Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF42197449DE11F088022FB9DAE4EC9C.roa
File: CF42197449DE11F088022FB9DAE4EC9C.roa (raw, json)
Hash identifier: 7BM81JVFn9bEJ1/mX7pa/eOHsbH5ZVPi4QQjk2ZQjJc=
Subject key identifier: D0:55:2C:52:58:FC:57:03:DE:6C:19:16:D2:DB:F9:CA:95:D0:E3:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0186CD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF42197449DE11F088022FB9DAE4EC9C.roa
Signing time: Sun 15 Jun 2025 11:49:36 +0000
ROA not before: Sun 15 Jun 2025 11:49:31 +0000
ROA not after: Fri 25 Jul 2025 11:49:31 +0000
asID: 401615
IP address blocks: 154.85.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100045 (0x186cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 15 11:49:31 2025 GMT
Not After : Jul 25 11:49:31 2025 GMT
Subject: CN=684eb350-9acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:fe:1c:82:b7:ca:5e:a4:68:9f:7f:c9:03:
52:c3:d4:a0:4b:55:02:1e:cd:2b:bb:64:da:5a:0b:
78:27:8d:2c:b4:14:29:27:20:91:c4:d2:b5:37:20:
bd:b9:db:ea:8b:60:e9:04:cd:02:16:31:b4:02:44:
f8:ff:92:27:33:d1:87:ec:45:fb:5d:a0:90:57:d5:
e9:cb:a1:d5:c2:24:9a:f7:b7:0e:90:dd:ec:cf:8d:
e1:3e:9e:2b:a5:24:ef:be:c2:83:dd:b5:c6:54:bc:
a2:f6:a4:a2:1b:9d:5b:88:4a:c2:b6:7f:08:f3:12:
e2:8d:2a:e5:09:1e:63:cf:84:56:9f:97:22:d9:cc:
ef:e5:3c:85:06:bf:ba:28:01:9b:f9:a8:c0:95:a8:
28:37:3d:70:a3:b3:d6:c7:0f:a2:7e:d9:ec:1c:08:
57:4c:53:96:8f:5b:cf:da:62:7b:7d:c1:aa:1f:6d:
ff:bc:db:41:a9:8c:57:82:ed:46:64:dc:7f:0b:05:
22:e3:5b:93:19:46:97:f3:f7:b8:03:37:6f:2c:9a:
9c:ed:78:96:04:b5:fa:19:73:67:ef:8e:5e:4d:08:
9b:11:10:98:15:05:05:9d:1d:c5:c1:b9:be:75:c9:
a4:1c:9e:da:1a:cc:e2:22:f9:dc:75:d2:7c:7e:58:
42:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:55:2C:52:58:FC:57:03:DE:6C:19:16:D2:DB:F9:CA:95:D0:E3:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF42197449DE11F088022FB9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.20.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:eb:03:88:61:f5:54:02:5d:19:20:2c:45:a7:6c:4d:b5:f6:
9d:04:da:53:fc:e1:a8:67:d8:c9:d8:67:1a:0a:f5:d3:58:54:
3c:cf:a3:63:58:93:66:74:0c:97:e0:ff:7a:55:4b:9a:ed:34:
b6:b5:4e:46:85:35:09:93:0e:c0:cb:fa:6c:97:b5:e8:ec:25:
dc:4e:ff:39:16:e1:47:74:18:34:8f:02:8c:f5:89:f4:5e:e9:
e8:3c:3d:f3:58:15:a3:ab:cc:b1:be:08:ca:4c:f3:52:94:23:
71:0c:53:5f:96:67:31:36:e8:1d:f0:d7:7b:3a:4a:34:81:8a:
6c:45:cb:96:e8:bc:59:85:bf:89:d8:cf:60:95:20:48:9f:dc:
13:d7:8e:b9:9e:4f:86:e7:bd:65:1c:ea:11:ff:7d:1c:27:dc:
a7:9b:7f:e4:1a:7a:05:fa:d2:4a:13:56:4c:74:39:77:42:8a:
f3:a1:30:c0:95:02:8e:dd:28:39:e7:10:7e:47:a7:e0:a6:a2:
2c:36:7b:c2:44:9b:86:15:69:22:20:8b:85:92:7f:19:33:6c:
1f:0e:af:49:f4:cf:74:c9:2a:e2:d8:68:9c:9e:29:df:b9:01:
4b:fc:fb:2b:5e:32:a7:25:5e:67:38:96:27:e9:0b:3b:27:f9:
5c:64:cc:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYbNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE1MTE0OTMxWhcNMjUwNzI1MTE0OTMxWjAYMRYw
FAYDVQQDEw02ODRlYjM1MC05YWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo37+HIK3yl6kaJ9/yQNSw9SgS1UCHs0ru2TaWgt4J40stBQpJyCRxNK1
NyC9udvqi2DpBM0CFjG0AkT4/5InM9GH7EX7XaCQV9Xpy6HVwiSa97cOkN3sz43h
Pp4rpSTvvsKD3bXGVLyi9qSiG51biErCtn8I8xLijSrlCR5jz4RWn5ci2czv5TyF
Br+6KAGb+ajAlagoNz1wo7PWxw+iftnsHAhXTFOWj1vP2mJ7fcGqH23/vNtBqYxX
gu1GZNx/CwUi41uTGUaX8/e4AzdvLJqc7XiWBLX6GXNn745eTQibERCYFQUFnR3F
wbm+dcmkHJ7aGsziIvncddJ8flhCdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNBV
LFJY/FcD3mwZFtLb+cqV0OMeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjQyMTk3NDQ5REUxMUYwODgwMjJGQjlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUUMA0GCSqGSIb3DQEB
CwUAA4IBAQAK6wOIYfVUAl0ZICxFp2xNtfadBNpT/OGoZ9jJ2GcaCvXTWFQ8z6Nj
WJNmdAyX4P96VUua7TS2tU5GhTUJkw7Ay/psl7Xo7CXcTv85FuFHdBg0jwKM9Yn0
XunoPD3zWBWjq8yxvgjKTPNSlCNxDFNflmcxNugd8Nd7Oko0gYpsRcuW6LxZhb+J
2M9glSBIn9wT1465nk+G571lHOoR/30cJ9ynm3/kGnoF+tJKE1ZMdDl3QorzoTDA
lQKO3Sg55xB+R6fgpqIsNnvCRJuGFWkiIIuFkn8ZM2wfDq9J9M90ySri2Gicninf
uQFL/PsrXjKnJV5nOJYn6Qs7J/lcZMxY
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:12:01 2025 by rpki-client