Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01207CB4381A11F089171990DAE4EC9C.roa
File: 01207CB4381A11F089171990DAE4EC9C.roa (raw, json)
Hash identifier: wC5YLNsrND9C00nfptmo/MeUnVqr3AU6XDKbp3bei8U=
Subject key identifier: 0C:41:90:4A:63:77:F0:13:2D:53:FB:C5:87:11:2A:07:4B:7A:FD:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018263
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01207CB4381A11F089171990DAE4EC9C.roa
Signing time: Fri 23 May 2025 21:07:59 +0000
ROA not before: Fri 23 May 2025 21:07:53 +0000
ROA not after: Wed 17 Jun 2026 21:07:53 +0000
asID: 54600
IP address blocks: 154.193.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98915 (0x18263)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 23 21:07:53 2025 GMT
Not After : Jun 17 21:07:53 2026 GMT
Subject: CN=6830e3af-2acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:75:4e:17:b0:31:b6:cb:5e:af:49:b8:11:86:
5f:81:3c:1b:a5:6f:85:9f:d2:e3:08:3e:7d:74:de:
b1:eb:28:37:f8:dd:50:80:0a:b1:5b:4e:72:87:99:
c6:1a:15:f6:ef:c7:13:a3:73:41:fa:e4:a8:56:28:
61:81:e2:2c:3d:99:75:3c:47:d4:1e:f1:7c:71:77:
6f:9f:77:f1:3c:81:53:db:40:b8:6e:4d:72:b9:f1:
3d:04:b3:93:85:b6:c2:ca:63:be:30:69:c5:ba:04:
f6:ea:4c:8d:b4:27:e6:5d:0f:33:a2:65:89:34:74:
59:2c:41:3d:b7:20:e7:41:89:50:31:af:85:cf:11:
1e:95:35:5a:ee:13:6e:c5:c6:f6:eb:5c:0e:ea:e4:
7a:bd:e7:4e:4c:17:c4:d8:42:e2:28:f0:ac:dd:b0:
ff:8e:f9:14:f4:c5:5d:6a:7f:49:7b:8b:7c:da:29:
c8:65:e2:a8:e3:17:be:cf:15:ea:d6:58:2d:ce:03:
da:a9:ee:af:a4:0d:1a:47:e7:ea:20:d7:c1:a2:95:
7f:9e:2d:fa:bc:05:0a:24:1a:fc:51:43:ce:8e:76:
de:94:ca:71:a9:39:60:eb:a9:43:01:d7:6e:cc:f1:
70:a7:d7:bc:3f:b5:33:aa:1d:1e:66:26:7f:56:80:
b6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:41:90:4A:63:77:F0:13:2D:53:FB:C5:87:11:2A:07:4B:7A:FD:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/01207CB4381A11F089171990DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.192.0/18
Signature Algorithm: sha256WithRSAEncryption
73:e9:73:0e:1b:b3:da:eb:5e:f2:dd:9a:9d:1a:6f:62:a3:f9:
71:1e:09:e2:4a:2f:0a:86:17:1e:99:c9:25:f0:43:66:e1:48:
72:48:8e:4a:2a:76:9b:16:57:64:4a:93:63:fc:85:23:bc:e0:
5d:df:62:1b:92:80:3f:83:00:37:2e:e0:e4:84:8d:fc:d0:e0:
84:99:64:7d:a1:13:ab:28:db:47:49:fa:d3:6c:55:a6:ae:82:
ab:37:23:46:fd:02:7f:59:52:24:58:7c:2b:79:5e:8c:98:7c:
e2:67:b1:b6:28:78:19:7b:17:dd:1b:0d:36:a5:fc:4c:a8:94:
70:dd:80:15:a8:7b:39:50:80:89:ee:73:68:76:9a:1f:eb:04:
5d:93:d8:ff:73:23:ae:11:e2:98:98:e0:77:e9:de:47:cc:c0:
40:65:84:35:1e:ed:67:cd:ef:78:43:b5:82:3d:12:8e:27:d4:
4f:22:58:50:74:af:74:96:7e:04:8c:3b:ce:48:c1:03:08:e8:
1e:c2:ec:54:1d:79:43:8c:28:5e:f5:4b:6f:02:a9:78:cd:d4:
13:37:0c:03:3b:8b:12:e0:12:1e:42:9c:f5:5a:f2:5c:2f:30:
d5:24:e3:91:b7:45:7e:16:77:b3:e7:7e:3b:c2:a0:22:e5:9e:
0a:39:eb:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYJjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTIzMjEwNzUzWhcNMjYwNjE3MjEwNzUzWjAYMRYw
FAYDVQQDEw02ODMwZTNhZi0yYWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1nVOF7Axtster0m4EYZfgTwbpW+Fn9LjCD59dN6x6yg3+N1QgAqxW05y
h5nGGhX278cTo3NB+uSoVihhgeIsPZl1PEfUHvF8cXdvn3fxPIFT20C4bk1yufE9
BLOThbbCymO+MGnFugT26kyNtCfmXQ8zomWJNHRZLEE9tyDnQYlQMa+FzxEelTVa
7hNuxcb261wO6uR6vedOTBfE2ELiKPCs3bD/jvkU9MVdan9Je4t82inIZeKo4xe+
zxXq1lgtzgPaqe6vpA0aR+fqINfBopV/ni36vAUKJBr8UUPOjnbelMpxqTlg66lD
AdduzPFwp9e8P7Uzqh0eZiZ/VoC23wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAxB
kEpjd/ATLVP7xYcRKgdLev1HMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMTIwN0NCNDM4MUExMUYwODkxNzE5OTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsHAMA0GCSqGSIb3DQEB
CwUAA4IBAQBz6XMOG7Pa617y3ZqdGm9io/lxHgniSi8Khhcemckl8ENm4UhySI5K
KnabFldkSpNj/IUjvOBd32IbkoA/gwA3LuDkhI380OCEmWR9oROrKNtHSfrTbFWm
roKrNyNG/QJ/WVIkWHwreV6MmHziZ7G2KHgZexfdGw02pfxMqJRw3YAVqHs5UICJ
7nNodpof6wRdk9j/cyOuEeKYmOB36d5HzMBAZYQ1Hu1nze94Q7WCPRKOJ9RPIlhQ
dK90ln4EjDvOSMEDCOgewuxUHXlDjChe9UtvAql4zdQTNwwDO4sS4BIeQpz1WvJc
LzDVJOORt0V+Fnez5347wqAi5Z4KOet5
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:27:09 2025 by rpki-client