Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08D0582C48FE11F09D22C086DAE4EC9C.roa
File: 08D0582C48FE11F09D22C086DAE4EC9C.roa (raw, json)
Hash identifier: pSk7RSQ+Mp+QkXmCGjzPQ6Sf2zlcEppFQpmGrcCii4Q=
Subject key identifier: D2:46:B2:CF:09:9B:A0:31:CF:A7:75:FE:58:69:0C:A2:47:24:EB:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01866D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08D0582C48FE11F09D22C086DAE4EC9C.roa
Signing time: Sat 14 Jun 2025 09:00:36 +0000
ROA not before: Sat 14 Jun 2025 09:00:30 +0000
ROA not after: Fri 04 Jul 2025 09:00:30 +0000
asID: 54600
IP address blocks: 154.92.176.0/20 maxlen: 24
154.199.208.0/20 maxlen: 24
154.199.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99949 (0x1866d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 14 09:00:30 2025 GMT
Not After : Jul 4 09:00:30 2025 GMT
Subject: CN=684d3a34-5ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d1:5a:73:75:c4:93:f8:54:1d:f7:5a:18:ca:
ea:35:37:e1:21:b1:5d:37:32:c2:da:2b:fb:30:e1:
e4:76:69:fa:06:b2:0f:ca:29:7b:60:88:9b:ea:8c:
18:bc:b9:8b:b0:db:b2:0e:69:a1:30:77:12:41:19:
37:89:42:5e:92:17:e0:2f:c9:ce:66:dd:d8:8f:7c:
6c:cb:94:2e:19:85:36:f8:b1:be:c7:80:a0:63:c5:
99:93:fb:82:6b:94:fd:62:a4:c6:16:e4:06:80:e6:
b5:d3:4a:cf:08:00:b1:e0:e2:66:68:24:b5:59:5a:
36:89:ba:60:56:1a:7a:d6:cb:3c:40:ce:70:30:07:
48:e4:c4:12:00:b8:4c:cb:09:86:9a:86:24:9b:a5:
87:08:cd:d8:de:19:72:e0:da:96:89:a8:55:02:48:
88:5a:94:91:7d:82:d1:44:64:8d:47:c2:11:ed:de:
11:ed:a5:f3:06:ee:04:90:2a:0b:d0:53:41:1b:cf:
ad:c1:23:88:44:21:90:4a:db:cb:99:ef:b3:35:16:
da:e7:d9:e4:e5:c1:24:74:d5:46:94:bd:45:aa:a3:
f5:42:89:e8:2f:3d:81:0e:db:cd:bd:22:52:18:86:
02:ec:6f:d3:5f:ba:9c:69:0f:ea:a6:61:50:d1:1f:
a8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:46:B2:CF:09:9B:A0:31:CF:A7:75:FE:58:69:0C:A2:47:24:EB:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08D0582C48FE11F09D22C086DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.176.0/20
154.199.208.0-154.199.255.255
Signature Algorithm: sha256WithRSAEncryption
1e:5a:26:dc:8d:22:69:dc:bc:ac:93:2b:01:b4:99:73:3d:7b:
3a:ea:56:be:e5:19:c7:99:fc:04:bf:21:cc:5e:a0:2d:74:21:
ba:7e:21:d0:8b:2b:82:0c:b5:b9:8c:9c:00:ab:13:fd:eb:cd:
59:7f:5a:67:2c:0e:4c:4a:51:b1:21:69:aa:88:ec:db:de:3d:
78:5e:7b:a3:5d:61:5a:54:01:a8:91:21:50:f3:33:ca:2d:b0:
f5:28:2a:79:ee:c4:52:79:33:4a:05:b9:5c:03:a8:3a:48:2f:
55:04:e7:9a:fd:84:86:2e:70:99:ce:9f:82:1d:95:18:3a:36:
bc:9d:41:f0:9f:b4:27:8d:01:48:94:11:e3:e7:2e:2d:90:f1:
60:70:6e:5f:20:ef:ec:d2:79:b8:f8:fb:b4:35:99:92:26:59:
5e:7f:04:ca:6d:d4:3a:51:ce:42:b0:47:39:77:09:5a:c4:13:
e9:1d:b8:31:3d:2e:d7:b8:28:2e:72:45:07:1b:7d:0e:22:cb:
bf:ee:94:de:0c:b9:f0:ee:17:c4:60:59:76:b6:d8:a1:da:b8:
5d:1d:9c:b3:8a:11:bc:5e:dd:55:6d:c2:34:13:6f:4d:6f:90:
84:3c:a4:1b:a5:06:15:05:ca:dd:fe:fe:0d:37:62:e5:3a:7a:
bc:4c:14:5d
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIDAYZtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE0MDkwMDMwWhcNMjUwNzA0MDkwMDMwWjAYMRYw
FAYDVQQDEw02ODRkM2EzNC01ZWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5NFac3XEk/hUHfdaGMrqNTfhIbFdNzLC2iv7MOHkdmn6BrIPyil7YIib
6owYvLmLsNuyDmmhMHcSQRk3iUJekhfgL8nOZt3Yj3xsy5QuGYU2+LG+x4CgY8WZ
k/uCa5T9YqTGFuQGgOa100rPCACx4OJmaCS1WVo2ibpgVhp61ss8QM5wMAdI5MQS
ALhMywmGmoYkm6WHCM3Y3hly4NqWiahVAkiIWpSRfYLRRGSNR8IR7d4R7aXzBu4E
kCoL0FNBG8+twSOIRCGQStvLme+zNRba59nk5cEkdNVGlL1FqqP1QonoLz2BDtvN
vSJSGIYC7G/TX7qcaQ/qpmFQ0R+ohwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFNJG
ss8Jm6Axz6d1/lhpDKJHJOsuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOEQwNTgyQzQ4RkUxMUYwOUQyMkMwODZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQEmlywMAsDBASax9ADAwOa
wDANBgkqhkiG9w0BAQsFAAOCAQEAHlom3I0iady8rJMrAbSZcz17OupWvuUZx5n8
BL8hzF6gLXQhun4h0Isrggy1uYycAKsT/evNWX9aZywOTEpRsSFpqojs2949eF57
o11hWlQBqJEhUPMzyi2w9Sgqee7EUnkzSgW5XAOoOkgvVQTnmv2Ehi5wmc6fgh2V
GDo2vJ1B8J+0J40BSJQR4+cuLZDxYHBuXyDv7NJ5uPj7tDWZkiZZXn8Eym3UOlHO
QrBHOXcJWsQT6R24MT0u17goLnJFBxt9DiLLv+6U3gy58O4XxGBZdrbYodq4XR2c
s4oRvF7dVW3CNBNvTW+QhDykG6UGFQXK3f7+DTdi5Tp6vEwUXQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:46:27 2025 by rpki-client