Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F7EBB4024B6911F0B152B8C2DAE4EC9C.roa
File: F7EBB4024B6911F0B152B8C2DAE4EC9C.roa (raw, json)
Hash identifier: 1B31O1gZJyfjZn+zhB5IG0960VTp8HDBtjxPCmr9o/Q=
Subject key identifier: 50:90:D8:68:8A:AE:9E:AD:F8:D6:F6:12:1F:F2:A2:E0:8C:D6:58:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018709
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F7EBB4024B6911F0B152B8C2DAE4EC9C.roa
Signing time: Tue 17 Jun 2025 10:58:16 +0000
ROA not before: Tue 17 Jun 2025 10:58:10 +0000
ROA not after: Thu 24 Jul 2025 10:58:10 +0000
asID: 55020
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100105 (0x18709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 17 10:58:10 2025 GMT
Not After : Jul 24 10:58:10 2025 GMT
Subject: CN=68514a48-b58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9f:36:e8:14:91:fb:ca:7c:a4:89:12:fd:15:
f9:2b:a4:87:2f:ee:d7:39:ff:a5:aa:2a:bc:96:0c:
86:d9:21:fa:29:36:51:6d:38:e7:3b:bb:c9:3f:34:
dd:1f:4f:a6:c3:dc:58:9c:df:17:af:3f:6b:0d:95:
7c:6f:a4:92:8e:7a:11:cc:dd:d0:02:e7:f6:a8:72:
5e:03:d6:9d:f7:66:1c:e8:0b:07:b6:40:1a:3c:7b:
38:63:d2:fd:a3:71:4e:f2:98:7c:39:5a:d3:ae:2c:
80:d4:bf:09:0a:5e:64:82:25:98:14:27:54:26:9a:
c3:84:c5:3f:bf:23:2b:77:44:28:35:ca:d6:b3:6f:
dd:30:0c:d2:a6:14:c9:63:32:7c:79:dd:f9:49:76:
87:a3:94:10:80:1e:75:3c:c0:14:9f:fa:1e:58:56:
12:f8:f5:e6:d3:b8:62:e2:58:ea:a6:0e:6f:1e:cd:
4d:cd:69:fa:9e:74:e4:fe:cf:07:05:8c:b3:6e:c6:
1e:19:f8:31:c6:40:c9:b4:b2:88:91:b1:0e:49:55:
46:40:18:df:12:31:01:43:95:55:df:8c:8d:09:d7:
cc:97:74:7e:bf:3a:b5:35:71:9b:1d:7d:42:7b:fe:
92:d1:20:0d:82:96:13:c4:31:63:fe:4d:dc:66:ba:
b1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:90:D8:68:8A:AE:9E:AD:F8:D6:F6:12:1F:F2:A2:E0:8C:D6:58:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F7EBB4024B6911F0B152B8C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
8f:6f:6a:f4:5e:80:e7:5e:13:6b:f6:5f:d1:65:18:58:40:16:
b4:1f:12:d9:07:6d:00:c0:7c:cb:eb:a0:03:cf:a9:41:d6:4b:
cd:ff:4a:e2:5c:3a:9c:99:16:23:35:f4:66:e2:da:54:d8:4a:
0a:63:24:4e:fb:e7:71:2e:e5:bf:00:62:ec:22:5a:36:fc:18:
f4:37:9b:ed:19:cc:d0:b9:68:ac:17:59:bb:55:00:4b:33:97:
37:02:ce:f1:89:83:d6:d2:97:67:67:49:dc:f4:76:17:e0:3d:
e5:1c:64:c2:07:c2:68:78:d2:64:28:e0:4d:9e:de:84:85:eb:
74:f0:b8:13:24:84:b8:fc:6b:98:f9:c0:0f:ea:67:4d:4c:6b:
63:66:85:6f:ca:0b:1d:48:39:46:83:6c:25:07:d1:8c:37:b1:
a1:a4:c7:8f:c3:7e:35:31:58:96:01:10:92:71:87:76:ff:a7:
80:aa:31:6d:e2:2d:b3:0c:9b:41:03:6d:ed:1b:91:28:6a:be:
c4:16:45:cd:bb:2a:6f:0a:48:42:7c:f5:90:63:16:41:1f:cb:
74:7c:82:a0:1e:56:dd:fe:1d:e5:4a:68:fd:7a:36:41:07:02:
43:ab:9f:54:4a:aa:21:af:d4:79:40:12:c6:24:48:8d:2a:5e:
ae:6a:e1:cb
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAYcJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE3MTA1ODEwWhcNMjUwNzI0MTA1ODEwWjAYMRYw
FAYDVQQDEw02ODUxNGE0OC1iNThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15826BSR+8p8pIkS/RX5K6SHL+7XOf+lqiq8lgyG2SH6KTZRbTjnO7vJ
PzTdH0+mw9xYnN8Xrz9rDZV8b6SSjnoRzN3QAuf2qHJeA9ad92Yc6AsHtkAaPHs4
Y9L9o3FO8ph8OVrTriyA1L8JCl5kgiWYFCdUJprDhMU/vyMrd0QoNcrWs2/dMAzS
phTJYzJ8ed35SXaHo5QQgB51PMAUn/oeWFYS+PXm07hi4ljqpg5vHs1NzWn6nnTk
/s8HBYyzbsYeGfgxxkDJtLKIkbEOSVVGQBjfEjEBQ5VV34yNCdfMl3R+vzq1NXGb
HX1Ce/6S0SANgpYTxDFj/k3cZrqxDQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFFCQ
2GiKrp6t+Nb2Eh/youCM1lhLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GN0VCQjQwMjRCNjkxMUYwQjE1MkI4QzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAj29q9F6A514Ta/Zf0WUYWEAWtB8S
2QdtAMB8y+ugA8+pQdZLzf9K4lw6nJkWIzX0ZuLaVNhKCmMkTvvncS7lvwBi7CJa
NvwY9Deb7RnM0LlorBdZu1UASzOXNwLO8YmD1tKXZ2dJ3PR2F+A95RxkwgfCaHjS
ZCjgTZ7ehIXrdPC4EySEuPxrmPnAD+pnTUxrY2aFb8oLHUg5RoNsJQfRjDexoaTH
j8N+NTFYlgEQknGHdv+ngKoxbeItswybQQNt7RuRKGq+xBZFzbsqbwpIQnz1kGMW
QR/LdHyCoB5W3f4d5Upo/Xo2QQcCQ6ufVEqqIa/UeUASxiRIjSpermrhyw==
-----END CERTIFICATE-----
Generated at Thu Jul 3 22:48:45 2025 by rpki-client