Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A421DC443AE11F08292E9E3DAE4EC9C.roa
File: 2A421DC443AE11F08292E9E3DAE4EC9C.roa (raw, json)
Hash identifier: W+Vpg+VehouvKhe4tVaX2CP1lwuwQ/GHnygPUiIk6z4=
Subject key identifier: 9E:8D:2E:3B:0C:EC:F0:A2:67:D1:17:FD:A7:B1:D5:94:18:C1:C5:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018578
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A421DC443AE11F08292E9E3DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 14:46:17 +0000
ROA not before: Sat 07 Jun 2025 14:46:11 +0000
ROA not after: Wed 16 Jul 2025 14:46:11 +0000
asID: 401701
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99704 (0x18578)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 14:46:11 2025 GMT
Not After : Jul 16 14:46:11 2025 GMT
Subject: CN=684450b8-78f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4e:1c:f9:5d:8e:83:04:06:15:65:61:1c:95:
e5:f0:80:c6:d6:58:a0:f5:66:06:82:e9:ef:f2:b1:
12:1d:8c:2c:08:00:88:fe:f5:1e:52:22:b9:26:f2:
fb:3c:e4:e5:21:bc:11:51:20:83:39:a6:c2:26:91:
11:0a:be:be:34:17:12:6a:64:da:bc:55:a0:93:17:
1d:39:44:df:f7:80:0c:3d:05:b3:aa:69:b8:cd:89:
7e:a8:c3:2e:d0:4d:87:97:b0:bc:ce:a8:3a:6e:ce:
1a:1a:dd:2e:cd:d4:93:49:d6:39:1f:45:fa:80:cd:
9e:74:2b:72:7c:a7:94:84:03:2f:fe:29:e1:92:a9:
d5:54:94:cf:47:80:4d:10:c1:26:63:7e:3a:56:90:
c9:b6:29:de:ac:bd:5c:e2:56:05:9e:9d:86:19:5e:
ec:b0:75:76:69:e1:93:08:93:ec:bc:4f:7e:30:93:
4d:3d:3a:a6:dd:1e:50:6f:73:81:2d:b7:a6:92:ac:
ac:26:4e:48:7d:38:9e:fb:01:c0:b3:ee:ed:5a:53:
06:55:72:d4:b0:8f:28:25:5e:ab:fc:a1:43:96:6b:
f4:4e:c6:88:db:54:e6:ab:60:18:a8:7f:55:aa:a0:
0d:85:96:4e:a1:fa:8b:26:7d:5d:04:b0:c4:9e:86:
fe:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8D:2E:3B:0C:EC:F0:A2:67:D1:17:FD:A7:B1:D5:94:18:C1:C5:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A421DC443AE11F08292E9E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
63:52:62:c2:5f:6e:75:7b:71:ca:98:2a:23:3d:cd:cc:eb:da:
ca:fc:0e:ff:98:f0:8f:36:ae:47:a5:3a:9a:55:1a:2a:eb:14:
53:42:43:ab:2b:8e:ff:11:eb:f9:85:a0:3b:21:0f:15:b7:d5:
44:81:85:d3:d9:9b:bc:09:66:bc:4f:af:85:c9:d4:86:53:be:
e3:f7:42:ba:80:65:af:c9:8f:4a:69:78:eb:46:b7:fb:db:95:
3d:f7:b2:61:7c:9f:4c:2d:64:a5:72:b0:c3:24:3c:ce:81:36:
9e:41:99:a4:fa:c2:b1:47:17:80:76:c8:42:17:43:ee:09:b8:
ca:6a:20:69:68:f4:14:f6:35:e7:86:57:89:29:09:d0:75:72:
fe:99:ac:8b:ab:fa:d6:69:ce:60:96:7f:29:bf:ce:60:d6:b6:
00:c7:c9:6a:09:7f:80:a1:a9:b0:9b:f8:f3:5b:9c:ff:2a:c8:
3e:b7:da:fe:3a:98:c9:5f:da:0c:2f:59:8b:ea:e8:96:9f:38:
00:be:9c:0e:e6:aa:91:81:77:3f:6a:89:52:37:61:b1:7d:fa:
05:ca:9d:c7:d3:30:47:bf:48:2e:3f:c5:7a:b7:cb:28:4f:e8:
2d:37:05:3e:72:2f:1e:ec:05:78:7b:bf:8d:aa:6c:ec:f5:0a:
ff:8e:58:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYV4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MTQ0NjExWhcNMjUwNzE2MTQ0NjExWjAYMRYw
FAYDVQQDEw02ODQ0NTBiOC03OGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArU4c+V2OgwQGFWVhHJXl8IDG1lig9WYGgunv8rESHYwsCACI/vUeUiK5
JvL7POTlIbwRUSCDOabCJpERCr6+NBcSamTavFWgkxcdOUTf94AMPQWzqmm4zYl+
qMMu0E2Hl7C8zqg6bs4aGt0uzdSTSdY5H0X6gM2edCtyfKeUhAMv/inhkqnVVJTP
R4BNEMEmY346VpDJtinerL1c4lYFnp2GGV7ssHV2aeGTCJPsvE9+MJNNPTqm3R5Q
b3OBLbemkqysJk5IfTie+wHAs+7tWlMGVXLUsI8oJV6r/KFDlmv0TsaI21Tmq2AY
qH9VqqANhZZOofqLJn1dBLDEnob+FQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ6N
LjsM7PCiZ9EX/aex1ZQYwcUPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTQyMURDNDQzQUUxMUYwODI5MkU5RTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQBjUmLCX251e3HKmCojPc3M69rK/A7/mPCPNq5HpTqaVRoq6xRTQkOr
K47/Eev5haA7IQ8Vt9VEgYXT2Zu8CWa8T6+FydSGU77j90K6gGWvyY9KaXjrRrf7
25U997JhfJ9MLWSlcrDDJDzOgTaeQZmk+sKxRxeAdshCF0PuCbjKaiBpaPQU9jXn
hleJKQnQdXL+mayLq/rWac5gln8pv85g1rYAx8lqCX+Aoamwm/jzW5z/Ksg+t9r+
OpjJX9oML1mL6uiWnzgAvpwO5qqRgXc/aolSN2GxffoFyp3H0zBHv0guP8V6t8so
T+gtNwU+ci8e7AV4e7+Nqmzs9Qr/jljE
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:05:27 2025 by rpki-client