Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9408746510C11F0AD203779DAE4EC9C.roa
File: D9408746510C11F0AD203779DAE4EC9C.roa (raw, json)
Hash identifier: GpAO3MwkiW4kKrSnF2gyRGLaY7twDG0jpaAucjaZUDg=
Subject key identifier: 4A:99:F3:F6:C3:7F:12:25:5F:65:B5:9B:20:7C:9F:48:B4:50:D9:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018876
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9408746510C11F0AD203779DAE4EC9C.roa
Signing time: Tue 24 Jun 2025 15:06:48 +0000
ROA not before: Tue 24 Jun 2025 15:06:43 +0000
ROA not after: Tue 05 Aug 2025 15:06:43 +0000
asID: 202656
IP address blocks: 154.222.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100470 (0x18876)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 24 15:06:43 2025 GMT
Not After : Aug 5 15:06:43 2025 GMT
Subject: CN=685abf08-7fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c4:d2:d4:0e:b5:bc:7d:24:cb:d5:c8:83:de:
b6:3a:91:39:93:34:92:b7:b9:67:18:4f:82:38:f0:
93:39:28:47:4b:52:c1:0c:08:3b:b4:9e:a9:06:0b:
d6:7d:e9:f4:3a:37:28:c0:44:42:0b:7d:39:65:f2:
98:0c:42:f6:9e:20:a1:95:f0:e1:22:f1:a6:56:37:
c1:9e:e6:e6:b5:bf:a2:bd:fa:60:69:61:7a:68:e9:
dc:d6:f4:41:09:83:43:39:1b:7b:32:0b:76:3d:b6:
87:80:0e:04:b5:e9:84:fc:8c:4f:33:33:fe:6d:57:
2e:af:f3:5a:03:41:d6:b7:f4:59:81:96:56:00:92:
1b:1b:87:4e:be:8d:65:96:55:9c:25:ed:03:89:3d:
5d:3e:20:25:11:cc:d5:b4:05:79:5c:80:ad:ba:02:
c7:91:05:d2:c5:09:70:d5:c5:48:03:83:0c:a7:fc:
79:cc:fc:0e:32:0a:64:a4:58:be:10:43:40:8a:3d:
86:c5:2f:c4:63:cd:03:8e:da:e8:17:8f:7f:9b:07:
f7:2b:35:1e:75:4c:4e:df:f0:0a:2a:0d:a8:b7:e1:
d3:f1:33:da:8e:a0:17:fc:4b:20:bc:ec:fe:5e:dc:
f7:95:26:b2:73:a4:d5:3e:cb:f6:99:81:fd:1d:b2:
e0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:99:F3:F6:C3:7F:12:25:5F:65:B5:9B:20:7C:9F:48:B4:50:D9:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9408746510C11F0AD203779DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.206.0/24
Signature Algorithm: sha256WithRSAEncryption
77:37:d9:c8:8c:c7:a5:11:78:d2:3b:4f:df:10:18:9f:b3:7a:
3f:b1:c1:f2:2d:a2:04:11:08:b6:20:85:43:f8:ad:28:cb:5d:
36:d1:bc:a4:3e:22:25:32:af:a1:e4:dd:14:49:d1:c9:e1:c0:
15:7a:94:bc:87:bb:6f:c8:fe:74:c5:b4:95:15:be:fe:89:40:
d5:fe:ed:62:4d:e5:99:98:4b:84:9e:c3:db:b8:9d:7d:05:69:
02:1a:ce:c9:24:38:f3:d3:12:7d:9d:69:66:6b:56:b6:1e:27:
f9:fa:74:e0:7c:22:ee:d0:2e:b0:3d:d3:78:a7:e4:95:5b:57:
3e:a1:ff:a2:c5:0e:54:f3:c0:ef:9f:29:45:0e:36:5f:2b:ac:
0d:19:a8:26:a4:1a:46:9e:03:75:05:f1:e8:61:30:f1:44:21:
ef:68:dd:e1:95:ee:4e:1d:87:84:fd:93:94:fd:70:05:fb:e4:
b2:3f:f9:6e:ca:a9:9a:15:d5:0a:e1:32:d9:28:6f:08:3e:c7:
53:bb:20:0b:c6:49:8f:bd:b8:42:c3:b0:cf:ef:5f:c2:43:52:
c1:f6:55:44:2f:ff:5e:2b:0e:42:49:75:ea:96:c7:a7:e3:60:
55:29:5d:85:76:2d:0f:e8:b0:af:ae:d9:cc:8b:77:9c:47:8f:
95:3d:d4:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYh2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI0MTUwNjQzWhcNMjUwODA1MTUwNjQzWjAYMRYw
FAYDVQQDEw02ODVhYmYwOC03ZmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqcTS1A61vH0ky9XIg962OpE5kzSSt7lnGE+COPCTOShHS1LBDAg7tJ6p
BgvWfen0OjcowERCC305ZfKYDEL2niChlfDhIvGmVjfBnubmtb+ivfpgaWF6aOnc
1vRBCYNDORt7Mgt2PbaHgA4EtemE/IxPMzP+bVcur/NaA0HWt/RZgZZWAJIbG4dO
vo1lllWcJe0DiT1dPiAlEczVtAV5XICtugLHkQXSxQlw1cVIA4MMp/x5zPwOMgpk
pFi+EENAij2GxS/EY80DjtroF49/mwf3KzUedUxO3/AKKg2ot+HT8TPajqAX/Esg
vOz+Xtz3lSayc6TVPsv2mYH9HbLgAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEqZ
8/bDfxIlX2W1myB8n0i0UNk+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTQwODc0NjUxMEMxMUYwQUQyMDM3NzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7OMA0GCSqGSIb3DQEB
CwUAA4IBAQB3N9nIjMelEXjSO0/fEBifs3o/scHyLaIEEQi2IIVD+K0oy1020byk
PiIlMq+h5N0USdHJ4cAVepS8h7tvyP50xbSVFb7+iUDV/u1iTeWZmEuEnsPbuJ19
BWkCGs7JJDjz0xJ9nWlma1a2Hif5+nTgfCLu0C6wPdN4p+SVW1c+of+ixQ5U88Dv
nylFDjZfK6wNGagmpBpGngN1BfHoYTDxRCHvaN3hle5OHYeE/ZOU/XAF++SyP/lu
yqmaFdUK4TLZKG8IPsdTuyALxkmPvbhCw7DP71/CQ1LB9lVEL/9eKw5CSXXqlsen
42BVKV2Fdi0P6LCvrtnMi3ecR4+VPdRL
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:32:04 2025 by rpki-client