Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CEBA40242DC11F0A8CED991DAE4EC9C.roa
File: 0CEBA40242DC11F0A8CED991DAE4EC9C.roa (raw, json)
Hash identifier: Aw68CmpZN6DAvy74WBVu8wOUBmIy5/cTAnXdKX71T6Q=
Subject key identifier: 09:59:11:5C:C2:0F:72:DF:92:0A:A8:08:38:9B:8A:E0:D5:FA:72:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01852C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CEBA40242DC11F0A8CED991DAE4EC9C.roa
Signing time: Fri 06 Jun 2025 13:42:13 +0000
ROA not before: Fri 06 Jun 2025 13:42:08 +0000
ROA not after: Mon 14 Jul 2025 13:42:08 +0000
asID: 20473
IP address blocks: 154.197.54.0/24 maxlen: 24
154.197.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99628 (0x1852c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 6 13:42:08 2025 GMT
Not After : Jul 14 13:42:08 2025 GMT
Subject: CN=6842f035-3cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:ca:7c:b0:a9:66:1a:fc:80:e3:3f:0a:5f:
a6:d3:44:6d:67:4c:e9:24:0f:f6:11:f5:96:cf:ca:
da:5f:88:1e:c4:b0:04:5e:90:ae:cc:9a:ef:31:45:
41:0a:32:72:24:ea:e6:73:dc:4d:99:2d:5a:12:18:
9d:e0:75:6a:4a:b8:a5:6e:16:d4:8a:57:63:fb:26:
77:82:8a:85:00:34:40:1a:ea:a7:44:a6:58:8b:99:
fa:f1:d1:47:17:92:99:f1:18:bc:c6:58:55:62:ba:
06:70:43:6d:86:0b:cc:2a:e5:21:51:10:d2:4b:5d:
23:39:3c:81:62:4d:1c:22:eb:d8:9d:d5:9e:78:99:
8e:c6:ef:7f:9a:3c:69:72:c0:77:4c:f5:03:b0:94:
40:ac:e2:f8:31:3d:6d:9a:d0:7d:38:a6:ed:d4:13:
ca:7b:bd:fe:93:02:7b:95:2d:63:e5:c8:c5:d5:62:
c9:92:60:2c:61:fd:8a:59:b8:0a:7c:ab:c3:8e:c5:
d2:54:66:6d:1f:b2:43:6a:4e:94:be:2e:0f:1b:3a:
98:5d:9c:09:b5:27:c5:9c:cf:33:27:27:c6:fa:09:
6b:f4:b6:66:a1:1d:b9:13:49:83:39:13:fb:31:e0:
86:91:49:f3:5d:6a:a5:64:00:81:d6:9f:06:4d:f9:
60:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:59:11:5C:C2:0F:72:DF:92:0A:A8:08:38:9B:8A:E0:D5:FA:72:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CEBA40242DC11F0A8CED991DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.54.0/24
154.197.88.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:20:15:02:d1:c7:22:70:61:a3:e2:ed:f9:9b:e7:fa:cf:2c:
b4:48:c9:f5:ee:a4:d9:6a:76:5a:80:69:bf:77:3d:a8:3a:97:
86:ec:ee:df:c4:0f:81:16:83:8e:1b:1b:09:c6:56:14:1b:65:
24:1f:62:83:ff:90:85:84:81:a8:12:de:4a:af:7a:84:ba:7c:
e4:32:24:97:3b:1a:5e:75:f4:c8:71:ae:f9:08:a3:1b:ae:b9:
8c:7b:72:8b:2c:69:7b:90:53:88:59:1d:a5:83:ed:27:30:77:
2e:9f:5d:47:12:15:3f:90:5a:17:17:00:58:2f:e0:4b:27:61:
6c:f2:60:12:c2:df:44:dd:de:27:0b:15:98:51:04:5a:0a:43:
30:94:d2:e8:88:1f:2f:8a:69:77:a1:a6:87:5b:14:cb:f3:50:
63:d2:d2:ee:31:db:83:cf:9f:69:0f:27:80:c4:1e:4c:ea:2b:
08:c5:92:c8:dc:b1:42:f8:15:cf:ef:e1:e3:a8:91:b6:ba:56:
73:6f:63:ea:06:ab:f8:9c:89:3b:ab:a6:d7:15:5f:0e:5e:88:
16:e6:14:0a:30:37:9f:88:b6:78:4c:cc:0a:5c:97:cd:5c:0a:
b2:63:8e:6e:57:b8:79:39:5d:1a:9c:6e:9f:c8:1b:45:dd:b8:
4d:94:e8:60
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYUsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA2MTM0MjA4WhcNMjUwNzE0MTM0MjA4WjAYMRYw
FAYDVQQDEw02ODQyZjAzNS0zY2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6LKfLCpZhr8gOM/Cl+m00RtZ0zpJA/2EfWWz8raX4gexLAEXpCuzJrv
MUVBCjJyJOrmc9xNmS1aEhid4HVqSrilbhbUildj+yZ3goqFADRAGuqnRKZYi5n6
8dFHF5KZ8Ri8xlhVYroGcENthgvMKuUhURDSS10jOTyBYk0cIuvYndWeeJmOxu9/
mjxpcsB3TPUDsJRArOL4MT1tmtB9OKbt1BPKe73+kwJ7lS1j5cjF1WLJkmAsYf2K
WbgKfKvDjsXSVGZtH7JDak6Uvi4PGzqYXZwJtSfFnM8zJyfG+glr9LZmoR25E0mD
ORP7MeCGkUnzXWqlZACB1p8GTflgiwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFAlZ
EVzCD3LfkgqoCDibiuDV+nIXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQ0VCQTQwMjQyREMxMUYwQThDRUQ5OTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsU2AwQBmsVYMA0GCSqG
SIb3DQEBCwUAA4IBAQC4IBUC0ccicGGj4u35m+f6zyy0SMn17qTZanZagGm/dz2o
OpeG7O7fxA+BFoOOGxsJxlYUG2UkH2KD/5CFhIGoEt5Kr3qEunzkMiSXOxpedfTI
ca75CKMbrrmMe3KLLGl7kFOIWR2lg+0nMHcun11HEhU/kFoXFwBYL+BLJ2Fs8mAS
wt9E3d4nCxWYUQRaCkMwlNLoiB8viml3oaaHWxTL81Bj0tLuMduDz59pDyeAxB5M
6isIxZLI3LFC+BXP7+HjqJG2ulZzb2PqBqv4nIk7q6bXFV8OXogW5hQKMDefiLZ4
TMwKXJfNXAqyY45uV7h5OV0anG6fyBtF3bhNlOhg
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:53:25 2025 by rpki-client