Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8D0E10A558211F0B274BB84DAE4EC9C.roa
File: D8D0E10A558211F0B274BB84DAE4EC9C.roa (raw, json)
Hash identifier: /+tVM4vNqfVug/xtQnRLGBsLwliUlt3GuRfPg+Xg/Dc=
Subject key identifier: D2:9C:9F:DE:91:E0:0F:4D:24:A1:D8:0A:89:50:B6:A8:C1:63:1E:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018979
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8D0E10A558211F0B274BB84DAE4EC9C.roa
Signing time: Mon 30 Jun 2025 07:21:32 +0000
ROA not before: Mon 30 Jun 2025 07:21:28 +0000
ROA not after: Fri 04 Jul 2025 07:21:28 +0000
asID: 399989
IP address blocks: 154.194.16.0/22 maxlen: 24
154.194.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 07:21:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100729 (0x18979)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 30 07:21:28 2025 GMT
Not After : Jul 4 07:21:28 2025 GMT
Subject: CN=68623afc-e179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:63:36:79:a0:dc:3c:33:72:68:ea:6f:c4:93:
34:48:dd:64:60:58:84:44:fe:e6:f1:8e:37:aa:47:
28:1b:97:ac:2a:9f:e5:17:ba:73:f2:ec:a3:80:6f:
9e:ac:af:89:a4:20:1b:60:54:4b:13:23:5c:e6:e4:
f0:29:3a:30:68:21:1a:77:0d:0b:f6:44:14:b7:01:
f1:9e:ff:c8:dc:c3:a3:8c:f9:e6:70:41:0c:57:d4:
5c:45:b3:c9:d8:aa:5c:a9:af:35:33:23:90:d8:81:
0f:cd:0d:b3:a1:c4:f2:8f:fe:d1:f7:41:b4:d1:88:
aa:d6:6b:e8:5d:ea:1a:af:5b:20:7e:c4:3b:bc:14:
b3:81:2e:ea:b7:1d:5f:8d:2c:1a:fe:6d:aa:89:d7:
58:f6:26:3e:34:97:b9:bd:a6:a4:64:24:4b:23:fc:
80:84:09:ba:99:62:8e:93:04:17:49:a2:8a:21:24:
0b:50:6f:31:ba:ac:7b:42:4d:c7:79:fb:91:a6:90:
3b:ac:b2:a3:71:66:9a:41:29:d3:3d:43:39:d6:83:
64:86:00:1f:83:ee:5a:12:5f:01:6f:f6:83:54:02:
ec:d3:49:bc:9a:a8:c8:4d:e2:ca:ed:ac:96:2e:e0:
db:11:2c:a5:52:d7:06:8c:e6:84:8d:cd:64:40:4c:
a4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9C:9F:DE:91:E0:0F:4D:24:A1:D8:0A:89:50:B6:A8:C1:63:1E:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8D0E10A558211F0B274BB84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
154.194.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:e6:ef:c7:e1:ba:46:a3:71:8e:38:96:a8:a9:b1:d0:de:bb:
b1:5f:64:af:54:c8:61:84:89:78:70:14:95:c5:7e:25:c3:8f:
44:6c:0c:0e:24:3a:fc:45:9d:07:ab:af:4e:ad:17:c1:3b:9d:
ec:de:08:f1:60:66:a5:a3:ae:80:2e:4d:28:be:ce:ad:6d:37:
c5:68:55:5d:f0:8f:ae:6d:fe:d1:2c:8a:58:c7:35:ad:11:49:
e4:38:24:d1:3d:4c:d7:bb:e5:03:fc:63:5b:b1:a9:e5:da:59:
0a:ea:f0:65:5a:59:44:2b:69:ff:b7:b4:01:50:eb:b9:5d:10:
b2:99:07:bb:ea:e2:5c:d5:71:09:b9:ca:dd:05:8c:35:cd:62:
02:fa:da:5e:c1:68:05:3c:79:0b:aa:dc:ed:4e:ea:da:19:f8:
36:4f:2b:3c:17:70:03:89:22:ce:5c:4d:8f:54:18:2c:2f:9f:
5a:97:94:68:76:6b:be:fa:de:fa:3d:76:85:b1:dd:00:de:a6:
54:c2:b7:20:4c:1f:82:cd:3e:36:de:ac:5f:7a:af:b5:10:ae:
51:d0:d1:d2:01:53:1f:fa:ef:01:e6:ec:50:2b:0c:f0:78:b7:
31:84:dc:4a:5b:82:ba:41:fd:3e:1b:41:3a:3c:2e:e1:0e:19:
a1:6c:df:27
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYl5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjMwMDcyMTI4WhcNMjUwNzA0MDcyMTI4WjAYMRYw
FAYDVQQDEw02ODYyM2FmYy1lMTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9mM2eaDcPDNyaOpvxJM0SN1kYFiERP7m8Y43qkcoG5esKp/lF7pz8uyj
gG+erK+JpCAbYFRLEyNc5uTwKTowaCEadw0L9kQUtwHxnv/I3MOjjPnmcEEMV9Rc
RbPJ2Kpcqa81MyOQ2IEPzQ2zocTyj/7R90G00Yiq1mvoXeoar1sgfsQ7vBSzgS7q
tx1fjSwa/m2qiddY9iY+NJe5vaakZCRLI/yAhAm6mWKOkwQXSaKKISQLUG8xuqx7
Qk3HefuRppA7rLKjcWaaQSnTPUM51oNkhgAfg+5aEl8Bb/aDVALs00m8mqjITeLK
7ayWLuDbESylUtcGjOaEjc1kQEykfQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNKc
n96R4A9NJKHYColQtqjBYx6pMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOEQwRTEwQTU1ODIxMUYwQjI3NEJCODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIQAwQCmsIYMA0GCSqG
SIb3DQEBCwUAA4IBAQCm5u/H4bpGo3GOOJaoqbHQ3ruxX2SvVMhhhIl4cBSVxX4l
w49EbAwOJDr8RZ0Hq69OrRfBO53s3gjxYGalo66ALk0ovs6tbTfFaFVd8I+ubf7R
LIpYxzWtEUnkOCTRPUzXu+UD/GNbsanl2lkK6vBlWllEK2n/t7QBUOu5XRCymQe7
6uJc1XEJucrdBYw1zWIC+tpewWgFPHkLqtztTuraGfg2Tys8F3ADiSLOXE2PVBgs
L59al5Rodmu++t76PXaFsd0A3qZUwrcgTB+CzT423qxfeq+1EK5R0NHSAVMf+u8B
5uxQKwzweLcxhNxKW4K6Qf0+G0E6PC7hDhmhbN8n
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:26:50 2025 by rpki-client