Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA44D36443AE11F0ADDA57E9DAE4EC9C.roa
File: EA44D36443AE11F0ADDA57E9DAE4EC9C.roa (raw, json)
Hash identifier: S1YWa4MVChUnvDlHMp62xFhycNv4Uoz386mynz0qth8=
Subject key identifier: 8D:30:6F:CE:51:FA:E7:66:1E:0E:89:73:6B:F8:58:F9:3C:04:F4:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01857A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA44D36443AE11F0ADDA57E9DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 14:51:39 +0000
ROA not before: Sat 07 Jun 2025 14:51:34 +0000
ROA not after: Wed 16 Jul 2025 14:51:34 +0000
asID: 40779
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 01:13:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99706 (0x1857a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 14:51:34 2025 GMT
Not After : Jul 16 14:51:34 2025 GMT
Subject: CN=684451fa-cdfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:3c:1f:f3:dd:b7:08:90:7a:40:92:73:cc:59:
1a:92:df:d5:99:94:c6:3d:10:ad:5a:55:b6:ab:50:
5e:b1:b0:40:c4:71:ba:a5:96:83:e7:d1:e4:d9:4c:
43:ea:28:6d:19:0b:87:01:37:ea:6a:49:53:3c:e2:
89:0a:da:6e:9f:75:42:10:df:be:02:db:13:a8:d7:
9d:ba:32:1c:55:e0:2f:63:b4:e5:c3:28:72:3f:e7:
32:25:7b:ca:6d:d8:cf:f3:b9:72:9b:4c:d2:68:14:
bc:14:7b:96:61:30:c9:1b:93:37:d7:d3:d5:6d:cb:
bf:83:71:29:a0:d3:46:41:fa:9a:8b:2e:e3:cb:e4:
2d:d8:86:cf:b4:08:a7:0f:9e:3c:5a:5e:72:f6:3a:
41:fa:26:2e:84:9b:7b:3b:7f:f6:37:5b:fb:cd:6c:
dc:97:23:b8:ed:b5:93:c3:79:86:6f:14:4b:72:f7:
c3:f0:58:4a:c2:a5:80:87:69:65:ef:af:cd:1e:db:
cc:03:e6:f2:2e:ca:5a:5b:d1:34:14:d4:cb:6d:5e:
00:00:5b:e2:51:29:5b:8f:12:12:95:49:7a:28:0d:
83:c0:d5:cd:7a:d2:4c:48:43:82:ef:13:b5:90:05:
81:a3:66:5f:7e:69:61:51:cc:8a:22:99:1b:5e:3e:
02:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:30:6F:CE:51:FA:E7:66:1E:0E:89:73:6B:F8:58:F9:3C:04:F4:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA44D36443AE11F0ADDA57E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:4f:90:63:70:30:21:e8:95:ea:77:de:c4:b0:97:67:9b:e5:
ba:5f:17:5d:b9:16:e9:a3:cd:ff:34:ab:88:25:d4:bd:4c:38:
4a:ee:0c:bb:94:a2:97:b0:f7:af:ef:87:4b:4a:42:5f:56:35:
bb:11:6b:5b:38:aa:48:95:77:93:1d:c0:3d:13:5a:1c:0e:9a:
ea:cf:a2:ef:4c:60:03:79:1c:db:31:53:71:c9:72:84:fd:af:
fc:3e:d6:ce:12:4f:26:ed:b1:62:50:26:24:42:10:2e:c8:f0:
f1:98:43:92:6c:47:10:67:1c:aa:eb:31:9d:90:fd:ce:94:d6:
f3:32:de:27:54:de:0b:f5:53:58:fb:36:a0:c2:b6:c9:46:76:
49:9f:d1:08:1c:c5:1f:e2:13:7c:b4:a4:05:42:3a:61:36:cb:
b4:f4:a1:0f:4f:83:21:12:a1:4a:d0:93:1c:81:44:00:4c:94:
51:ff:c7:6a:df:e5:69:04:43:e8:44:cd:bd:3d:d4:f7:b1:6b:
4a:76:1c:28:99:ab:b4:aa:98:66:42:e6:fc:58:19:86:3a:e8:
a3:bb:fc:97:fc:3a:39:c2:83:7d:8e:f9:7a:7e:2d:c7:49:a5:
74:1e:28:2b:f9:cc:39:da:07:73:68:7a:76:0b:5c:a5:36:7f:
2c:16:7d:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYV6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MTQ1MTM0WhcNMjUwNzE2MTQ1MTM0WjAYMRYw
FAYDVQQDEw02ODQ0NTFmYS1jZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+jwf8923CJB6QJJzzFkakt/VmZTGPRCtWlW2q1BesbBAxHG6pZaD59Hk
2UxD6ihtGQuHATfqaklTPOKJCtpun3VCEN++AtsTqNedujIcVeAvY7TlwyhyP+cy
JXvKbdjP87lym0zSaBS8FHuWYTDJG5M319PVbcu/g3EpoNNGQfqaiy7jy+Qt2IbP
tAinD548Wl5y9jpB+iYuhJt7O3/2N1v7zWzclyO47bWTw3mGbxRLcvfD8FhKwqWA
h2ll76/NHtvMA+byLspaW9E0FNTLbV4AAFviUSlbjxISlUl6KA2DwNXNetJMSEOC
7xO1kAWBo2ZffmlhUcyKIpkbXj4CdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI0w
b85R+udmHg6Jc2v4WPk8BPQdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQTQ0RDM2NDQzQUUxMUYwQUREQTU3RTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQCdT5BjcDAh6JXqd97EsJdnm+W6XxdduRbpo83/NKuIJdS9TDhK7gy7
lKKXsPev74dLSkJfVjW7EWtbOKpIlXeTHcA9E1ocDprqz6LvTGADeRzbMVNxyXKE
/a/8PtbOEk8m7bFiUCYkQhAuyPDxmEOSbEcQZxyq6zGdkP3OlNbzMt4nVN4L9VNY
+zagwrbJRnZJn9EIHMUf4hN8tKQFQjphNsu09KEPT4MhEqFK0JMcgUQATJRR/8dq
3+VpBEPoRM29PdT3sWtKdhwomau0qphmQub8WBmGOuiju/yX/Do5woN9jvl6fi3H
SaV0Higr+cw52gdzaHp2C1ylNn8sFn22
-----END CERTIFICATE-----
Generated at Tue Jul 1 08:47:49 2025 by rpki-client