Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07CF66AC6FE111F08DE49A8CDAE4EC9C.roa
File: 07CF66AC6FE111F08DE49A8CDAE4EC9C.roa (raw, json)
Hash identifier: 5CkzTlqmvgzajdE6LvHcVhq10dm+EQXtG0T35ztn6aU=
Subject key identifier: 2A:26:33:C7:DF:20:00:BF:F1:30:F7:80:67:5B:E7:94:8A:64:B7:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019072
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07CF66AC6FE111F08DE49A8CDAE4EC9C.roa
Signing time: Sat 02 Aug 2025 20:41:14 +0000
ROA not before: Sat 02 Aug 2025 20:41:09 +0000
ROA not after: Wed 24 Sep 2025 20:41:09 +0000
asID: 40065
IP address blocks: 154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102514 (0x19072)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 20:41:09 2025 GMT
Not After : Sep 24 20:41:09 2025 GMT
Subject: CN=688e77ea-d084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6c:67:08:55:c5:fd:9b:5b:2a:df:13:fa:af:
5f:ae:85:26:0a:15:d1:94:37:61:69:00:3a:13:1c:
5e:89:c8:b5:fc:77:2b:4f:ba:16:cc:f4:4b:c1:55:
f6:b4:c6:f5:e0:67:45:81:6f:9e:ae:0f:ff:ae:16:
76:20:f3:d5:61:6e:71:3c:ff:d4:b2:bd:0e:c0:fc:
66:dc:7e:f0:cd:64:25:76:9a:e5:c1:7b:34:07:d3:
77:5f:bb:86:86:3e:f6:77:98:f5:f7:fe:52:e4:3c:
bf:21:f5:8b:39:7e:08:f0:04:70:2d:c2:2f:49:8e:
06:cd:34:61:c0:77:9c:2b:0f:d1:16:68:89:cf:24:
b1:17:c5:69:2d:0b:99:d5:0e:b5:d0:df:ca:37:16:
5d:68:03:76:6b:c4:fd:f0:38:6b:f6:83:13:7f:97:
6d:af:83:67:9b:f9:c1:84:4b:4d:09:4c:1d:89:67:
f7:9c:a2:06:d1:5b:63:7b:fa:e6:6c:ce:cc:c0:53:
cc:b4:24:3b:7a:af:a5:c3:31:39:44:09:59:50:3e:
31:4d:4c:02:2c:66:02:fb:29:b1:c9:33:90:02:30:
7e:05:d4:6c:52:5d:b9:19:d4:3d:af:c2:74:c8:17:
25:8c:bd:58:a9:60:c2:19:38:f0:48:cc:78:7f:e6:
f4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:26:33:C7:DF:20:00:BF:F1:30:F7:80:67:5B:E7:94:8A:64:B7:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/07CF66AC6FE111F08DE49A8CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/20
Signature Algorithm: sha256WithRSAEncryption
14:77:52:df:f6:10:12:3f:d9:49:dc:98:59:da:3e:d6:e6:43:
32:c4:06:98:dd:38:c7:16:cd:99:5e:58:77:7a:f7:65:e3:18:
cc:ba:22:da:8f:e8:38:ab:10:6a:9d:95:45:6e:05:93:45:a0:
a3:42:0e:47:c4:3d:1d:34:43:96:2d:ec:d2:90:90:ea:20:27:
ce:b2:98:41:76:58:8e:36:aa:5b:5f:cd:d7:58:b8:6c:8b:7d:
c1:01:63:d2:e9:3e:c0:52:da:e6:02:e1:1d:1f:5f:c3:ff:1e:
bf:97:7f:57:c3:f2:2a:5d:a7:6d:5e:40:8c:52:c0:c5:f0:33:
bf:63:77:d4:d8:a0:79:a5:62:4c:f3:70:4a:12:08:85:bb:14:
33:95:2c:a5:d1:ef:a6:a0:7c:28:7f:93:aa:a8:8e:b9:49:ce:
75:8e:0b:cd:15:10:11:10:9b:62:27:32:29:74:e7:4d:20:a3:
d2:28:5b:74:31:23:84:3c:cd:32:89:70:21:39:73:db:e3:d8:
bb:63:1b:7b:8a:69:ab:26:a6:6b:92:52:36:7d:d9:b0:b4:9a:
c8:e3:8b:30:fa:e9:66:8e:32:30:7d:a8:c1:51:5c:f7:7d:d4:
4d:6e:5c:49:fd:30:26:a3:dc:45:cd:4b:5a:1e:d5:37:31:30:
36:62:f2:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZByMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMjA0MTA5WhcNMjUwOTI0MjA0MTA5WjAYMRYw
FAYDVQQDEw02ODhlNzdlYS1kMDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5GxnCFXF/ZtbKt8T+q9froUmChXRlDdhaQA6Exxeici1/HcrT7oWzPRL
wVX2tMb14GdFgW+erg//rhZ2IPPVYW5xPP/Usr0OwPxm3H7wzWQldprlwXs0B9N3
X7uGhj72d5j19/5S5Dy/IfWLOX4I8ARwLcIvSY4GzTRhwHecKw/RFmiJzySxF8Vp
LQuZ1Q610N/KNxZdaAN2a8T98Dhr9oMTf5dtr4Nnm/nBhEtNCUwdiWf3nKIG0Vtj
e/rmbM7MwFPMtCQ7eq+lwzE5RAlZUD4xTUwCLGYC+ymxyTOQAjB+BdRsUl25GdQ9
r8J0yBcljL1YqWDCGTjwSMx4f+b0JwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCom
M8ffIAC/8TD3gGdb55SKZLckMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wN0NGNjZBQzZGRTExMUYwOERFNDlBOENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQAUd1Lf9hASP9lJ3JhZ2j7W5kMyxAaY3TjHFs2ZXlh3evdl4xjMuiLa
j+g4qxBqnZVFbgWTRaCjQg5HxD0dNEOWLezSkJDqICfOsphBdliONqpbX83XWLhs
i33BAWPS6T7AUtrmAuEdH1/D/x6/l39Xw/IqXadtXkCMUsDF8DO/Y3fU2KB5pWJM
83BKEgiFuxQzlSyl0e+moHwof5OqqI65Sc51jgvNFRAREJtiJzIpdOdNIKPSKFt0
MSOEPM0yiXAhOXPb49i7Yxt7immrJqZrklI2fdmwtJrI44sw+ulmjjIwfajBUVz3
fdRNblxJ/TAmo9xFzUtaHtU3MTA2YvJQ
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:45:00 2025 by rpki-client