Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C54465A6FA011F091EBE7EBDAE4EC9C.roa
File: 2C54465A6FA011F091EBE7EBDAE4EC9C.roa (raw, json)
Hash identifier: 9pXN93hhq8iRdtuTwrJwiCeyu55LLoCj7i5YYZVlI8Y=
Subject key identifier: EC:59:2B:BE:66:21:81:62:AB:72:23:24:C5:39:3D:13:B0:60:46:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019036
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C54465A6FA011F091EBE7EBDAE4EC9C.roa
Signing time: Sat 02 Aug 2025 12:56:58 +0000
ROA not before: Sat 02 Aug 2025 12:56:53 +0000
ROA not after: Sun 07 Sep 2025 12:56:53 +0000
asID: 5650
IP address blocks: 154.194.20.0/22 maxlen: 24
154.205.176.0/22 maxlen: 24
154.205.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102454 (0x19036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 12:56:53 2025 GMT
Not After : Sep 7 12:56:53 2025 GMT
Subject: CN=688e0b1a-fb23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:c4:e3:8b:3a:63:ca:ca:3b:04:5c:50:ae:
2b:93:87:68:e9:33:12:a6:3b:36:c7:59:72:1e:14:
9a:78:89:b2:24:8b:6d:c8:a6:0c:9b:88:5a:c3:4e:
40:bf:63:55:33:41:5e:17:33:3a:c1:39:ac:4e:8c:
fb:70:a6:6d:9b:03:30:92:63:5b:81:e9:a0:cf:67:
8e:49:7d:42:a4:60:a7:3f:35:c6:52:a3:71:72:f3:
28:91:93:24:a4:b8:83:8c:94:dc:d8:4b:3a:4b:03:
fd:bb:29:15:35:09:86:8b:2f:fa:d4:90:2b:7a:51:
d4:4e:f5:17:51:e2:b7:a8:a7:ac:75:ff:77:1f:8e:
c3:3b:cc:20:b6:4f:0b:51:12:ec:29:11:85:f5:23:
80:0d:77:ba:dd:95:b6:52:d8:90:33:af:06:14:ee:
48:a6:45:bc:11:5b:10:bc:05:af:6c:31:ed:42:f8:
fc:48:47:9a:fc:61:61:b5:5a:3c:90:b5:ee:b4:62:
f0:d8:de:11:1b:ee:38:cc:21:f0:c2:7d:5d:07:56:
0e:de:31:6e:f2:3f:f2:11:33:5f:7d:98:48:f6:b5:
8c:cc:b7:a9:94:61:30:b3:ed:44:0a:85:66:4f:9c:
20:70:b9:9d:23:75:5d:9b:fc:0c:92:10:b7:d9:6b:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:59:2B:BE:66:21:81:62:AB:72:23:24:C5:39:3D:13:B0:60:46:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C54465A6FA011F091EBE7EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.20.0/22
154.205.176.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:b4:40:e1:e0:4a:75:93:18:af:5c:1a:76:8c:68:a0:98:af:
b6:5f:3e:ba:44:0d:91:12:e3:9c:bb:42:71:90:01:4c:13:63:
19:74:c0:dc:ba:fb:d8:49:76:86:a6:16:76:bb:ac:b1:59:0b:
07:a9:7a:a4:f5:55:0b:67:49:c1:e8:ea:cf:8c:f7:06:6c:88:
47:90:bd:6e:de:8c:10:ce:79:d4:49:e3:df:03:04:a9:7a:86:
3f:59:8a:00:3c:c8:90:09:18:02:4e:5e:30:bc:a1:9b:f6:85:
b1:95:fe:50:21:c3:26:99:df:c7:37:dd:8b:2e:9a:66:2a:58:
44:22:02:0f:01:18:82:22:29:7b:9a:48:1a:78:b4:d2:d0:4d:
c2:ac:98:2d:e3:7a:73:8c:8c:99:6b:11:4e:39:d3:0d:dc:8c:
eb:19:e7:6d:53:29:0a:9a:4c:f6:d2:a1:c4:6e:c9:47:47:25:
1f:02:71:0e:24:97:b6:57:6d:49:6b:fe:39:7b:8b:4a:89:72:
76:b1:8b:82:a7:dc:cf:f9:f8:74:bf:10:8e:61:c8:55:48:f7:
66:63:1b:69:9b:10:4e:33:ee:75:c4:4b:26:2b:01:40:62:4a:
79:5a:6a:b9:03:2e:ec:d6:f0:08:52:43:91:c0:46:fc:47:a0:
51:12:01:99
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZA2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMTI1NjUzWhcNMjUwOTA3MTI1NjUzWjAYMRYw
FAYDVQQDEw02ODhlMGIxYS1mYjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv+3E44s6Y8rKOwRcUK4rk4do6TMSpjs2x1lyHhSaeImyJIttyKYMm4ha
w05Av2NVM0FeFzM6wTmsToz7cKZtmwMwkmNbgemgz2eOSX1CpGCnPzXGUqNxcvMo
kZMkpLiDjJTc2Es6SwP9uykVNQmGiy/61JArelHUTvUXUeK3qKesdf93H47DO8wg
tk8LURLsKRGF9SOADXe63ZW2UtiQM68GFO5IpkW8EVsQvAWvbDHtQvj8SEea/GFh
tVo8kLXutGLw2N4RG+44zCHwwn1dB1YO3jFu8j/yETNffZhI9rWMzLeplGEws+1E
CoVmT5wgcLmdI3Vdm/wMkhC32WsXMwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOxZ
K75mIYFiq3IjJMU5PROwYEYAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzU0NDY1QTZGQTAxMUYwOTFFQkU3RUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIUAwQDms2wMA0GCSqG
SIb3DQEBCwUAA4IBAQArtEDh4Ep1kxivXBp2jGigmK+2Xz66RA2REuOcu0JxkAFM
E2MZdMDcuvvYSXaGphZ2u6yxWQsHqXqk9VULZ0nB6OrPjPcGbIhHkL1u3owQznnU
SePfAwSpeoY/WYoAPMiQCRgCTl4wvKGb9oWxlf5QIcMmmd/HN92LLppmKlhEIgIP
ARiCIil7mkgaeLTS0E3CrJgt43pzjIyZaxFOOdMN3IzrGedtUykKmkz20qHEbslH
RyUfAnEOJJe2V21Ja/45e4tKiXJ2sYuCp9zP+fh0vxCOYchVSPdmYxtpmxBOM+51
xEsmKwFAYkp5Wmq5Ay7s1vAIUkORwEb8R6BREgGZ
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:31:44 2025 by rpki-client