Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A36C576490411F097B00DAFDAE4EC9C.roa
File: 3A36C576490411F097B00DAFDAE4EC9C.roa (raw, json)
Hash identifier: sXYjHzxZBNTPE4Y7+QGU3zUsllta4UvQoog94m292yg=
Subject key identifier: 18:28:B5:B9:26:A7:4C:BA:3B:E1:26:AF:9A:FF:E1:D5:5F:21:D1:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018684
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A36C576490411F097B00DAFDAE4EC9C.roa
Signing time: Sat 14 Jun 2025 09:44:56 +0000
ROA not before: Sat 14 Jun 2025 09:44:51 +0000
ROA not after: Mon 23 Jun 2025 09:44:51 +0000
asID: 398478
IP address blocks: 154.92.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99972 (0x18684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 14 09:44:51 2025 GMT
Not After : Jun 23 09:44:51 2025 GMT
Subject: CN=684d4498-e974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6b:05:aa:02:ef:5f:8e:b1:f5:27:11:93:68:
71:66:76:07:73:27:6f:c3:73:34:b6:21:de:95:d9:
48:4d:01:81:dd:5b:46:9c:96:17:f8:e8:7c:be:0b:
6f:54:80:a5:61:88:74:02:84:07:81:cf:36:00:a9:
1d:e8:8a:20:cc:fc:90:df:27:59:65:bd:3e:16:d4:
16:2b:28:e6:ac:7d:25:66:70:4c:df:2b:30:51:a2:
14:0b:58:6f:1f:ea:89:24:a3:52:71:2d:97:7b:fe:
92:be:37:fa:72:16:ba:7d:cf:c4:66:49:24:52:d6:
6f:41:65:3a:96:28:0f:6d:7c:5e:a2:08:3b:55:9d:
2e:05:a1:f0:f2:7d:f9:f9:d9:15:36:4e:95:ce:54:
82:47:84:4b:fc:d8:12:70:6f:66:45:c7:34:a4:37:
ff:8d:f5:ad:e3:70:c4:16:25:87:10:ed:f5:d6:0c:
fb:2c:d6:37:04:64:6a:e9:86:96:14:39:a1:f1:6e:
25:78:e4:8b:5b:37:37:c4:ad:6b:64:c4:fd:a1:a4:
7c:8d:dc:05:dd:fe:93:3a:c2:33:76:82:8d:b6:bd:
60:ad:01:d2:24:76:5e:82:4b:cb:6b:f9:e9:3e:07:
11:cf:7f:4f:ab:b5:5e:a5:01:ca:c0:d2:db:c0:36:
75:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:28:B5:B9:26:A7:4C:BA:3B:E1:26:AF:9A:FF:E1:D5:5F:21:D1:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A36C576490411F097B00DAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.176.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:2c:5c:b6:84:d4:44:da:8b:6f:6e:44:82:f1:10:37:f7:8e:
a3:e9:c9:68:81:4a:fc:1c:17:d0:42:16:d2:cd:99:ec:06:03:
f1:a3:f2:c1:af:23:91:da:23:10:1b:11:e3:1f:42:83:32:11:
2c:0d:08:bf:b5:5a:03:d2:de:66:1b:98:12:96:7b:92:2a:19:
84:fc:84:ef:c9:ae:a7:56:4f:9c:7c:83:f0:2d:f3:9c:31:8f:
d2:ee:a8:c1:d2:2a:31:81:86:d2:0d:14:a0:e3:59:26:54:e6:
c0:91:c5:5f:aa:33:00:3f:b0:19:28:1a:bb:c1:51:0b:90:12:
91:d7:ac:f5:c0:25:bb:bf:25:4e:b6:cb:33:dd:f3:e5:cf:4e:
4f:3a:da:fa:21:40:0a:a2:0f:67:6b:25:65:e8:b8:66:7a:17:
65:b7:53:e0:cc:fa:3f:29:59:46:d1:5d:f0:15:c9:2d:26:10:
8e:6b:0c:ac:27:79:a7:2d:c0:a4:86:01:99:84:bb:1b:31:aa:
7c:d0:3e:18:10:fb:f5:ae:ad:3e:8b:91:57:36:5d:4e:d0:0b:
7c:ea:fa:fb:c9:f8:99:b0:90:fc:a3:85:b6:4e:9d:29:b1:96:
6e:02:8e:57:e4:a7:b1:02:73:bc:74:dc:a0:1e:ba:03:50:18:
65:f9:35:82
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYaEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE0MDk0NDUxWhcNMjUwNjIzMDk0NDUxWjAYMRYw
FAYDVQQDEw02ODRkNDQ5OC1lOTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxmsFqgLvX46x9ScRk2hxZnYHcydvw3M0tiHeldlITQGB3VtGnJYX+Oh8
vgtvVIClYYh0AoQHgc82AKkd6IogzPyQ3ydZZb0+FtQWKyjmrH0lZnBM3yswUaIU
C1hvH+qJJKNScS2Xe/6Svjf6cha6fc/EZkkkUtZvQWU6ligPbXxeogg7VZ0uBaHw
8n35+dkVNk6VzlSCR4RL/NgScG9mRcc0pDf/jfWt43DEFiWHEO311gz7LNY3BGRq
6YaWFDmh8W4leOSLWzc3xK1rZMT9oaR8jdwF3f6TOsIzdoKNtr1grQHSJHZegkvL
a/npPgcRz39Pq7VepQHKwNLbwDZ13QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBgo
tbkmp0y6O+Emr5r/4dVfIdF4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTM2QzU3NjQ5MDQxMUYwOTdCMDBEQUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlywMA0GCSqGSIb3DQEB
CwUAA4IBAQCpLFy2hNRE2otvbkSC8RA3946j6clogUr8HBfQQhbSzZnsBgPxo/LB
ryOR2iMQGxHjH0KDMhEsDQi/tVoD0t5mG5gSlnuSKhmE/ITvya6nVk+cfIPwLfOc
MY/S7qjB0ioxgYbSDRSg41kmVObAkcVfqjMAP7AZKBq7wVELkBKR16z1wCW7vyVO
tssz3fPlz05POtr6IUAKog9nayVl6Lhmehdlt1PgzPo/KVlG0V3wFcktJhCOawys
J3mnLcCkhgGZhLsbMap80D4YEPv1rq0+i5FXNl1O0At86vr7yfiZsJD8o4W2Tp0p
sZZuAo5X5KexAnO8dNygHroDUBhl+TWC
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:12:32 2025 by rpki-client