Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B111C4D8533211F085A4F778DAE4EC9C.roa
File: B111C4D8533211F085A4F778DAE4EC9C.roa (raw, json)
Hash identifier: /yrjG/7hcNVlIEKdaGorobDVPg+UMx8E2RjE8o3sXWU=
Subject key identifier: 21:DE:A1:BE:67:5A:3D:1F:35:EB:35:AC:E0:98:4F:36:FD:5B:01:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018940
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B111C4D8533211F085A4F778DAE4EC9C.roa
Signing time: Fri 27 Jun 2025 08:42:44 +0000
ROA not before: Fri 27 Jun 2025 08:42:38 +0000
ROA not after: Sun 17 Aug 2025 08:42:38 +0000
asID: 21859
IP address blocks: 154.194.56.0/24 maxlen: 24
154.222.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100672 (0x18940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 27 08:42:38 2025 GMT
Not After : Aug 17 08:42:38 2025 GMT
Subject: CN=685e5983-5e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:15:97:ec:f8:1e:b0:c6:18:50:89:b1:c7:15:
cc:57:b4:87:7c:55:0c:e5:c6:63:1e:9e:52:fb:b3:
bc:07:aa:7e:d0:9d:eb:a3:4e:02:f8:d5:82:f0:d7:
38:48:43:61:57:79:0d:13:21:37:ee:af:bb:b4:3d:
29:28:b3:3e:a6:c4:7b:35:80:48:48:b7:6b:9a:3a:
7e:83:4b:0d:97:40:68:ff:6b:97:c9:f1:aa:94:8a:
d8:92:51:7a:b7:3f:1c:42:8d:6f:57:09:43:0b:68:
68:9b:3a:24:65:e4:01:fc:ac:12:f0:c0:e5:96:b2:
e9:a5:f2:99:ab:de:bc:10:94:15:68:cf:98:cc:e0:
eb:2b:a1:c4:10:64:24:4a:7c:a2:4e:a7:c4:a1:0b:
36:33:27:61:4f:48:ce:2f:e4:68:50:44:4c:fd:86:
05:12:a0:8a:53:92:6a:68:09:2b:b7:97:3a:e7:21:
61:08:fe:0c:8a:1a:dd:c4:50:89:9d:1a:f7:ec:40:
43:5d:6e:55:a9:59:54:a1:00:b1:be:a9:f6:a5:36:
8d:25:ad:a2:07:7b:a5:0f:4e:e1:80:b3:64:e7:d3:
57:3d:da:92:32:83:01:e2:02:bd:fd:71:a7:2f:82:
89:1a:27:7e:1f:49:3e:cc:66:17:58:0f:d3:4b:c4:
18:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DE:A1:BE:67:5A:3D:1F:35:EB:35:AC:E0:98:4F:36:FD:5B:01:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B111C4D8533211F085A4F778DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.56.0/24
154.222.87.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:ac:c0:3e:78:85:6c:63:c0:eb:55:6f:68:26:01:fb:7e:be:
39:bb:c8:19:98:7c:7d:72:78:57:19:1d:b9:47:fe:8a:e2:f7:
d1:a9:a8:fb:92:9b:88:fb:b3:39:8b:0b:26:42:5a:fe:d9:a7:
e1:12:f8:b3:68:1b:c2:b5:7e:c2:e3:21:51:a9:f3:46:e9:8f:
67:e9:76:b7:ac:50:06:61:5d:54:fe:79:8d:68:45:1e:4f:d9:
08:8d:a1:04:11:07:17:6e:43:92:01:5a:94:7c:99:ae:17:d3:
81:a7:8b:17:d2:b2:ac:f0:8f:d5:33:f0:dc:15:c2:58:fb:f7:
fe:85:99:c7:a7:c1:29:ab:94:4a:9f:fa:2d:4b:e9:ab:44:56:
ea:55:d4:e1:eb:e4:84:39:99:b8:fa:5f:24:57:da:a0:7f:f1:
7c:f7:6b:f2:28:77:1d:63:61:c9:c7:b7:50:f4:ee:84:5c:0d:
0e:7c:6e:3f:32:d4:48:3b:a5:51:d4:33:b4:69:0b:75:8e:1b:
38:f9:83:c7:29:60:94:41:98:29:75:61:af:ea:40:10:05:65:
75:e5:fa:16:7c:90:ba:3a:00:2d:9d:66:35:e3:c9:3a:2b:a5:
98:87:aa:97:9b:1f:8a:c6:56:25:c3:1b:3f:70:24:d9:2c:32:
13:6a:3f:90
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYlAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI3MDg0MjM4WhcNMjUwODE3MDg0MjM4WjAYMRYw
FAYDVQQDEw02ODVlNTk4My01ZTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuhWX7PgesMYYUImxxxXMV7SHfFUM5cZjHp5S+7O8B6p+0J3ro04C+NWC
8Nc4SENhV3kNEyE37q+7tD0pKLM+psR7NYBISLdrmjp+g0sNl0Bo/2uXyfGqlIrY
klF6tz8cQo1vVwlDC2homzokZeQB/KwS8MDllrLppfKZq968EJQVaM+YzODrK6HE
EGQkSnyiTqfEoQs2MydhT0jOL+RoUERM/YYFEqCKU5JqaAkrt5c65yFhCP4Mihrd
xFCJnRr37EBDXW5VqVlUoQCxvqn2pTaNJa2iB3ulD07hgLNk59NXPdqSMoMB4gK9
/XGnL4KJGid+H0k+zGYXWA/TS8QYPwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCHe
ob5nWj0fNes1rOCYTzb9WwEFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMTExQzREODUzMzIxMUYwODVBNEY3NzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsI4AwQAmt5XMA0GCSqG
SIb3DQEBCwUAA4IBAQBtrMA+eIVsY8DrVW9oJgH7fr45u8gZmHx9cnhXGR25R/6K
4vfRqaj7kpuI+7M5iwsmQlr+2afhEvizaBvCtX7C4yFRqfNG6Y9n6Xa3rFAGYV1U
/nmNaEUeT9kIjaEEEQcXbkOSAVqUfJmuF9OBp4sX0rKs8I/VM/DcFcJY+/f+hZnH
p8Epq5RKn/otS+mrRFbqVdTh6+SEOZm4+l8kV9qgf/F892vyKHcdY2HJx7dQ9O6E
XA0OfG4/MtRIO6VR1DO0aQt1jhs4+YPHKWCUQZgpdWGv6kAQBWV15foWfJC6OgAt
nWY148k6K6WYh6qXmx+KxlYlwxs/cCTZLDITaj+Q
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:35:04 2025 by rpki-client