Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B140E30504411F0A0354BDFDAE4EC9C.roa
File: 8B140E30504411F0A0354BDFDAE4EC9C.roa (raw, json)
Hash identifier: 9RIfaf0vpkvrvy7n7OQZ5snBJMSzdfZRkBMbh3WnAcc=
Subject key identifier: B0:AD:93:A7:5E:07:B9:9F:F6:16:E8:58:02:00:01:80:A1:72:9B:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018811
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B140E30504411F0A0354BDFDAE4EC9C.roa
Signing time: Mon 23 Jun 2025 15:12:57 +0000
ROA not before: Mon 23 Jun 2025 15:12:53 +0000
ROA not after: Wed 30 Jul 2025 15:12:53 +0000
asID: 142032
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100369 (0x18811)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 23 15:12:53 2025 GMT
Not After : Jul 30 15:12:53 2025 GMT
Subject: CN=68596ef9-70df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fd:c0:17:9a:42:85:1a:be:11:c2:26:4d:ff:
ab:1a:91:ea:d9:f1:59:e2:09:1a:e6:83:bb:8f:7a:
91:35:30:b9:6d:8e:6f:70:75:32:4b:a5:55:f7:c6:
2e:3d:61:19:4a:ed:33:b6:82:22:25:8c:11:17:de:
19:7a:0f:2b:c2:90:9e:a7:51:c3:83:e0:cc:11:04:
03:d1:6b:0f:23:7c:ae:ef:e0:24:5a:b5:3c:d4:7a:
87:d7:1f:29:cf:d3:66:7e:ff:0d:c5:34:1a:56:9a:
c7:b4:d4:5c:f7:64:25:f3:a2:c0:20:a9:a6:db:7c:
3a:2f:db:bd:74:f5:37:ce:ba:05:72:29:e4:64:45:
99:91:b7:18:cb:14:20:ff:90:77:c8:a2:4b:44:28:
e8:61:a6:db:f7:14:f3:ff:f9:df:76:20:d7:99:e6:
cf:f3:7b:44:d2:06:9e:5e:96:34:61:e1:82:2a:dd:
d5:87:99:03:f2:40:39:6d:01:dc:73:b4:ba:81:98:
7d:70:39:1d:79:3b:cb:70:ff:84:9f:a8:20:ad:dd:
50:ae:ca:00:da:3a:5b:bb:bc:9c:94:78:b7:f8:40:
21:f1:1c:78:69:ed:b7:23:9f:d1:ae:c2:4e:39:23:
5b:ec:55:81:f8:76:f6:a2:db:c5:e0:95:bb:6b:69:
f9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AD:93:A7:5E:07:B9:9F:F6:16:E8:58:02:00:01:80:A1:72:9B:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B140E30504411F0A0354BDFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5a:d6:52:ae:66:56:3e:25:74:29:8d:07:f1:dc:d4:9f:13:76:
66:93:23:0f:ed:50:b9:3d:86:a2:21:54:e6:f2:a9:0c:14:7b:
0e:ce:74:f2:f4:ea:7e:c1:cb:2a:60:aa:b6:0d:e6:d8:69:f0:
f0:1d:46:c7:e0:d8:b4:f6:cc:b3:e5:22:08:a5:25:e4:e7:b3:
7a:98:18:d8:65:03:4c:f2:1e:55:47:35:21:51:45:d8:bd:0e:
58:1a:59:fe:b8:02:ce:fd:39:10:e2:59:d6:43:89:cf:ac:52:
fb:8f:7a:9f:78:19:3b:41:e1:c5:78:82:a0:93:f2:86:08:c6:
76:df:79:6c:cf:82:b9:99:83:ad:62:2c:fe:b4:03:52:4e:52:
82:e9:28:9d:fd:48:4c:b6:06:42:9f:dc:69:b6:12:94:86:04:
d9:da:1d:e6:15:10:7e:02:a6:e9:7e:54:e7:e3:5a:04:33:aa:
34:ad:85:dd:19:d2:f6:3e:71:8d:1d:0c:92:d3:36:f8:7b:02:
52:c8:3b:cc:58:62:7a:5b:4d:ef:c9:2d:7d:eb:e9:60:b7:ee:
e4:b1:8b:93:3b:5e:f9:d3:54:74:64:b0:19:aa:29:74:26:81:
40:dc:cf:ae:ae:a1:c5:98:c7:04:4f:2f:ad:57:b9:94:60:d0:
a5:77:6c:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYgRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIzMTUxMjUzWhcNMjUwNzMwMTUxMjUzWjAYMRYw
FAYDVQQDEw02ODU5NmVmOS03MGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuf3AF5pChRq+EcImTf+rGpHq2fFZ4gka5oO7j3qRNTC5bY5vcHUyS6VV
98YuPWEZSu0ztoIiJYwRF94Zeg8rwpCep1HDg+DMEQQD0WsPI3yu7+AkWrU81HqH
1x8pz9Nmfv8NxTQaVprHtNRc92Ql86LAIKmm23w6L9u9dPU3zroFcinkZEWZkbcY
yxQg/5B3yKJLRCjoYabb9xTz//nfdiDXmebP83tE0gaeXpY0YeGCKt3Vh5kD8kA5
bQHcc7S6gZh9cDkdeTvLcP+En6ggrd1QrsoA2jpbu7yclHi3+EAh8Rx4ae23I5/R
rsJOOSNb7FWB+Hb2otvF4JW7a2n5/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLCt
k6deB7mf9hboWAIAAYChcpsXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjE0MEUzMDUwNDQxMUYwQTAzNTRCREZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBa1lKuZlY+JXQpjQfx3NSfE3ZmkyMP7VC5PYaiIVTm8qkMFHsOznTy
9Op+wcsqYKq2DebYafDwHUbH4Ni09syz5SIIpSXk57N6mBjYZQNM8h5VRzUhUUXY
vQ5YGln+uALO/TkQ4lnWQ4nPrFL7j3qfeBk7QeHFeIKgk/KGCMZ233lsz4K5mYOt
Yiz+tANSTlKC6Sid/UhMtgZCn9xpthKUhgTZ2h3mFRB+AqbpflTn41oEM6o0rYXd
GdL2PnGNHQyS0zb4ewJSyDvMWGJ6W03vyS196+lgt+7ksYuTO17501R0ZLAZqil0
JoFA3M+urqHFmMcETy+tV7mUYNCld2x2
-----END CERTIFICATE-----
Generated at Wed Jul 2 12:26:47 2025 by rpki-client