Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB02DB14414311F09C48E6B4DAE4EC9C.roa
File: FB02DB14414311F09C48E6B4DAE4EC9C.roa (raw, json)
Hash identifier: UGBEmtmP4mZxyuLfCxVuPQz5dKOGFOdGUrwyHCV9BiY=
Subject key identifier: 42:65:B0:84:57:11:DE:29:3B:F3:EF:73:6D:25:E8:6E:B1:ED:C3:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0184E2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB02DB14414311F09C48E6B4DAE4EC9C.roa
Signing time: Wed 04 Jun 2025 13:01:08 +0000
ROA not before: Wed 04 Jun 2025 13:01:04 +0000
ROA not after: Sun 10 Aug 2025 13:01:04 +0000
asID: 395793
IP address blocks: 154.196.208.0/24 maxlen: 24
154.196.209.0/24 maxlen: 24
154.196.210.0/24 maxlen: 24
154.196.211.0/24 maxlen: 24
154.196.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99554 (0x184e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 4 13:01:04 2025 GMT
Not After : Aug 10 13:01:04 2025 GMT
Subject: CN=68404394-6e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7a:b3:31:c5:62:db:a9:52:f5:03:24:4b:b4:
18:2c:32:e7:01:10:e2:73:8a:2f:20:cf:93:a5:1d:
7a:3e:16:5a:6e:ba:63:9a:44:75:22:21:3e:c6:bc:
e4:3e:fc:3a:11:0a:97:e5:12:83:95:56:d6:c2:32:
72:54:36:31:76:67:46:9b:68:7c:23:ff:58:a7:65:
a9:28:e8:bd:fa:5f:bc:87:ef:00:7c:14:8a:dc:1c:
46:65:9e:66:27:c6:8d:bc:df:56:b5:fe:c2:07:00:
7f:71:46:fd:a6:f8:ae:5a:a3:fc:52:49:dd:8e:2e:
17:5d:3c:70:3e:89:b7:e8:3c:98:f8:98:0b:78:49:
72:e8:fc:18:1c:aa:cb:65:3d:f0:01:56:8e:01:71:
d3:cc:f2:a2:e2:da:b0:26:a8:95:8a:b3:e1:d1:29:
86:db:4b:d5:66:12:14:fd:e2:dd:5b:2e:16:9a:10:
7f:df:b8:4f:54:dd:d0:af:ca:a4:d7:64:c4:c4:fb:
bd:a5:e8:82:47:10:79:21:31:0c:85:58:15:47:f2:
cc:a3:20:dc:54:be:0c:cb:5a:5f:e9:99:05:55:f8:
ca:ec:3a:23:6a:a8:ab:ca:ec:ab:66:33:68:fa:0c:
2d:45:95:77:52:34:e4:a9:ab:ac:7b:56:b2:47:e1:
9f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:65:B0:84:57:11:DE:29:3B:F3:EF:73:6D:25:E8:6E:B1:ED:C3:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FB02DB14414311F09C48E6B4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.208.0-154.196.212.255
Signature Algorithm: sha256WithRSAEncryption
0c:5b:da:75:f4:1a:d4:d9:ec:bc:7c:d2:12:2a:a2:cc:c2:65:
b0:ea:19:23:06:a5:28:3d:71:33:ea:2e:74:74:2f:1d:ce:27:
9a:e8:ed:4e:2c:08:38:3c:a8:c3:51:27:bc:7d:9f:8f:65:9b:
89:40:09:ea:d7:88:ae:2e:1f:2e:d4:d9:43:c3:18:0d:45:5f:
34:b5:31:07:c6:3c:0b:4e:de:24:d5:58:39:df:fd:05:99:2a:
12:2b:c4:5e:38:67:b0:d8:eb:af:5a:84:4e:d7:1c:e4:04:81:
a3:5f:26:07:23:b3:8c:c1:6e:41:d4:1e:f2:a5:93:ee:a3:91:
2c:33:38:71:03:ba:d0:80:3b:a6:3c:d4:26:77:f7:d1:92:39:
c4:7e:43:53:9a:c7:50:66:45:74:30:bb:af:36:95:2c:70:07:
e1:45:da:da:7b:a5:cc:55:c2:77:f8:31:a0:57:93:f6:2d:56:
d9:4e:e4:dc:f2:f3:fa:b8:19:aa:16:cb:24:f7:54:dd:80:a2:
a1:50:23:c1:fb:a5:d4:04:7d:ab:20:d3:32:1a:14:6e:3a:61:
9f:48:20:73:8e:87:51:b9:08:57:12:7c:93:e9:dd:2a:fb:df:
57:0b:aa:9e:0c:75:1f:d2:e7:bb:d0:40:c4:f1:17:35:15:12:
5d:82:69:97
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYTiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA0MTMwMTA0WhcNMjUwODEwMTMwMTA0WjAYMRYw
FAYDVQQDEw02ODQwNDM5NC02ZTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2HqzMcVi26lS9QMkS7QYLDLnARDic4ovIM+TpR16PhZabrpjmkR1IiE+
xrzkPvw6EQqX5RKDlVbWwjJyVDYxdmdGm2h8I/9Yp2WpKOi9+l+8h+8AfBSK3BxG
ZZ5mJ8aNvN9Wtf7CBwB/cUb9pviuWqP8Ukndji4XXTxwPom36DyY+JgLeEly6PwY
HKrLZT3wAVaOAXHTzPKi4tqwJqiVirPh0SmG20vVZhIU/eLdWy4WmhB/37hPVN3Q
r8qk12TExPu9peiCRxB5ITEMhVgVR/LMoyDcVL4My1pf6ZkFVfjK7Dojaqiryuyr
ZjNo+gwtRZV3UjTkqause1ayR+GfHQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFEJl
sIRXEd4pO/Pvc20l6G6x7cPMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQjAyREIxNDQxNDMxMUYwOUM0OEU2QjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaxNADBACaxNQwDQYJ
KoZIhvcNAQELBQADggEBAAxb2nX0GtTZ7Lx80hIqoszCZbDqGSMGpSg9cTPqLnR0
Lx3OJ5ro7U4sCDg8qMNRJ7x9n49lm4lACerXiK4uHy7U2UPDGA1FXzS1MQfGPAtO
3iTVWDnf/QWZKhIrxF44Z7DY669ahE7XHOQEgaNfJgcjs4zBbkHUHvKlk+6jkSwz
OHEDutCAO6Y81CZ399GSOcR+Q1Oax1BmRXQwu682lSxwB+FF2tp7pcxVwnf4MaBX
k/YtVtlO5Nzy8/q4GaoWyyT3VN2AoqFQI8H7pdQEfasg0zIaFG46YZ9IIHOOh1G5
CFcSfJPp3Sr731cLqp4MdR/S57vQQMTxFzUVEl2CaZc=
-----END CERTIFICATE-----
Generated at Sun Jun 29 17:50:25 2025 by rpki-client