Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DAD18666483611F0AF5C34F6DAE4EC9C.roa
File: DAD18666483611F0AF5C34F6DAE4EC9C.roa (raw, json)
Hash identifier: u96tNIAp8oi3pstXSvaF6uhvW/vlyllIdb5NKc8kccM=
Subject key identifier: 24:7B:90:13:2F:81:79:55:58:F1:B0:6C:B1:26:F0:41:E7:03:93:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01865A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DAD18666483611F0AF5C34F6DAE4EC9C.roa
Signing time: Fri 13 Jun 2025 09:14:50 +0000
ROA not before: Fri 13 Jun 2025 09:14:44 +0000
ROA not after: Thu 17 Jul 2025 09:14:44 +0000
asID: 209242
IP address blocks: 154.197.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99930 (0x1865a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 13 09:14:44 2025 GMT
Not After : Jul 17 09:14:44 2025 GMT
Subject: CN=684bec0a-949d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0b:07:e1:21:5f:da:47:9f:41:eb:47:a4:ea:
ac:c5:6a:fe:d3:41:dd:7b:68:3d:9f:5f:3b:fe:2c:
c0:6b:96:61:b1:6a:8c:34:a1:f8:0d:31:55:27:d8:
cd:54:3d:73:7a:83:21:e1:55:74:6e:97:db:e0:12:
70:88:b3:cf:a2:13:9f:63:8d:21:f3:7d:a0:ca:53:
69:73:f0:54:ed:61:25:bd:85:8f:62:af:89:da:2f:
4e:2b:9e:19:ab:a6:40:9b:c9:60:75:2b:32:70:3b:
4a:21:7c:b1:00:25:0f:8c:68:d1:17:b4:44:72:5c:
19:98:fe:61:eb:0a:2e:df:32:d3:6d:f7:b9:8c:35:
42:82:2e:f9:58:d5:3e:a8:be:e2:03:50:4a:f8:09:
75:db:42:f5:66:b8:9d:00:6d:37:a8:78:22:48:31:
dc:1f:f7:c6:eb:53:1d:59:3f:a7:04:d6:5f:9f:cb:
4e:77:a6:90:bc:1b:36:8b:79:9c:76:51:7a:9d:ca:
f2:52:a2:01:fb:30:9c:ea:0d:e3:d3:bd:a5:53:2e:
db:40:27:c2:ba:78:65:64:88:87:50:27:a1:5e:63:
81:63:f1:66:60:d9:f8:a7:33:f4:5f:e3:a3:bc:84:
f6:28:85:19:5e:f5:ec:1b:70:35:9d:65:bf:73:c0:
48:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7B:90:13:2F:81:79:55:58:F1:B0:6C:B1:26:F0:41:E7:03:93:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DAD18666483611F0AF5C34F6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.75.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f2:cd:50:e6:5d:83:f7:ef:d5:7d:0e:8e:0b:ca:3d:0b:59:
ee:20:18:31:98:23:d2:81:f6:66:7b:47:5b:b1:86:f9:a8:e4:
80:20:17:51:b3:9f:92:51:8f:31:50:85:ac:00:3c:24:82:cf:
27:bc:f6:35:ea:d3:4f:1c:94:a0:21:b8:7c:48:fe:6e:0b:7d:
bb:2b:75:06:7b:82:bd:b6:84:1d:ac:84:86:af:eb:57:22:c8:
f3:04:32:60:35:20:72:f4:9f:91:cd:6c:9b:36:1e:93:ac:1b:
4b:cb:6e:f1:9a:28:87:6f:68:20:57:97:3a:0e:b3:f8:59:77:
c9:4e:6b:71:d5:e7:b9:9d:39:89:9a:48:42:e5:48:72:45:a6:
ed:3d:60:da:0c:8d:f1:62:91:25:af:1b:b0:e8:c8:06:ed:13:
10:8c:7d:08:e2:89:3e:c9:1b:ec:18:b0:07:6b:a1:35:18:c4:
f2:0d:87:2d:25:b8:f9:ed:89:47:b6:db:9d:3b:e0:a1:00:a3:
56:4c:09:04:09:6f:88:16:fd:e5:15:6e:82:50:72:ab:b2:e2:
31:3a:53:a8:b1:b8:a6:5a:e3:68:fb:56:c0:d2:9b:75:fb:d2:
81:ef:28:7f:39:fe:48:57:00:b5:a5:33:ca:07:b6:f2:a0:3d:
37:f3:7c:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYZaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEzMDkxNDQ0WhcNMjUwNzE3MDkxNDQ0WjAYMRYw
FAYDVQQDEw02ODRiZWMwYS05NDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2QsH4SFf2kefQetHpOqsxWr+00Hde2g9n187/izAa5ZhsWqMNKH4DTFV
J9jNVD1zeoMh4VV0bpfb4BJwiLPPohOfY40h832gylNpc/BU7WElvYWPYq+J2i9O
K54Zq6ZAm8lgdSsycDtKIXyxACUPjGjRF7REclwZmP5h6wou3zLTbfe5jDVCgi75
WNU+qL7iA1BK+Al120L1ZridAG03qHgiSDHcH/fG61MdWT+nBNZfn8tOd6aQvBs2
i3mcdlF6ncryUqIB+zCc6g3j072lUy7bQCfCunhlZIiHUCehXmOBY/FmYNn4pzP0
X+OjvIT2KIUZXvXsG3A1nWW/c8BISQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCR7
kBMvgXlVWPGwbLEm8EHnA5NpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQUQxODY2NjQ4MzYxMUYwQUY1QzM0RjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVLMA0GCSqGSIb3DQEB
CwUAA4IBAQBH8s1Q5l2D9+/VfQ6OC8o9C1nuIBgxmCPSgfZme0dbsYb5qOSAIBdR
s5+SUY8xUIWsADwkgs8nvPY16tNPHJSgIbh8SP5uC327K3UGe4K9toQdrISGr+tX
IsjzBDJgNSBy9J+RzWybNh6TrBtLy27xmiiHb2ggV5c6DrP4WXfJTmtx1ee5nTmJ
mkhC5UhyRabtPWDaDI3xYpElrxuw6MgG7RMQjH0I4ok+yRvsGLAHa6E1GMTyDYct
Jbj57YlHttudO+ChAKNWTAkECW+IFv3lFW6CUHKrsuIxOlOosbimWuNo+1bA0pt1
+9KB7yh/Of5IVwC1pTPKB7byoD0383zD
-----END CERTIFICATE-----
Generated at Mon Jun 30 09:55:44 2025 by rpki-client