject key identifier: 5A:52:E7:49:73:CE:04:75:15:F2:B6:56:B8:F5:40:89:79:65:6E:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01899A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8AA73C74565711F0834DE8E9DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 08:44:04 +0000
ROA not before: Tue 01 Jul 2025 08:43:58 +0000
ROA not after: Mon 04 Aug 2025 08:43:58 +0000
asID: 151419
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100762 (0x1899a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 1 08:43:58 2025 GMT
Not After : Aug 4 08:43:58 2025 GMT
Subject: CN=68639fd4-4c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cb:d0:be:00:d9:d3:96:79:9a:71:00:e3:25:
4d:ce:96:50:42:45:6d:70:37:11:47:5e:a1:4a:47:
59:ff:8a:92:fe:5e:b6:33:9f:52:92:47:d0:c5:67:
7f:84:01:7a:ec:55:03:06:69:bd:8d:ad:0a:24:9b:
d1:cc:e4:40:d1:61:8b:3d:32:62:ca:93:4a:c6:a7:
3e:da:65:73:4c:f3:bc:5a:de:32:7c:a8:d5:00:fb:
58:84:02:61:d4:b2:c4:91:01:f5:1d:d0:9e:b8:62:
0b:05:cc:a6:15:a8:d1:e0:32:a9:cc:33:bb:14:e4:
c0:1c:a5:e8:de:d7:da:51:e8:15:2b:cc:4c:eb:d9:
9e:19:fd:dc:fd:ac:4d:03:65:00:c8:97:36:10:7e:
46:c6:fa:b2:ad:aa:83:0c:dd:b3:38:57:f5:0c:6e:
f1:89:1a:83:37:92:48:26:7f:d9:2d:94:95:9f:5c:
b7:c9:46:99:80:a5:49:a4:f8:26:01:ac:ac:9f:f8:
3c:dc:0d:89:9b:dd:6e:30:68:f9:b1:1e:c1:37:8c:
a9:ef:93:85:9d:e6:9e:4e:9d:4e:7f:47:cb:f7:b2:
86:4a:ad:85:bc:45:3b:fe:a2:07:b7:ba:7a:54:df:
08:af:87:48:76:62:a7:b6:b5:f5:5b:ce:df:b7:c0:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:52:E7:49:73:CE:04:75:15:F2:B6:56:B8:F5:40:89:79:65:6E:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8AA73C74565711F0834DE8E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:63:19:d6:4c:5f:64:dc:97:02:65:5b:05:aa:96:a0:c4:e2:
13:a6:72:9c:f2:2c:06:8e:cd:bb:92:d4:d6:3e:24:49:13:3a:
d1:cc:08:c5:87:b0:72:36:34:c9:b2:19:3a:cb:7f:6f:fa:9d:
c6:4e:eb:8e:a2:69:3b:34:85:da:2a:dc:57:91:06:a4:3e:80:
16:d3:9a:64:41:5e:0a:a8:57:a6:15:f8:90:e2:b4:b8:5c:a5:
48:12:25:91:c3:79:38:81:62:6f:c3:9b:83:25:d0:96:a8:4e:
d5:78:7b:f6:56:af:30:c1:5f:ed:9b:f5:2b:21:68:9e:0d:8b:
5c:4f:d5:05:9b:d9:c0:22:b1:84:ed:ad:1e:00:1c:94:8b:e5:
ba:67:84:83:9c:90:a7:43:26:7b:28:9e:90:02:c6:51:82:3a:
03:17:83:35:e0:e2:86:fa:b9:87:d8:f7:d2:c6:69:47:3e:cc:
7a:f2:6c:38:d7:f0:66:8f:fe:0f:b7:1d:f9:0c:97:9d:8a:7a:
c6:e9:18:79:73:0d:94:0c:46:cd:03:b6:7d:6f:b6:81:52:b9:
7d:98:fa:55:5b:f6:3b:a0:8b:67:67:29:f1:72:62:bb:9a:4c:
90:c1:6f:cf:92:24:f5:3d:6a:ee:7b:1e:e9:ed:50:ec:e4:6e:
be:a8:05:0b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYmaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAxMDg0MzU4WhcNMjUwODA0MDg0MzU4WjAYMRYw
FAYDVQQDEw02ODYzOWZkNC00YzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4svQvgDZ05Z5mnEA4yVNzpZQQkVtcDcRR16hSkdZ/4qS/l62M59SkkfQ
xWd/hAF67FUDBmm9ja0KJJvRzORA0WGLPTJiypNKxqc+2mVzTPO8Wt4yfKjVAPtY
hAJh1LLEkQH1HdCeuGILBcymFajR4DKpzDO7FOTAHKXo3tfaUegVK8xM69meGf3c
/axNA2UAyJc2EH5GxvqyraqDDN2zOFf1DG7xiRqDN5JIJn/ZLZSVn1y3yUaZgKVJ
pPgmAaysn/g83A2Jm91uMGj5sR7BN4yp75OFneaeTp1Of0fL97KGSq2FvEU7/qIH
t7p6VN8Ir4dIdmKntrX1W87ft8D1iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFpS
50lzzgR1FfK2Vrj1QIl5ZW52MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QUE3M0M3NDU2NTcxMUYwODM0REU4RTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQC0YxnWTF9k3JcCZVsFqpagxOITpnKc8iwGjs27ktTWPiRJEzrRzAjF
h7ByNjTJshk6y39v+p3GTuuOomk7NIXaKtxXkQakPoAW05pkQV4KqFemFfiQ4rS4
XKVIEiWRw3k4gWJvw5uDJdCWqE7VeHv2Vq8wwV/tm/UrIWieDYtcT9UFm9nAIrGE
7a0eAByUi+W6Z4SDnJCnQyZ7KJ6QAsZRgjoDF4M14OKG+rmH2PfSxmlHPsx68mw4
1/Bmj/4Ptx35DJedinrG6Rh5cw2UDEbNA7Z9b7aBUrl9mPpVW/Y7oItnZynxcmK7
mkyQwW/PkiT1PWruex7p7VDs5G6+qAUL
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:33:33 2025 by rpki-client