Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DFE5B4E49CF11F099FCF2D7DAE4EC9C.roa
File: 8DFE5B4E49CF11F099FCF2D7DAE4EC9C.roa (raw, json)
Hash identifier: yZafiCXcJtjV9Q94VG6DNFeBiRKRCK6Edta7Twf+eLU=
Subject key identifier: B9:63:2F:68:20:44:DD:C7:F6:61:54:EA:8E:17:3D:50:5A:40:D2:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0186B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DFE5B4E49CF11F099FCF2D7DAE4EC9C.roa
Signing time: Sun 15 Jun 2025 10:00:24 +0000
ROA not before: Sun 15 Jun 2025 10:00:19 +0000
ROA not after: Mon 14 Jul 2025 10:00:19 +0000
asID: 133180
IP address blocks: 154.194.128.0/18 maxlen: 24
154.209.160.0/19 maxlen: 24
154.214.64.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100020 (0x186b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 15 10:00:19 2025 GMT
Not After : Jul 14 10:00:19 2025 GMT
Subject: CN=684e99b8-ce27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4d:2f:29:32:20:2c:f8:04:cd:88:70:10:ba:
23:2a:65:6e:b5:3b:69:19:12:a7:b5:09:73:a8:5a:
fc:2a:b9:66:99:7e:3e:c9:f9:1a:55:de:09:e7:19:
8a:c0:a7:91:29:6b:61:36:34:a1:04:d4:94:62:cf:
df:94:55:e7:4b:da:0d:92:ab:4f:40:8d:8a:ea:00:
af:66:90:4f:35:f7:69:27:fb:cc:e0:2b:27:f0:35:
0d:ab:8f:a9:cb:35:65:fa:dd:d0:d0:ac:52:90:94:
9a:2d:74:77:68:8d:55:f0:da:7a:67:60:a7:d1:65:
df:3f:a5:11:62:b2:3c:69:1e:34:3e:bb:cd:fb:21:
3e:8a:95:27:0b:e2:08:b5:7e:f2:b1:fe:27:86:58:
94:51:6c:be:8b:36:96:69:12:8f:50:27:f3:26:51:
ee:ed:7b:14:c9:f6:71:96:00:97:c5:89:f5:b9:0b:
23:41:a8:ab:4f:53:2a:05:7d:f9:ca:62:32:99:0e:
3e:f0:ab:e7:ce:9b:9e:af:a0:4d:cc:78:ae:49:a0:
86:75:36:df:e7:d9:60:e9:24:23:5a:25:f5:14:33:
f8:27:8d:e9:7d:2d:62:38:d3:32:3d:78:97:c3:31:
af:dc:6d:2d:ca:55:a2:e3:35:88:73:ad:53:93:2e:
78:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:63:2F:68:20:44:DD:C7:F6:61:54:EA:8E:17:3D:50:5A:40:D2:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DFE5B4E49CF11F099FCF2D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
154.209.160.0/19
154.214.64.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:52:ff:a8:ee:29:44:e4:39:c9:c1:fa:a9:dc:0e:03:83:36:
2d:5b:2f:01:04:8a:6f:74:f7:67:ff:c5:65:8a:0e:3c:dd:45:
6e:cc:5e:d3:ae:35:bd:d0:99:9e:48:d7:7f:73:ed:cc:16:f7:
4f:2d:71:2c:6e:ee:b5:a5:a5:ac:97:f3:c2:d3:1d:ff:59:68:
61:2e:f0:b6:c7:08:a7:fc:18:1c:54:7d:cc:0e:72:90:66:54:
88:40:b6:39:e2:b5:f4:48:eb:58:f3:9e:75:e1:a7:91:7c:c1:
c4:8a:ed:12:b3:25:e5:49:81:5c:66:04:00:98:30:64:1a:b0:
d3:f1:a9:c3:b2:00:7f:0d:d0:12:c4:93:5f:b1:b0:7f:5f:90:
bb:3e:17:44:15:fd:92:c7:63:30:46:b0:78:e0:61:83:7c:4e:
a8:3a:9e:3e:87:f3:35:90:bc:cc:b1:aa:b3:c0:9e:d5:01:fd:
fc:f3:d0:51:ba:3f:54:e5:ac:dd:0f:9b:76:0b:2b:26:78:f2:
4b:4a:ea:5d:b1:4e:e7:ee:ef:4a:42:cb:05:c6:a6:86:e3:b5:
bc:4e:21:b2:64:e4:37:89:81:9f:62:3f:3b:00:58:a9:d7:51:
bf:34:73:72:c7:69:e1:9f:62:fc:2f:94:71:a5:d0:5c:63:87:
45:ec:1c:02
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE1MTAwMDE5WhcNMjUwNzE0MTAwMDE5WjAYMRYw
FAYDVQQDEw02ODRlOTliOC1jZTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxU0vKTIgLPgEzYhwELojKmVutTtpGRKntQlzqFr8KrlmmX4+yfkaVd4J
5xmKwKeRKWthNjShBNSUYs/flFXnS9oNkqtPQI2K6gCvZpBPNfdpJ/vM4Csn8DUN
q4+pyzVl+t3Q0KxSkJSaLXR3aI1V8Np6Z2Cn0WXfP6URYrI8aR40PrvN+yE+ipUn
C+IItX7ysf4nhliUUWy+izaWaRKPUCfzJlHu7XsUyfZxlgCXxYn1uQsjQairT1Mq
BX35ymIymQ4+8Kvnzpuer6BNzHiuSaCGdTbf59lg6SQjWiX1FDP4J43pfS1iONMy
PXiXwzGv3G0tylWi4zWIc61Tky54EQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFLlj
L2ggRN3H9mFU6o4XPVBaQNJRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84REZFNUI0RTQ5Q0YxMUYwOTlGQ0YyRDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGmsKAAwQFmtGgAwQGmtZA
AwQGmtdAMA0GCSqGSIb3DQEBCwUAA4IBAQCQUv+o7ilE5DnJwfqp3A4DgzYtWy8B
BIpvdPdn/8Vlig483UVuzF7TrjW90JmeSNd/c+3MFvdPLXEsbu61paWsl/PC0x3/
WWhhLvC2xwin/BgcVH3MDnKQZlSIQLY54rX0SOtY85514aeRfMHEiu0SsyXlSYFc
ZgQAmDBkGrDT8anDsgB/DdASxJNfsbB/X5C7PhdEFf2Sx2MwRrB44GGDfE6oOp4+
h/M1kLzMsaqzwJ7VAf3889BRuj9U5azdD5t2CysmePJLSupdsU7n7u9KQssFxqaG
47W8TiGyZOQ3iYGfYj87AFip11G/NHNyx2nhn2L8L5RxpdBcY4dF7BwC
-----END CERTIFICATE-----
Generated at Fri Jul 4 09:56:00 2025 by rpki-client