Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7C8B6BE543B11F0AC3E6DACDAE4EC9C.roa
File: C7C8B6BE543B11F0AC3E6DACDAE4EC9C.roa (raw, json)
Hash identifier: IxM/kCpf8TlINDRIbFoEyXGqx3Q95v3ecw7PyL9rd6o=
Subject key identifier: 68:87:2E:7B:F4:36:5A:CB:B7:D1:3D:27:E6:D6:B8:8F:45:34:13:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018961
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7C8B6BE543B11F0AC3E6DACDAE4EC9C.roa
Signing time: Sat 28 Jun 2025 16:20:18 +0000
ROA not before: Sat 28 Jun 2025 16:20:14 +0000
ROA not after: Sun 03 Aug 2025 16:20:14 +0000
asID: 395793
IP address blocks: 154.200.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100705 (0x18961)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 16:20:14 2025 GMT
Not After : Aug 3 16:20:14 2025 GMT
Subject: CN=68601642-fcdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:78:2a:2c:74:87:e9:21:fc:0c:56:c8:f6:44:
12:1f:1a:57:a8:35:24:cb:6a:ba:b5:b9:75:a5:f4:
e6:35:6d:b1:83:2a:49:51:28:88:20:04:af:61:6b:
7c:b1:55:25:c7:4b:c8:39:e4:0d:cd:a4:4f:8e:8e:
77:ba:9b:4e:a8:96:a3:1a:e0:05:29:31:a0:2f:e9:
28:65:c0:34:b2:9a:8e:48:b5:8f:28:ba:65:4b:41:
f0:88:15:be:a1:49:50:50:3c:84:6f:99:36:04:49:
43:ea:46:39:78:e9:7e:e8:90:f0:de:b1:56:51:0b:
ab:d0:be:42:d3:9f:e4:8d:82:7c:bb:24:b9:fc:0a:
d9:8a:a5:b9:1a:c6:12:8e:0b:10:e4:ca:18:4b:6f:
0f:6c:42:25:7f:db:db:32:3a:7d:b9:29:4c:5d:da:
5a:4c:94:80:09:d5:a1:4a:6f:b7:3c:6b:70:16:f3:
a6:8f:3a:04:f0:97:0d:c9:98:c2:32:df:b4:d9:72:
a2:4a:88:41:17:54:4f:bf:c1:5d:f8:4b:fd:3c:89:
f6:ea:9c:fd:a2:21:63:d9:de:85:e6:74:38:d4:41:
d9:77:3d:4e:b1:fe:26:98:98:7b:88:45:0e:d8:0a:
d9:e1:b3:09:92:0d:76:71:92:f5:fe:9c:ec:43:a6:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:87:2E:7B:F4:36:5A:CB:B7:D1:3D:27:E6:D6:B8:8F:45:34:13:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7C8B6BE543B11F0AC3E6DACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.63.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:77:f1:9e:65:cc:e3:0d:56:fb:f1:0a:76:34:25:ca:a3:fe:
94:8f:8e:48:77:93:b3:6a:d6:62:9b:69:0b:21:5b:29:bd:f2:
65:cc:8d:26:f8:e8:e5:eb:ba:9d:52:94:01:a3:8d:ba:83:17:
70:af:e3:94:16:55:6a:68:8d:93:49:31:67:0e:6e:5b:bb:86:
72:9d:29:14:da:6b:f9:b6:1b:a6:e8:be:e1:98:77:70:1a:95:
b5:48:64:d1:29:f2:9d:8f:26:2d:09:c5:16:69:9f:01:aa:7a:
4d:a8:5b:c2:1e:82:a4:1c:0e:a5:8a:83:81:e1:ed:9f:62:11:
1f:49:7d:77:c0:d3:99:bb:25:89:e2:f6:95:0d:d7:d2:77:36:
83:98:84:4c:ac:7a:21:20:4d:6c:a4:34:c9:35:50:b4:e3:de:
13:34:28:ef:62:d7:6f:c9:87:53:ea:7c:81:0f:ce:19:79:6f:
bd:2d:83:b9:54:38:ff:28:c2:8a:9a:60:c2:28:d4:de:cc:00:
a6:ba:01:f1:6a:e3:e5:1a:63:ff:79:a3:bd:41:9d:d6:4d:87:
b2:d0:bf:b9:75:fd:01:8b:a3:39:8b:7d:56:dc:d7:f0:03:47:
3d:6e:a8:12:c5:57:3f:a6:02:c2:e4:85:87:9c:d7:cf:96:04:
a4:46:12:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYlhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI4MTYyMDE0WhcNMjUwODAzMTYyMDE0WjAYMRYw
FAYDVQQDEw02ODYwMTY0Mi1mY2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxXgqLHSH6SH8DFbI9kQSHxpXqDUky2q6tbl1pfTmNW2xgypJUSiIIASv
YWt8sVUlx0vIOeQNzaRPjo53uptOqJajGuAFKTGgL+koZcA0spqOSLWPKLplS0Hw
iBW+oUlQUDyEb5k2BElD6kY5eOl+6JDw3rFWUQur0L5C05/kjYJ8uyS5/ArZiqW5
GsYSjgsQ5MoYS28PbEIlf9vbMjp9uSlMXdpaTJSACdWhSm+3PGtwFvOmjzoE8JcN
yZjCMt+02XKiSohBF1RPv8Fd+Ev9PIn26pz9oiFj2d6F5nQ41EHZdz1Osf4mmJh7
iEUO2ArZ4bMJkg12cZL1/pzsQ6aH0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGiH
Lnv0NlrLt9E9J+bWuI9FNBPgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DN0M4QjZCRTU0M0IxMUYwQUMzRTZEQUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsg/MA0GCSqGSIb3DQEB
CwUAA4IBAQDCd/GeZczjDVb78Qp2NCXKo/6Uj45Id5OzatZim2kLIVspvfJlzI0m
+Ojl67qdUpQBo426gxdwr+OUFlVqaI2TSTFnDm5bu4ZynSkU2mv5thum6L7hmHdw
GpW1SGTRKfKdjyYtCcUWaZ8BqnpNqFvCHoKkHA6lioOB4e2fYhEfSX13wNOZuyWJ
4vaVDdfSdzaDmIRMrHohIE1spDTJNVC0494TNCjvYtdvyYdT6nyBD84ZeW+9LYO5
VDj/KMKKmmDCKNTezACmugHxauPlGmP/eaO9QZ3WTYey0L+5df0Bi6M5i31W3Nfw
A0c9bqgSxVc/pgLC5IWHnNfPlgSkRhL5
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:11:04 2025 by rpki-client