Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11F5A45E452D11F09CA4A5A0DAE4EC9C.roa
File: 11F5A45E452D11F09CA4A5A0DAE4EC9C.roa (raw, json)
Hash identifier: KN4M1R0eKowBh9S6Vy2ekB9VoeysCReez/SqzBS/yzY=
Subject key identifier: 30:2A:AE:DC:71:D9:62:72:DF:E1:49:B9:31:F0:91:F3:8B:60:5C:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018598
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11F5A45E452D11F09CA4A5A0DAE4EC9C.roa
Signing time: Mon 09 Jun 2025 12:27:13 +0000
ROA not before: Mon 09 Jun 2025 12:27:08 +0000
ROA not after: Tue 11 Nov 2025 12:27:08 +0000
asID: 400619
IP address blocks: 154.210.16.0/20 maxlen: 24
154.213.64.0/20 maxlen: 24
154.222.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99736 (0x18598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 9 12:27:08 2025 GMT
Not After : Nov 11 12:27:08 2025 GMT
Subject: CN=6846d321-9629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e8:4c:bc:21:79:c2:7b:e6:cc:31:90:4a:6a:
d1:aa:b8:9f:1c:da:eb:4a:35:e3:94:6d:d9:14:4e:
2e:86:e6:4c:dc:26:e4:c8:e7:a1:9f:e5:3c:4d:84:
5c:f0:2a:94:fe:19:11:22:5a:fd:79:78:fc:e4:e4:
fe:22:23:45:a4:69:a5:55:e1:63:b2:9d:85:42:55:
06:44:d2:90:53:17:4a:af:ba:af:b6:ce:c1:df:80:
15:e9:45:fa:87:77:ce:f9:bf:5a:d0:c7:9c:43:b7:
e7:02:28:00:d2:fc:b3:1a:de:88:d0:04:f6:95:fb:
1c:63:15:53:40:1e:00:96:7c:38:07:f7:0f:3d:bd:
f5:07:55:3b:e0:c0:d5:a0:8d:d2:e0:b2:2c:da:ec:
49:b8:16:eb:ee:bc:66:6e:78:de:a2:3e:87:5c:e2:
16:47:96:16:aa:16:04:66:6b:e5:e1:8f:d8:ce:e6:
45:71:bb:f3:46:d0:72:1a:23:b4:f6:b3:97:ad:37:
2d:69:1e:24:7a:ad:39:ba:ee:03:55:d1:5e:8a:f8:
3d:e4:32:59:1a:e8:cb:a3:21:32:8d:57:68:d6:12:
c4:ee:e4:30:b1:e8:16:1a:99:06:78:6a:8e:70:48:
b0:ef:82:25:84:d1:43:8e:74:e2:44:32:ca:1b:58:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2A:AE:DC:71:D9:62:72:DF:E1:49:B9:31:F0:91:F3:8B:60:5C:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/11F5A45E452D11F09CA4A5A0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.213.64.0/20
154.222.224.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:26:3b:20:18:ee:2d:d0:c4:ae:78:17:ba:02:0e:1d:95:b1:
04:74:13:a9:df:3a:7c:a3:b5:2e:44:d7:9f:20:58:14:8a:0e:
5e:14:4c:c5:d5:12:e5:0f:e3:07:f8:34:36:d8:ed:16:7f:06:
91:f4:cb:00:a4:14:ee:77:56:17:a4:b6:ff:ee:af:70:26:cb:
24:34:ab:2c:5c:5e:28:fe:9a:75:b4:4f:90:a9:3c:4b:0d:42:
96:7e:ca:d0:cb:9c:35:46:3b:4f:9f:9d:29:4a:cd:97:93:6c:
bd:31:ad:ee:cb:77:6c:e5:7f:dc:fa:a8:a5:bd:c8:53:90:9f:
fa:cb:ef:05:a6:aa:64:0e:fb:69:8f:1d:b9:9c:4f:94:80:39:
01:fd:88:d0:32:28:02:34:ab:7d:af:5d:08:e3:40:dc:b8:12:
15:a5:f3:32:12:01:7f:df:5d:8e:3a:76:df:2f:5d:9c:76:1d:
bd:25:51:ba:a2:97:1b:99:d3:47:e4:8b:94:bf:09:bb:31:59:
3f:9a:cb:6a:74:a1:59:83:a9:7e:21:b6:8b:79:a7:b3:0c:3a:
9a:18:58:84:0e:8b:2c:56:9c:7a:1d:47:c2:bf:8b:9a:48:38:
46:be:12:30:87:56:70:1d:bc:a4:15:48:23:ec:36:ea:b8:8e:
38:5a:55:73
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYWYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA5MTIyNzA4WhcNMjUxMTExMTIyNzA4WjAYMRYw
FAYDVQQDEw02ODQ2ZDMyMS05NjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwuhMvCF5wnvmzDGQSmrRqrifHNrrSjXjlG3ZFE4uhuZM3CbkyOehn+U8
TYRc8CqU/hkRIlr9eXj85OT+IiNFpGmlVeFjsp2FQlUGRNKQUxdKr7qvts7B34AV
6UX6h3fO+b9a0MecQ7fnAigA0vyzGt6I0AT2lfscYxVTQB4Alnw4B/cPPb31B1U7
4MDVoI3S4LIs2uxJuBbr7rxmbnjeoj6HXOIWR5YWqhYEZmvl4Y/YzuZFcbvzRtBy
GiO09rOXrTctaR4keq05uu4DVdFeivg95DJZGujLoyEyjVdo1hLE7uQwsegWGpkG
eGqOcEiw74IlhNFDjnTiRDLKG1jSRQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFDAq
rtxx2WJy3+FJuTHwkfOLYFy8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMUY1QTQ1RTQ1MkQxMUYwOUNBNEE1QTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEmtIQAwQEmtVAAwQEmt7g
MA0GCSqGSIb3DQEBCwUAA4IBAQCbJjsgGO4t0MSueBe6Ag4dlbEEdBOp3zp8o7Uu
RNefIFgUig5eFEzF1RLlD+MH+DQ22O0WfwaR9MsApBTud1YXpLb/7q9wJsskNKss
XF4o/pp1tE+QqTxLDUKWfsrQy5w1RjtPn50pSs2Xk2y9Ma3uy3ds5X/c+qilvchT
kJ/6y+8FpqpkDvtpjx25nE+UgDkB/YjQMigCNKt9r10I40DcuBIVpfMyEgF/312O
OnbfL12cdh29JVG6opcbmdNH5IuUvwm7MVk/mstqdKFZg6l+IbaLeaezDDqaGFiE
DossVpx6HUfCv4uaSDhGvhIwh1ZwHbykFUgj7DbquI44WlVz
-----END CERTIFICATE-----
Generated at Tue Jun 17 00:49:26 2025 by rpki-client