Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A25C23504C6311F09DF635A9DAE4EC9C.roa
File: A25C23504C6311F09DF635A9DAE4EC9C.roa (raw, json)
Hash identifier: TIsitePyNhSaXOQxXM/HrekeYNOrI9oB9fH+G+wA9xs=
Subject key identifier: 66:94:A2:E6:58:6A:2D:A1:1E:B3:22:FD:92:B2:E9:3F:D2:3E:64:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018765
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A25C23504C6311F09DF635A9DAE4EC9C.roa
Signing time: Wed 18 Jun 2025 16:45:26 +0000
ROA not before: Wed 18 Jun 2025 16:45:20 +0000
ROA not after: Fri 12 Sep 2025 16:45:20 +0000
asID: 398993
IP address blocks: 154.92.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100197 (0x18765)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 18 16:45:20 2025 GMT
Not After : Sep 12 16:45:20 2025 GMT
Subject: CN=6852ed26-aeb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:93:3f:a3:fe:74:b1:35:ea:04:48:df:78:
97:af:71:55:a1:f9:38:bc:49:92:cd:95:18:a6:d7:
ac:ae:bd:83:cc:65:ba:ab:fa:48:b4:84:c2:23:e7:
04:f6:eb:95:5e:7a:64:75:67:07:7e:b9:0b:36:c2:
55:d5:d6:e9:98:21:ed:8c:fc:57:b1:16:2e:cb:c0:
63:8a:fd:bb:f1:69:8b:aa:77:97:dd:d8:e8:d6:29:
f4:46:0e:69:b3:19:a0:98:ff:b6:56:86:64:65:ad:
2f:f6:6f:3b:67:3d:bc:c3:02:81:fc:15:2d:2d:e3:
08:d3:bc:52:b0:97:3c:5a:ad:41:90:93:3a:5a:fd:
57:59:39:b4:b2:2c:8b:e8:61:5d:31:3c:e1:95:c8:
c8:1b:bf:94:34:d9:16:2b:e7:99:01:dc:09:fb:bc:
79:10:84:07:74:d4:98:f4:14:8b:3e:02:ab:02:ad:
94:eb:b2:67:6b:80:33:31:26:e9:98:3a:a9:9e:90:
ed:6c:d1:ef:ae:48:8d:67:52:fd:89:36:ae:9a:e8:
2c:7a:03:7b:1e:21:c1:76:cd:60:6c:eb:f8:5b:b0:
df:4b:66:05:c7:7f:ac:83:e9:53:3e:be:34:52:d7:
c1:86:e6:6e:59:a5:31:c8:6a:f0:ad:cb:62:a8:94:
68:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:94:A2:E6:58:6A:2D:A1:1E:B3:22:FD:92:B2:E9:3F:D2:3E:64:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A25C23504C6311F09DF635A9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.176.0/20
Signature Algorithm: sha256WithRSAEncryption
56:cf:b0:b8:2f:0a:27:bd:7b:05:58:e2:1b:9b:21:27:a5:78:
ab:ba:68:f6:04:0f:4f:3e:6a:0c:58:0b:0c:4e:9e:f0:89:03:
30:03:a4:57:2b:bf:ff:6b:77:c5:21:73:c0:b9:9c:bd:5e:ba:
f7:fd:ba:25:2c:d0:b1:1e:9e:00:0b:cb:49:ef:41:09:a7:b7:
69:68:be:2c:64:2c:8a:c9:b2:f9:ae:50:ef:04:07:f7:43:23:
3a:3a:3d:11:3f:9c:c1:11:d0:80:bf:a7:69:2b:db:53:95:24:
df:9c:6c:72:19:25:49:01:c7:b6:75:86:a7:cd:66:fa:91:b6:
e8:4e:61:5c:c0:dd:32:f8:4b:f0:0c:89:e6:95:65:b3:94:77:
42:66:60:48:d8:d6:85:f7:5f:f2:35:4e:68:84:26:a1:fd:7d:
c9:cf:36:52:a5:bc:dd:b7:be:a2:9a:20:ab:9b:3d:e6:18:48:
c9:65:4f:ce:3a:4c:82:cf:39:9f:39:99:91:fe:59:a5:8a:e6:
65:cc:7b:db:c5:49:8f:d9:a4:66:7c:50:ba:90:89:d6:16:d3:
85:d8:5e:33:1e:f2:b9:11:07:ae:05:ac:97:8c:19:6e:24:2c:
62:11:64:96:28:66:f8:dc:d3:98:c6:5a:89:9f:dc:59:cf:a6:
7e:f0:06:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYdlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE4MTY0NTIwWhcNMjUwOTEyMTY0NTIwWjAYMRYw
FAYDVQQDEw02ODUyZWQyNi1hZWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy+uTP6P+dLE16gRI33iXr3FVofk4vEmSzZUYptesrr2DzGW6q/pItITC
I+cE9uuVXnpkdWcHfrkLNsJV1dbpmCHtjPxXsRYuy8Bjiv278WmLqneX3djo1in0
Rg5psxmgmP+2VoZkZa0v9m87Zz28wwKB/BUtLeMI07xSsJc8Wq1BkJM6Wv1XWTm0
siyL6GFdMTzhlcjIG7+UNNkWK+eZAdwJ+7x5EIQHdNSY9BSLPgKrAq2U67Jna4Az
MSbpmDqpnpDtbNHvrkiNZ1L9iTaumugsegN7HiHBds1gbOv4W7DfS2YFx3+sg+lT
Pr40UtfBhuZuWaUxyGrwrctiqJRovwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGaU
ouZYai2hHrMi/ZKy6T/SPmQWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMjVDMjM1MDRDNjMxMUYwOURGNjM1QTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlywMA0GCSqGSIb3DQEB
CwUAA4IBAQBWz7C4LwonvXsFWOIbmyEnpXirumj2BA9PPmoMWAsMTp7wiQMwA6RX
K7//a3fFIXPAuZy9Xrr3/bolLNCxHp4AC8tJ70EJp7dpaL4sZCyKybL5rlDvBAf3
QyM6Oj0RP5zBEdCAv6dpK9tTlSTfnGxyGSVJAce2dYanzWb6kbboTmFcwN0y+Evw
DInmlWWzlHdCZmBI2NaF91/yNU5ohCah/X3JzzZSpbzdt76imiCrmz3mGEjJZU/O
OkyCzzmfOZmR/lmliuZlzHvbxUmP2aRmfFC6kInWFtOF2F4zHvK5EQeuBayXjBlu
JCxiEWSWKGb43NOYxlqJn9xZz6Z+8AYn
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:08:24 2025 by rpki-client