Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E144BC6C528F11F097F45BD0DAE4EC9C.roa
File: E144BC6C528F11F097F45BD0DAE4EC9C.roa (raw, json)
Hash identifier: SRDg8Jg1c1xgwJGXgVJt+e5xtygpQ6US2OZ+xUME+UA=
Subject key identifier: 73:3A:A5:C5:9B:8A:F9:A5:25:25:D7:26:60:3E:3C:CB:7F:32:26:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01892B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E144BC6C528F11F097F45BD0DAE4EC9C.roa
Signing time: Thu 26 Jun 2025 13:17:16 +0000
ROA not before: Thu 26 Jun 2025 13:17:11 +0000
ROA not after: Fri 26 Dec 2025 13:17:11 +0000
asID: 328608
IP address blocks: 154.91.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100651 (0x1892b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 26 13:17:11 2025 GMT
Not After : Dec 26 13:17:11 2025 GMT
Subject: CN=685d485c-e8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:03:2a:33:ba:f4:33:58:81:66:e8:74:d1:
e6:59:b2:4f:47:37:f6:b2:16:22:82:66:8f:5f:3f:
7c:55:a0:b5:20:9f:a5:32:e1:ad:ea:01:0e:1c:a1:
ae:bd:f8:c3:23:a6:15:6e:11:b3:5f:57:12:dd:fe:
a6:17:f2:c6:b3:6e:ae:61:cd:40:37:cf:93:6d:39:
65:9f:45:84:df:0c:ab:6b:cf:ca:cc:1e:2c:61:93:
08:0c:59:eb:61:e0:ea:2f:6b:d9:c9:9d:5b:93:74:
92:fe:ab:33:7c:ed:1b:51:f0:6d:f1:bf:98:76:18:
e7:41:67:4a:7c:44:33:e9:92:24:c8:81:21:6f:45:
df:a5:f6:eb:4b:9c:d8:01:7f:46:87:33:f6:4b:3a:
ec:47:45:e2:b3:b0:28:17:f6:6a:2f:52:1b:4a:f0:
1e:4d:d7:11:2d:ce:5c:44:61:69:46:a5:95:81:f7:
54:4a:26:2c:27:60:0b:dd:44:6d:c0:15:f4:7d:c9:
f2:1d:9c:fa:1d:6d:1c:8f:01:dc:15:cc:a2:9a:e8:
a7:4e:cf:15:37:1a:3f:a1:40:48:d7:30:fd:f9:91:
89:96:37:3e:ae:0d:a9:25:ff:88:b4:97:52:40:18:
d5:cb:7c:e0:ac:2d:6f:40:ce:b5:64:43:fb:5a:9b:
c0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3A:A5:C5:9B:8A:F9:A5:25:25:D7:26:60:3E:3C:CB:7F:32:26:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E144BC6C528F11F097F45BD0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.172.0/22
Signature Algorithm: sha256WithRSAEncryption
42:0b:2d:39:dd:42:22:4d:aa:59:cf:32:c6:64:01:3c:fa:a7:
61:21:1b:2f:d9:c4:54:3c:b2:b1:8c:a9:88:c4:ad:f6:7c:e1:
d5:35:81:97:b7:d4:a1:14:a8:41:fe:48:77:7d:c7:94:32:65:
78:01:7c:0d:e2:f9:28:05:53:e4:e5:3f:ba:99:f7:50:0e:11:
7c:85:1b:5b:5c:1b:1c:e7:ee:9c:2c:af:27:67:a4:6a:1c:ae:
e9:bd:7d:b4:ba:05:b8:ad:28:66:a9:08:c2:6c:a0:89:a1:c7:
9a:70:92:6d:7c:20:7c:b0:cc:29:0b:dd:03:cc:07:8c:3b:bf:
ec:8b:65:cf:7b:0d:71:dc:73:34:ef:6c:60:d3:72:aa:37:f7:
b8:5e:04:ee:cb:8b:1f:f3:73:00:23:7d:ce:ce:6d:ff:da:da:
76:f3:2e:a0:0e:04:f0:c7:37:b0:44:36:ac:81:8d:bc:f4:11:
09:73:bb:00:aa:9a:c2:72:e8:b3:7f:9b:d2:a0:8c:56:05:b6:
6c:96:0f:fc:50:01:d0:5b:2d:2d:fc:3d:19:f3:ec:fb:46:24:
ca:79:48:68:90:2f:fa:db:3e:d4:b3:d0:22:f2:2f:ee:2e:d0:
f8:87:85:e3:ee:00:34:6a:86:b6:18:00:25:2c:cf:f0:4e:bd:
33:4c:03:2b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYkrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI2MTMxNzExWhcNMjUxMjI2MTMxNzExWjAYMRYw
FAYDVQQDEw02ODVkNDg1Yy1lOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv6cDKjO69DNYgWbodNHmWbJPRzf2shYigmaPXz98VaC1IJ+lMuGt6gEO
HKGuvfjDI6YVbhGzX1cS3f6mF/LGs26uYc1AN8+TbTlln0WE3wyra8/KzB4sYZMI
DFnrYeDqL2vZyZ1bk3SS/qszfO0bUfBt8b+YdhjnQWdKfEQz6ZIkyIEhb0Xfpfbr
S5zYAX9GhzP2SzrsR0Xis7AoF/ZqL1IbSvAeTdcRLc5cRGFpRqWVgfdUSiYsJ2AL
3URtwBX0fcnyHZz6HW0cjwHcFcyimuinTs8VNxo/oUBI1zD9+ZGJljc+rg2pJf+I
tJdSQBjVy3zgrC1vQM61ZEP7WpvA+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHM6
pcWbivmlJSXXJmA+PMt/MiZnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMTQ0QkM2QzUyOEYxMUYwOTdGNDVCRDBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlusMA0GCSqGSIb3DQEB
CwUAA4IBAQBCCy053UIiTapZzzLGZAE8+qdhIRsv2cRUPLKxjKmIxK32fOHVNYGX
t9ShFKhB/kh3fceUMmV4AXwN4vkoBVPk5T+6mfdQDhF8hRtbXBsc5+6cLK8nZ6Rq
HK7pvX20ugW4rShmqQjCbKCJoceacJJtfCB8sMwpC90DzAeMO7/si2XPew1x3HM0
72xg03KqN/e4XgTuy4sf83MAI33Ozm3/2tp28y6gDgTwxzewRDasgY289BEJc7sA
qprCcuizf5vSoIxWBbZslg/8UAHQWy0t/D0Z8+z7RiTKeUhokC/62z7Us9Ai8i/u
LtD4h4Xj7gA0aoa2GAAlLM/wTr0zTAMr
-----END CERTIFICATE-----
Generated at Sun Jun 29 20:08:30 2025 by rpki-client