Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D691F7FC572C11F09D05D7D4DAE4EC9C.roa
File: D691F7FC572C11F09D05D7D4DAE4EC9C.roa (raw, json)
Hash identifier: 50DwL/Lq5QQULXJwTzPpGY96MHAmPoGETPKoEhCOGYI=
Subject key identifier: DD:73:78:80:29:D6:7C:94:A2:40:8B:EC:1D:9A:D4:B3:17:F2:A2:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189B0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D691F7FC572C11F09D05D7D4DAE4EC9C.roa
Signing time: Wed 02 Jul 2025 10:10:54 +0000
ROA not before: Wed 02 Jul 2025 10:10:49 +0000
ROA not after: Wed 06 Aug 2025 10:10:49 +0000
asID: 20326
IP address blocks: 154.84.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100784 (0x189b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 2 10:10:49 2025 GMT
Not After : Aug 6 10:10:49 2025 GMT
Subject: CN=686505ae-3c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7f:91:51:7e:42:c9:f5:32:5d:42:63:eb:1f:
0f:74:de:95:d3:cd:11:f0:f7:91:7d:5a:ba:07:06:
8d:18:a2:ee:e5:d8:80:da:e7:3f:0b:84:33:6a:5a:
d8:bc:22:02:4e:4b:c0:e8:98:8c:2d:6f:c7:ec:fb:
41:4e:b5:ca:12:8e:53:9f:5f:1e:91:34:31:b9:cf:
0b:06:ff:ce:00:e9:3e:9a:7e:96:c0:69:61:d0:2b:
f3:97:3a:64:b6:d6:9b:8a:ce:0e:a3:40:28:f4:d3:
1a:d2:d3:59:26:0a:d2:84:be:94:12:08:2b:65:6c:
9b:f3:12:21:00:18:2c:61:d3:55:cb:8c:e9:f3:ef:
0e:3e:bf:09:3d:04:4a:7f:cc:f4:26:24:57:a5:e5:
ad:15:11:15:f6:29:9c:8b:2e:41:6d:fa:ac:7e:d2:
99:4f:f4:16:46:ce:76:9d:5d:9e:dd:b0:fd:9b:cf:
5c:de:2b:af:fd:1d:d9:4c:51:3a:66:85:7f:ac:eb:
f2:91:43:b9:e1:38:92:1e:07:6c:bc:36:a6:c2:2c:
1a:9c:43:ce:87:6a:5e:07:2f:43:38:0a:72:21:91:
42:23:80:42:f0:96:7f:13:ba:6e:49:1d:51:30:a3:
e1:5e:35:97:4f:89:ba:f5:3a:f0:ae:3d:4c:d4:57:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:73:78:80:29:D6:7C:94:A2:40:8B:EC:1D:9A:D4:B3:17:F2:A2:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D691F7FC572C11F09D05D7D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.188.0/23
Signature Algorithm: sha256WithRSAEncryption
66:c6:fb:13:1f:79:97:e7:4c:0a:01:d9:38:bf:5a:f7:8d:b8:
7d:76:64:3b:13:a8:16:fc:18:37:83:4f:d7:b4:8c:6c:ea:9f:
57:06:a4:23:75:7b:ec:e4:c1:e0:62:92:45:2f:82:44:96:4d:
4d:24:a6:53:98:e9:03:35:5a:7d:df:18:f5:a8:f8:35:3c:54:
d2:08:22:88:b3:78:67:f5:fb:21:18:8e:4c:6d:b6:6d:69:04:
dc:95:22:a4:79:f4:3c:0a:a0:a4:6b:ac:3c:bf:ef:57:13:db:
3e:d2:83:41:28:6c:37:ca:5c:10:0b:eb:0b:8e:82:33:10:c8:
71:4c:4d:19:0b:5d:10:72:bf:d1:57:8d:b3:54:e7:28:db:55:
e5:0c:d4:59:41:d6:ed:0c:0c:4f:aa:ca:c8:e0:73:b2:2a:29:
07:48:ae:c7:a8:aa:b8:84:73:71:8a:ac:75:25:a8:64:47:47:
ae:96:2a:a7:8c:7e:e9:ac:6a:ad:03:94:bc:b7:6a:05:c1:63:
72:c3:08:d9:3b:1b:10:3a:93:a1:02:88:a8:25:2a:40:30:2d:
c6:c3:98:4f:b1:5f:a3:4c:3e:2b:76:a9:ad:65:93:5d:f7:89:
09:af:65:10:2e:90:8c:07:c8:fe:37:b7:77:a0:3d:1d:c0:c5:
9d:4d:d1:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYmwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAyMTAxMDQ5WhcNMjUwODA2MTAxMDQ5WjAYMRYw
FAYDVQQDEw02ODY1MDVhZS0zYzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3n+RUX5CyfUyXUJj6x8PdN6V080R8PeRfVq6BwaNGKLu5diA2uc/C4Qz
alrYvCICTkvA6JiMLW/H7PtBTrXKEo5Tn18ekTQxuc8LBv/OAOk+mn6WwGlh0Cvz
lzpkttabis4Oo0Ao9NMa0tNZJgrShL6UEggrZWyb8xIhABgsYdNVy4zp8+8OPr8J
PQRKf8z0JiRXpeWtFREV9imciy5BbfqsftKZT/QWRs52nV2e3bD9m89c3iuv/R3Z
TFE6ZoV/rOvykUO54TiSHgdsvDamwiwanEPOh2peBy9DOApyIZFCI4BC8JZ/E7pu
SR1RMKPhXjWXT4m69Trwrj1M1FdoGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN1z
eIAp1nyUokCL7B2a1LMX8qKmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjkxRjdGQzU3MkMxMUYwOUQwNUQ3RDREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlS8MA0GCSqGSIb3DQEB
CwUAA4IBAQBmxvsTH3mX50wKAdk4v1r3jbh9dmQ7E6gW/Bg3g0/XtIxs6p9XBqQj
dXvs5MHgYpJFL4JElk1NJKZTmOkDNVp93xj1qPg1PFTSCCKIs3hn9fshGI5MbbZt
aQTclSKkefQ8CqCka6w8v+9XE9s+0oNBKGw3ylwQC+sLjoIzEMhxTE0ZC10Qcr/R
V42zVOco21XlDNRZQdbtDAxPqsrI4HOyKikHSK7HqKq4hHNxiqx1JahkR0euliqn
jH7prGqtA5S8t2oFwWNywwjZOxsQOpOhAoioJSpAMC3Gw5hPsV+jTD4rdqmtZZNd
94kJr2UQLpCMB8j+N7d3oD0dwMWdTdFJ
-----END CERTIFICATE-----
Generated at Fri Jul 4 10:04:15 2025 by rpki-client