Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFB3F4884B6B11F0A99E18CEDAE4EC9C.roa
File: DFB3F4884B6B11F0A99E18CEDAE4EC9C.roa (raw, json)
Hash identifier: N9z+OaThxM47++u3lNADDLXsLOmpjbZ18BBAhViu7/s=
Subject key identifier: 83:BF:51:F6:C4:9A:99:93:FC:AF:C8:98:CB:9B:E5:59:BC:7E:FE:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01870D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFB3F4884B6B11F0A99E18CEDAE4EC9C.roa
Signing time: Tue 17 Jun 2025 11:11:54 +0000
ROA not before: Tue 17 Jun 2025 11:11:45 +0000
ROA not after: Thu 24 Jul 2025 11:11:45 +0000
asID: 138195
IP address blocks: 154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100109 (0x1870d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 11:11:45 2025 GMT
Not After : Jul 24 11:11:45 2025 GMT
Subject: CN=68514d7a-b7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a2:c3:6f:0a:ae:53:d1:0f:0e:82:33:e9:4e:
4e:4f:51:24:b8:8a:59:c2:c7:78:51:37:c6:56:5e:
6b:75:0a:0d:1e:5b:96:1c:0c:1f:6d:bd:8e:5a:2a:
7d:02:7e:3e:c7:3e:3d:08:ea:2d:f6:3c:1d:45:0c:
2d:5a:ab:17:d5:51:28:e3:4e:39:8c:b4:c8:0a:8e:
0e:fc:5d:05:87:85:88:2a:22:da:a1:17:92:3d:d8:
73:36:b1:5b:91:81:ad:4a:1b:b7:25:44:2e:83:35:
9d:1e:09:f9:70:68:ff:b1:78:80:f4:be:17:bb:4d:
44:cd:d4:2c:9f:fa:e7:44:01:95:30:a7:a7:ca:f8:
64:4d:e9:b3:88:5b:aa:71:dc:43:f3:aa:f3:fc:1e:
ce:71:eb:38:1b:cf:75:2b:48:c8:a7:43:d2:9a:c6:
d3:9a:d3:04:9b:5a:10:0a:d3:f9:3f:7e:79:af:f4:
2b:46:41:a9:87:4d:b2:88:5f:30:45:f4:bd:39:c6:
d7:4d:65:65:0c:2e:70:fc:28:3f:d3:dd:8f:fe:0b:
8d:a3:aa:de:52:5f:98:37:f8:a8:e2:3d:3b:a1:5f:
92:2e:9a:e3:c7:bc:7d:20:b8:2c:30:50:39:d9:bf:
1b:05:8c:6c:d1:0b:43:44:c8:fb:ac:7a:c0:00:75:
f8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BF:51:F6:C4:9A:99:93:FC:AF:C8:98:CB:9B:E5:59:BC:7E:FE:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFB3F4884B6B11F0A99E18CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0c:32:21:5f:fc:60:59:bc:d4:8b:65:79:df:7a:cd:12:5a:
57:b8:c9:12:06:d9:80:b5:fa:5b:c5:e9:03:5d:18:7a:13:29:
1b:7a:14:95:0c:bc:b6:f6:b7:31:3e:3d:0b:ce:62:fa:90:e4:
18:ce:17:48:54:a2:e7:cc:b5:00:15:0e:99:01:70:48:63:a3:
f7:1d:90:4a:84:61:32:1f:8c:2b:04:52:d8:bc:4b:ab:4e:ed:
5b:2d:d7:97:75:30:1b:44:61:7a:8a:51:25:71:19:2d:04:85:
e6:c9:1a:64:0f:87:44:70:c1:09:f5:44:fd:f2:de:1d:7d:44:
07:50:da:19:b7:b0:4f:2d:a3:01:a7:75:e2:d8:46:05:1d:51:
0b:77:a0:93:19:49:2e:fd:58:37:14:a5:8b:ae:e3:14:7b:8a:
5d:84:cd:34:22:60:73:78:97:22:bf:b9:f1:8e:b7:b1:28:52:
ac:d4:07:7e:ca:53:66:5e:64:6d:0a:fb:f3:25:06:f7:d7:aa:
4e:9b:ae:33:4f:05:6f:b8:3c:a8:4b:71:c0:75:d2:1d:f6:eb:
9b:16:ac:9b:be:6b:e2:bd:70:db:58:47:dd:df:60:ed:6c:50:
44:20:d2:b4:45:c7:45:e4:1f:ab:eb:1f:05:58:c6:54:6f:85:
aa:bb:75:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYcNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTExMTQ1WhcNMjUwNzI0MTExMTQ1WjAYMRYw
FAYDVQQDEw02ODUxNGQ3YS1iN2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwqLDbwquU9EPDoIz6U5OT1EkuIpZwsd4UTfGVl5rdQoNHluWHAwfbb2O
Wip9An4+xz49COot9jwdRQwtWqsX1VEo4045jLTICo4O/F0Fh4WIKiLaoReSPdhz
NrFbkYGtShu3JUQugzWdHgn5cGj/sXiA9L4Xu01EzdQsn/rnRAGVMKenyvhkTemz
iFuqcdxD86rz/B7Oces4G891K0jIp0PSmsbTmtMEm1oQCtP5P355r/QrRkGph02y
iF8wRfS9OcbXTWVlDC5w/Cg/092P/guNo6reUl+YN/io4j07oV+SLprjx7x9ILgs
MFA52b8bBYxs0QtDRMj7rHrAAHX4CQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIO/
UfbEmpmT/K/ImMub5Vm8fv68MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERkIzRjQ4ODRCNkIxMUYwQTk5RTE4Q0VEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8YMA0GCSqGSIb3DQEB
CwUAA4IBAQB/DDIhX/xgWbzUi2V533rNElpXuMkSBtmAtfpbxekDXRh6EykbehSV
DLy29rcxPj0LzmL6kOQYzhdIVKLnzLUAFQ6ZAXBIY6P3HZBKhGEyH4wrBFLYvEur
Tu1bLdeXdTAbRGF6ilElcRktBIXmyRpkD4dEcMEJ9UT98t4dfUQHUNoZt7BPLaMB
p3Xi2EYFHVELd6CTGUku/Vg3FKWLruMUe4pdhM00ImBzeJciv7nxjrexKFKs1Ad+
ylNmXmRtCvvzJQb316pOm64zTwVvuDyoS3HAddId9uubFqybvmvivXDbWEfd32Dt
bFBEINK0RcdF5B+r6x8FWMZUb4Wqu3UJ
-----END CERTIFICATE-----
Generated at Mon Jun 30 09:47:34 2025 by rpki-client