Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF2C0A9C526211F0B36FB1B3DAE4EC9C.roa
File: EF2C0A9C526211F0B36FB1B3DAE4EC9C.roa (raw, json)
Hash identifier: Nl5COJxTOowJMgZnCUWAAec9xCdGoppV6tUMqpjUFXs=
Subject key identifier: 7E:4C:11:FA:4B:B9:E5:72:4E:95:6D:58:64:36:CF:99:17:17:F8:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018925
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF2C0A9C526211F0B36FB1B3DAE4EC9C.roa
Signing time: Thu 26 Jun 2025 07:55:32 +0000
ROA not before: Thu 26 Jun 2025 07:55:28 +0000
ROA not after: Fri 08 Aug 2025 07:55:28 +0000
asID: 329029
IP address blocks: 154.90.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100645 (0x18925)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 26 07:55:28 2025 GMT
Not After : Aug 8 07:55:28 2025 GMT
Subject: CN=685cfcf4-4eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:44:d2:bd:05:39:56:33:bb:d5:1c:61:4a:d0:
47:78:3c:d4:c2:b2:16:8c:7f:df:2c:14:19:7c:14:
71:92:1c:04:3f:5e:a6:e1:4b:c9:b2:89:f4:69:12:
f9:74:ca:5b:97:55:86:32:c7:0e:67:28:3a:99:77:
fa:2b:54:45:4e:52:d6:00:48:0d:9a:20:83:33:7e:
cf:0b:f5:7f:10:b7:c3:82:cc:4a:55:e3:8a:7f:b6:
4e:ab:02:55:c1:08:54:93:f2:cb:5a:fb:a5:d4:c7:
55:3d:21:10:c6:00:b9:32:a2:64:22:5e:87:10:2f:
16:ea:76:07:aa:8c:fd:1f:18:5d:c4:57:b2:f2:b2:
2a:1e:fd:65:75:e1:85:db:14:14:79:e4:82:8a:c9:
fc:ec:1a:88:9d:71:57:37:6d:e1:b6:3c:98:bc:cc:
e8:62:96:30:46:d9:a3:fb:65:b5:cb:4b:c2:84:6a:
52:93:3a:68:c2:10:fe:68:cd:0b:9b:97:c0:38:56:
c2:25:0f:6c:56:6c:70:79:2a:bd:68:0f:59:d0:a4:
91:10:e1:fa:9f:00:91:d3:11:a9:f1:3e:4a:a8:85:
c9:3d:ac:d6:dd:d8:a7:06:e1:ca:d8:d6:73:bb:f0:
45:c2:93:02:a2:0a:ab:43:7b:90:80:fd:b7:f8:2a:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:4C:11:FA:4B:B9:E5:72:4E:95:6D:58:64:36:CF:99:17:17:F8:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF2C0A9C526211F0B36FB1B3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.174.0/23
Signature Algorithm: sha256WithRSAEncryption
24:3d:1d:ec:d4:ad:52:39:09:f3:ac:bd:ed:de:27:a3:55:25:
7e:a6:90:1c:ef:27:4c:e9:0c:b3:e0:28:50:d7:ab:94:fa:9e:
09:b0:73:5e:f1:a6:14:29:69:b4:85:8c:a4:f1:bb:89:5d:09:
da:07:81:81:8d:ff:bf:c4:b9:91:a7:aa:aa:d8:df:81:3a:8d:
b1:d0:6e:fd:a4:26:64:12:ce:d5:7c:83:22:c2:be:b3:4d:c3:
ac:d1:83:02:c4:a9:ba:e8:ce:97:14:a3:23:31:eb:03:45:1e:
01:df:25:bd:82:8c:3f:08:99:7e:af:ed:3a:ac:fd:5e:58:2c:
1c:4c:8b:9d:33:7d:f2:bb:00:c3:33:fc:ba:91:87:9e:95:3e:
5d:1c:5d:d0:10:fd:8f:f3:44:7d:31:7d:ff:c2:8c:ea:fe:4b:
9b:8b:37:e1:d5:29:7c:68:2e:d4:26:40:a2:08:76:84:49:08:
c3:51:06:39:ca:2e:64:33:28:02:d5:87:2a:79:64:a7:cd:5e:
92:e0:b7:17:d4:e5:2f:c4:bb:ad:d6:be:ce:7b:e6:06:5c:fa:
0c:e5:ed:1d:78:f1:a0:66:53:c4:c6:cd:9e:7b:89:6b:cd:9f:
b6:f3:f0:3d:3a:bc:73:3a:ed:39:ea:31:8a:55:2a:7a:57:51:
c5:12:13:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYklMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjI2MDc1NTI4WhcNMjUwODA4MDc1NTI4WjAYMRYw
FAYDVQQDEw02ODVjZmNmNC00ZWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArkTSvQU5VjO71RxhStBHeDzUwrIWjH/fLBQZfBRxkhwEP16m4UvJson0
aRL5dMpbl1WGMscOZyg6mXf6K1RFTlLWAEgNmiCDM37PC/V/ELfDgsxKVeOKf7ZO
qwJVwQhUk/LLWvul1MdVPSEQxgC5MqJkIl6HEC8W6nYHqoz9HxhdxFey8rIqHv1l
deGF2xQUeeSCisn87BqInXFXN23htjyYvMzoYpYwRtmj+2W1y0vChGpSkzpowhD+
aM0Lm5fAOFbCJQ9sVmxweSq9aA9Z0KSREOH6nwCR0xGp8T5KqIXJPazW3dinBuHK
2NZzu/BFwpMCogqrQ3uQgP23+CqyowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH5M
EfpLueVyTpVtWGQ2z5kXF/gAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRjJDMEE5QzUyNjIxMUYwQjM2RkIxQjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlquMA0GCSqGSIb3DQEB
CwUAA4IBAQAkPR3s1K1SOQnzrL3t3iejVSV+ppAc7ydM6Qyz4ChQ16uU+p4JsHNe
8aYUKWm0hYyk8buJXQnaB4GBjf+/xLmRp6qq2N+BOo2x0G79pCZkEs7VfIMiwr6z
TcOs0YMCxKm66M6XFKMjMesDRR4B3yW9gow/CJl+r+06rP1eWCwcTIudM33yuwDD
M/y6kYeelT5dHF3QEP2P80R9MX3/wozq/kubizfh1Sl8aC7UJkCiCHaESQjDUQY5
yi5kMygC1YcqeWSnzV6S4LcX1OUvxLut1r7Oe+YGXPoM5e0dePGgZlPExs2ee4lr
zZ+28/A9OrxzOu056jGKVSp6V1HFEhOG
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:33:54 2025 by rpki-client