Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BDF5160460211F08D091F89DAE4EC9C.roa
File: 1BDF5160460211F08D091F89DAE4EC9C.roa (raw, json)
Hash identifier: GPU19Mq9EYbmFdKsS1T3Ernh1NSf/CFWFoqrTOxF1Ak=
Subject key identifier: DD:85:17:88:E0:DA:2A:AD:D5:DD:F6:81:71:67:28:4D:2D:E8:9D:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185D2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BDF5160460211F08D091F89DAE4EC9C.roa
Signing time: Tue 10 Jun 2025 13:52:12 +0000
ROA not before: Tue 10 Jun 2025 13:52:06 +0000
ROA not after: Mon 16 Jun 2025 13:52:06 +0000
asID: 54600
IP address blocks: 154.91.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 16 Jun 2025 13:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99794 (0x185d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 10 13:52:06 2025 GMT
Not After : Jun 16 13:52:06 2025 GMT
Subject: CN=6848388c-7bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d1:00:db:2a:25:10:a0:f6:ab:94:15:f6:e6:
8d:4e:d0:6f:36:7c:8d:38:33:41:bc:40:5e:5c:9f:
87:a3:d2:ff:ff:36:18:73:ac:ac:2b:b7:16:19:34:
d3:01:1f:a4:72:42:32:25:5e:57:26:68:2a:13:71:
ea:5a:24:f4:e2:fe:ae:30:86:32:30:fe:16:f8:4d:
3a:12:76:ce:50:67:40:b7:44:44:6b:ba:ab:00:83:
a0:bd:7a:02:0b:06:30:ad:21:6b:6c:59:e1:b4:f2:
db:1d:7c:a6:c7:67:54:d8:62:43:b4:94:5f:86:a5:
2f:72:1f:6d:c1:0c:7e:e0:f2:80:44:7d:85:5a:0c:
dc:89:ab:8d:bd:e1:53:e4:86:43:96:f2:78:aa:48:
13:f7:b0:d6:80:49:3f:5b:e7:73:3d:34:5d:75:6e:
27:a5:9b:64:8e:39:50:a4:7d:65:44:3e:eb:d8:c9:
ab:38:8e:7d:fc:21:e9:9c:61:d2:ab:42:b6:74:1f:
c7:2d:dd:df:e4:44:72:0b:48:9a:23:7e:c4:e2:08:
68:b2:d9:1c:28:4f:11:8d:06:17:49:8c:b6:41:e4:
e7:fd:41:a6:16:2d:16:06:96:d2:3b:8f:55:d6:3f:
6f:f4:bf:19:3a:0c:95:0b:1d:69:22:96:f5:5a:c3:
5d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:85:17:88:E0:DA:2A:AD:D5:DD:F6:81:71:67:28:4D:2D:E8:9D:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BDF5160460211F08D091F89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
Signature Algorithm: sha256WithRSAEncryption
91:74:26:4f:f4:5c:f1:68:aa:e0:9d:4f:e4:94:46:fc:97:f5:
75:60:d2:7b:c9:77:3a:98:76:8a:40:e6:27:5d:af:ec:d1:c6:
1d:78:51:fd:b9:cb:04:09:d8:67:6c:f4:c7:8a:4a:1d:e9:ca:
92:ab:25:24:e1:9b:78:db:2f:df:e7:fe:eb:1e:28:a7:8a:47:
29:e8:00:f8:b5:ae:46:f4:63:5a:23:00:e5:48:4c:c1:d3:a0:
31:a0:69:1b:f1:9e:13:a1:98:c2:3f:91:16:b4:84:17:27:8a:
5c:0d:f7:6b:76:48:81:af:98:ee:1f:e7:77:08:1f:6c:42:ed:
0b:05:71:c3:f3:95:ba:9d:7b:d4:df:09:3a:f6:dd:6e:3d:c7:
72:bd:0a:53:7b:e3:a6:40:f8:7e:05:4b:33:e9:eb:0f:ae:8c:
f9:f0:9c:bc:01:94:39:85:c2:0f:0d:04:8e:ff:6d:e3:8d:7d:
00:5f:a8:7a:20:f6:db:95:78:a2:40:e1:4b:5c:34:cb:78:84:
f7:55:36:34:22:69:3e:b4:a6:17:37:44:7c:fb:0b:0d:ca:69:
3c:16:0f:08:aa:db:2a:ab:86:8d:b8:09:96:c9:72:af:dc:03:
bf:e2:1a:cb:d7:31:f2:98:dc:da:cb:d2:37:91:61:a1:6b:01:
2a:74:f4:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYXSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEwMTM1MjA2WhcNMjUwNjE2MTM1MjA2WjAYMRYw
FAYDVQQDEw02ODQ4Mzg4Yy03YmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0tEA2yolEKD2q5QV9uaNTtBvNnyNODNBvEBeXJ+Ho9L//zYYc6ysK7cW
GTTTAR+kckIyJV5XJmgqE3HqWiT04v6uMIYyMP4W+E06EnbOUGdAt0REa7qrAIOg
vXoCCwYwrSFrbFnhtPLbHXymx2dU2GJDtJRfhqUvch9twQx+4PKARH2FWgzciauN
veFT5IZDlvJ4qkgT97DWgEk/W+dzPTRddW4npZtkjjlQpH1lRD7r2MmrOI59/CHp
nGHSq0K2dB/HLd3f5ERyC0iaI37E4ghostkcKE8RjQYXSYy2QeTn/UGmFi0WBpbS
O49V1j9v9L8ZOgyVCx1pIpb1WsNdbwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN2F
F4jg2iqt1d32gXFnKE0t6J1/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkRGNTE2MDQ2MDIxMUYwOEQwOTFGODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlswMA0GCSqGSIb3DQEB
CwUAA4IBAQCRdCZP9FzxaKrgnU/klEb8l/V1YNJ7yXc6mHaKQOYnXa/s0cYdeFH9
ucsECdhnbPTHikod6cqSqyUk4Zt42y/f5/7rHiinikcp6AD4ta5G9GNaIwDlSEzB
06AxoGkb8Z4ToZjCP5EWtIQXJ4pcDfdrdkiBr5juH+d3CB9sQu0LBXHD85W6nXvU
3wk69t1uPcdyvQpTe+OmQPh+BUsz6esProz58Jy8AZQ5hcIPDQSO/23jjX0AX6h6
IPbblXiiQOFLXDTLeIT3VTY0Imk+tKYXN0R8+wsNymk8Fg8Iqtsqq4aNuAmWyXKv
3AO/4hrL1zHymNzay9I3kWGhawEqdPRi
-----END CERTIFICATE-----
Generated at Sun Jun 15 04:55:09 2025 by rpki-client