Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/475E11AE452C11F0A528829ADAE4EC9C.roa
File: 475E11AE452C11F0A528829ADAE4EC9C.roa (raw, json)
Hash identifier: 8l8JMFmezjbE9lgexV+QWjTNuNutAs6YgbvFDW6cr00=
Subject key identifier: 0F:24:D6:F9:2F:46:35:D8:54:45:41:1F:0D:B6:81:68:EB:6B:6C:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018596
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/475E11AE452C11F0A528829ADAE4EC9C.roa
Signing time: Mon 09 Jun 2025 12:21:33 +0000
ROA not before: Mon 09 Jun 2025 12:21:28 +0000
ROA not after: Tue 11 Nov 2025 12:21:28 +0000
asID: 55020
IP address blocks: 154.210.16.0/20 maxlen: 24
154.213.64.0/20 maxlen: 24
154.222.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99734 (0x18596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 9 12:21:28 2025 GMT
Not After : Nov 11 12:21:28 2025 GMT
Subject: CN=6846d1cd-981b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9d:88:42:a6:04:a6:4a:f7:75:7a:e9:b9:96:
f2:01:49:eb:d9:fa:c1:5b:84:38:80:8f:f2:f9:dd:
1f:7e:fc:db:62:9c:04:1b:1a:b0:53:7b:d0:b2:47:
77:c4:a3:f2:0d:fc:a1:58:49:7f:e8:39:8a:1e:b0:
42:dc:85:11:f5:81:f9:ea:b9:85:f5:98:0c:04:dd:
c3:d3:a1:ea:1c:54:7d:2e:de:5c:d1:5f:ca:cb:78:
aa:98:0c:cf:02:74:23:ee:a7:2d:98:a5:2f:f6:dd:
3b:27:a1:28:0e:96:cd:b3:14:12:52:76:e0:fd:fd:
2f:7f:f6:10:e9:9c:bc:e6:2d:ab:ff:6d:3a:e1:83:
af:81:b8:b2:3d:ed:67:39:15:f4:39:a1:54:1a:1a:
b7:c3:a5:39:f3:5a:a2:ba:cc:71:04:b6:c4:07:09:
6b:37:f9:1e:10:c8:cd:06:b5:e9:31:0f:76:ce:58:
51:e4:aa:ff:62:28:23:12:b7:e0:d5:67:ff:33:1c:
6e:b8:d3:64:0f:25:84:36:c8:30:17:4b:c4:7b:fc:
47:cd:9c:92:5e:49:45:16:3f:c3:6b:74:0d:6d:56:
52:a0:4f:a3:87:95:c1:6b:b4:98:35:2e:8c:b3:40:
e1:c8:f4:8a:e0:20:7a:9f:86:df:e1:46:4e:47:49:
27:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:24:D6:F9:2F:46:35:D8:54:45:41:1F:0D:B6:81:68:EB:6B:6C:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/475E11AE452C11F0A528829ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.16.0/20
154.213.64.0/20
154.222.224.0/20
Signature Algorithm: sha256WithRSAEncryption
18:37:0f:a5:2b:bb:d8:88:87:d3:70:a1:ad:84:d7:77:d5:cf:
fb:2a:d0:0e:24:fb:89:80:4b:0c:e2:31:67:47:1e:62:a3:70:
5c:57:cc:73:ee:2e:32:36:46:1d:49:38:9f:4a:4b:d7:9d:83:
29:ea:cd:ad:03:8f:51:7a:1f:75:0b:25:2f:1c:98:d2:54:47:
a2:29:2c:6a:fb:d0:ee:16:86:8d:9a:39:ea:bb:f2:60:db:64:
c5:0d:af:00:c5:05:a6:91:4d:3d:a4:95:aa:21:4d:51:0a:12:
4d:07:6c:0f:12:4e:0e:f7:0e:cc:ee:26:4c:17:f6:71:d5:e2:
c2:7d:96:7d:73:c6:3d:f9:8a:3f:a3:c0:23:f4:51:cf:82:66:
0f:0d:b8:08:7a:3b:60:ec:ad:ce:52:7e:cf:9d:f3:fa:1c:21:
2f:0a:6d:77:71:18:c7:08:47:9f:b6:2f:58:7a:af:9d:c4:75:
a7:52:f4:0c:3f:30:23:ba:c3:4d:27:30:69:39:cb:a4:f6:dd:
02:6a:74:a3:aa:e8:bf:9d:6c:48:e6:b2:d7:13:27:26:b2:f6:
7f:9b:8d:c8:de:61:0a:3c:f1:7d:8c:75:f8:02:91:f7:0e:02:
9a:8e:e3:75:c9:5f:98:be:ae:43:39:be:0a:7f:29:8f:80:7e:
97:02:b4:48
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYWWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA5MTIyMTI4WhcNMjUxMTExMTIyMTI4WjAYMRYw
FAYDVQQDEw02ODQ2ZDFjZC05ODFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Z2IQqYEpkr3dXrpuZbyAUnr2frBW4Q4gI/y+d0ffvzbYpwEGxqwU3vQ
skd3xKPyDfyhWEl/6DmKHrBC3IUR9YH56rmF9ZgMBN3D06HqHFR9Lt5c0V/Ky3iq
mAzPAnQj7qctmKUv9t07J6EoDpbNsxQSUnbg/f0vf/YQ6Zy85i2r/2064YOvgbiy
Pe1nORX0OaFUGhq3w6U581qiusxxBLbEBwlrN/keEMjNBrXpMQ92zlhR5Kr/Yigj
Erfg1Wf/MxxuuNNkDyWENsgwF0vEe/xHzZySXklFFj/Da3QNbVZSoE+jh5XBa7SY
NS6Ms0DhyPSK4CB6n4bf4UZOR0knFQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFA8k
1vkvRjXYVEVBHw22gWjra2z0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzVFMTFBRTQ1MkMxMUYwQTUyODgyOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEmtIQAwQEmtVAAwQEmt7g
MA0GCSqGSIb3DQEBCwUAA4IBAQAYNw+lK7vYiIfTcKGthNd31c/7KtAOJPuJgEsM
4jFnRx5io3BcV8xz7i4yNkYdSTifSkvXnYMp6s2tA49Reh91CyUvHJjSVEeiKSxq
+9DuFoaNmjnqu/Jg22TFDa8AxQWmkU09pJWqIU1RChJNB2wPEk4O9w7M7iZMF/Zx
1eLCfZZ9c8Y9+Yo/o8Aj9FHPgmYPDbgIejtg7K3OUn7PnfP6HCEvCm13cRjHCEef
ti9Yeq+dxHWnUvQMPzAjusNNJzBpOcuk9t0CanSjqui/nWxI5rLXEycmsvZ/m43I
3mEKPPF9jHX4ApH3DgKajuN1yV+Yvq5DOb4KfymPgH6XArRI
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:09:10 2025 by rpki-client