Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/520277A8664711F098821D88DAE4EC9C.roa
File: 520277A8664711F098821D88DAE4EC9C.roa (raw, json)
Hash identifier: DaV5+deVsZ+0HQjh/o7fH9Vj46Vfgr2U7XL80aIh8OM=
Subject key identifier: 94:49:23:5D:52:0E:33:B9:3E:63:FB:66:9B:D2:2F:18:95:07:0B:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E87
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/520277A8664711F098821D88DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 15:28:16 +0000
ROA not before: Mon 21 Jul 2025 15:28:11 +0000
ROA not after: Sat 04 Jul 2026 15:28:11 +0000
asID: 13335
IP address blocks: 154.193.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 05 Aug 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102023 (0x18e87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 21 15:28:11 2025 GMT
Not After : Jul 4 15:28:11 2026 GMT
Subject: CN=687e5c90-f761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:66:3e:d4:62:a4:23:55:b5:8b:cc:0e:68:22:
f8:d0:0b:0c:eb:06:69:bb:60:55:74:1e:c3:cf:19:
cd:db:58:86:12:64:f1:cd:fb:7a:57:c0:b3:d3:9b:
da:ed:7d:01:d1:1f:0b:c9:af:18:4d:d1:c0:3f:6c:
ad:ab:c4:67:79:a9:60:14:f8:12:bc:33:49:69:bc:
f2:83:72:64:a2:15:f5:20:52:f4:2c:eb:20:10:75:
79:19:e5:72:d3:90:3b:ce:84:86:24:a4:0a:b9:b2:
1d:cc:48:31:4c:96:43:41:b5:32:f0:4e:69:d3:3e:
34:1c:8a:17:96:0f:b4:a2:ea:c5:37:e1:e2:f8:da:
b2:fd:ae:25:f3:fe:71:01:4a:d3:8d:39:ae:fb:b4:
ea:f2:1b:63:bc:8a:71:10:1f:8a:b9:91:3c:7f:1f:
b8:d8:dc:0f:5d:15:4b:e6:d6:5e:ae:83:c3:ff:c5:
18:1a:89:87:4e:7a:dd:fd:f1:ef:02:0d:f5:22:56:
81:13:b9:ae:b4:55:9f:7e:be:e5:9e:86:86:d4:5a:
81:5e:62:e5:82:4c:ad:7b:20:d1:d7:62:9b:67:e1:
93:28:63:64:ff:56:f2:7b:c7:f7:30:f4:b2:a5:e6:
a0:9f:ee:73:48:48:76:fc:43:dc:3b:f2:76:d2:4f:
cb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:49:23:5D:52:0E:33:B9:3E:63:FB:66:9B:D2:2F:18:95:07:0B:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/520277A8664711F098821D88DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.133.0/24
Signature Algorithm: sha256WithRSAEncryption
79:48:9b:fa:61:d8:3b:36:06:10:8a:e8:75:7e:e0:87:57:19:
a4:66:61:fc:15:44:97:89:25:ee:27:7a:c7:03:e7:e8:db:56:
bd:4f:a4:af:04:39:37:2c:f8:0f:34:81:85:c1:58:db:9e:55:
e7:bb:87:51:81:0b:77:77:58:c6:bd:31:43:69:a1:e8:84:5a:
c4:aa:1f:2e:68:d3:c3:44:41:6f:ec:0a:fb:75:09:10:4e:e7:
a3:ed:58:b5:6e:b9:ea:2a:db:44:97:43:94:2c:63:0a:57:db:
92:17:40:d6:e9:38:13:0b:a5:02:a7:27:49:82:1c:b6:b3:42:
e0:8d:7c:13:f3:45:2a:c8:bd:7f:9a:15:80:f8:5c:8d:b6:e6:
82:fb:6a:0b:09:69:b5:5e:2d:42:05:5c:61:d1:97:0f:20:35:
cb:fd:6c:80:cf:af:e6:7e:97:54:2d:63:22:be:14:a7:79:3b:
25:c8:25:93:15:81:83:d0:89:02:b5:f4:a9:75:ec:fd:7a:f5:
6d:43:f6:bf:9e:c2:b3:7b:21:9c:50:a7:e1:9d:dc:d2:6e:1a:
33:f7:5d:4f:13:16:14:c2:b3:34:50:26:2a:46:ac:f3:f2:82:
f9:ec:19:59:29:da:8b:05:26:d2:16:bd:34:a3:fb:1f:15:e2:
63:b0:ec:37
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY6HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIxMTUyODExWhcNMjYwNzA0MTUyODExWjAYMRYw
FAYDVQQDEw02ODdlNWM5MC1mNzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/WY+1GKkI1W1i8wOaCL40AsM6wZpu2BVdB7DzxnN21iGEmTxzft6V8Cz
05va7X0B0R8Lya8YTdHAP2ytq8RnealgFPgSvDNJabzyg3JkohX1IFL0LOsgEHV5
GeVy05A7zoSGJKQKubIdzEgxTJZDQbUy8E5p0z40HIoXlg+0ourFN+Hi+Nqy/a4l
8/5xAUrTjTmu+7Tq8htjvIpxEB+KuZE8fx+42NwPXRVL5tZeroPD/8UYGomHTnrd
/fHvAg31IlaBE7mutFWffr7lnoaG1FqBXmLlgkyteyDR12KbZ+GTKGNk/1bye8f3
MPSypeagn+5zSEh2/EPcO/J20k/LkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJRJ
I11SDjO5PmP7ZpvSLxiVBwuwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MjAyNzdBODY2NDcxMUYwOTg4MjFEODhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGFMA0GCSqGSIb3DQEB
CwUAA4IBAQB5SJv6Ydg7NgYQiuh1fuCHVxmkZmH8FUSXiSXuJ3rHA+fo21a9T6Sv
BDk3LPgPNIGFwVjbnlXnu4dRgQt3d1jGvTFDaaHohFrEqh8uaNPDREFv7Ar7dQkQ
Tuej7Vi1brnqKttEl0OULGMKV9uSF0DW6TgTC6UCpydJghy2s0LgjXwT80UqyL1/
mhWA+FyNtuaC+2oLCWm1Xi1CBVxh0ZcPIDXL/WyAz6/mfpdULWMivhSneTslyCWT
FYGD0IkCtfSpdez9evVtQ/a/nsKzeyGcUKfhndzSbhoz911PExYUwrM0UCYqRqzz
8oL57BlZKdqLBSbSFr00o/sfFeJjsOw3
-----END CERTIFICATE-----
Generated at Mon Aug 4 01:47:41 2025 by rpki-client