Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/676B964E3C7E11F0A41F55B1DAE4EC9C.roa
File: 676B964E3C7E11F0A41F55B1DAE4EC9C.roa (raw, json)
Hash identifier: IBnJZxhgwNzNfWXdR/uOY+kBMU0y7Ss1+KkQYA9XBbw=
Subject key identifier: 4A:F5:AA:52:80:E8:86:E2:42:8E:D2:1C:61:F0:4F:47:39:F5:E7:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183BC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/676B964E3C7E11F0A41F55B1DAE4EC9C.roa
Signing time: Thu 29 May 2025 11:16:45 +0000
ROA not before: Thu 29 May 2025 11:16:40 +0000
ROA not after: Tue 16 Jun 2026 11:16:40 +0000
asID: 398152
IP address blocks: 154.194.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99260 (0x183bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 29 11:16:40 2025 GMT
Not After : Jun 16 11:16:40 2026 GMT
Subject: CN=6838421d-ad56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:f8:ca:d5:3b:91:90:6d:6f:a3:67:7f:fc:
ec:3f:09:b9:cf:ee:b7:53:d8:d6:78:fc:5d:46:c8:
b9:68:ac:f3:5b:62:4b:d2:27:e4:65:e3:03:87:88:
7f:42:c4:68:43:a8:8f:f9:64:13:be:09:a7:c5:7a:
01:b9:e9:93:4c:76:84:8d:e9:ec:ac:13:0b:76:5a:
09:17:db:49:f3:80:8f:f3:b5:5d:f1:69:cb:45:9e:
94:11:49:09:25:d9:af:53:90:e8:66:c3:29:8e:41:
46:48:d4:7f:7b:0a:e8:ff:75:83:3d:d6:98:14:45:
ef:a2:4f:dc:9d:53:0e:f8:7b:79:93:b7:df:fd:60:
fe:3e:60:38:98:dd:1f:0a:8a:1c:a9:d6:42:1e:9a:
10:87:1d:af:c4:4f:ec:1c:d1:1b:97:47:0c:9b:e0:
7d:fd:5a:c3:3d:d4:4a:42:75:d4:bd:85:62:23:dd:
3b:c1:b3:d9:fb:cc:b2:0b:88:44:55:78:8d:78:86:
1d:a5:ed:cb:b7:f1:d8:e6:4c:09:99:b6:7d:69:c4:
22:cc:69:4d:da:38:1a:58:0a:c5:d5:c0:f1:f2:8a:
d3:3f:1b:ab:7d:bc:6d:3b:8d:8d:7a:5d:46:96:52:
10:c5:dc:16:9c:1e:8d:96:3c:a6:27:42:84:32:e0:
29:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F5:AA:52:80:E8:86:E2:42:8E:D2:1C:61:F0:4F:47:39:F5:E7:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/676B964E3C7E11F0A41F55B1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.1.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:46:5e:c3:0b:33:2c:35:2a:58:c0:eb:f9:7a:a3:32:ad:8f:
ab:b2:57:8c:ee:4d:b5:05:e3:05:96:e5:14:38:b0:e6:45:b3:
8f:dd:43:b3:2f:8e:b7:55:e2:8e:a0:42:14:8a:6e:a8:73:3a:
fd:89:99:c0:d1:b0:1a:7c:f8:03:8e:a2:50:b6:cb:2a:43:aa:
7a:14:bb:1b:e6:3e:53:c1:81:5a:fc:c5:5b:40:4a:5f:9e:3a:
74:01:37:09:73:e1:93:1b:48:5c:fb:13:eb:93:a1:f5:a2:43:
74:88:0a:6b:68:06:5b:9f:13:e3:7e:2f:9b:35:8c:ab:79:4c:
62:46:60:80:eb:e4:fb:cd:19:10:f7:f3:31:9f:59:83:10:2f:
f7:8d:42:fb:c4:b4:97:47:a4:10:a5:ae:c4:d1:96:f0:f6:aa:
1d:b1:56:f6:bb:02:6e:b0:6d:98:ea:dc:8f:87:76:ca:d5:5b:
21:7f:a6:ae:52:f7:fa:ce:f2:88:f4:92:7a:f6:e3:0d:a6:d5:
48:70:0e:e8:80:d6:13:74:46:d5:a9:0c:2d:78:c5:03:8e:20:
21:52:30:3c:3b:61:47:08:5b:23:a5:22:8e:89:04:fd:76:c6:
df:84:2c:2f:75:9e:5d:45:7a:27:ca:ae:1e:e3:fb:ba:d7:3d:
ba:b2:b0:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYO8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI5MTExNjQwWhcNMjYwNjE2MTExNjQwWjAYMRYw
FAYDVQQDEw02ODM4NDIxZC1hZDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrH4ytU7kZBtb6Nnf/zsPwm5z+63U9jWePxdRsi5aKzzW2JL0ifkZeMD
h4h/QsRoQ6iP+WQTvgmnxXoBuemTTHaEjensrBMLdloJF9tJ84CP87Vd8WnLRZ6U
EUkJJdmvU5DoZsMpjkFGSNR/ewro/3WDPdaYFEXvok/cnVMO+Ht5k7ff/WD+PmA4
mN0fCoocqdZCHpoQhx2vxE/sHNEbl0cMm+B9/VrDPdRKQnXUvYViI907wbPZ+8yy
C4hEVXiNeIYdpe3Lt/HY5kwJmbZ9acQizGlN2jgaWArF1cDx8orTPxurfbxtO42N
el1GllIQxdwWnB6NljymJ0KEMuAp0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEr1
qlKA6IbiQo7SHGHwT0c59edIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzZCOTY0RTNDN0UxMUYwQTQxRjU1QjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIBMA0GCSqGSIb3DQEB
CwUAA4IBAQCaRl7DCzMsNSpYwOv5eqMyrY+rsleM7k21BeMFluUUOLDmRbOP3UOz
L463VeKOoEIUim6oczr9iZnA0bAafPgDjqJQtssqQ6p6FLsb5j5TwYFa/MVbQEpf
njp0ATcJc+GTG0hc+xPrk6H1okN0iApraAZbnxPjfi+bNYyreUxiRmCA6+T7zRkQ
9/Mxn1mDEC/3jUL7xLSXR6QQpa7E0Zbw9qodsVb2uwJusG2Y6tyPh3bK1Vshf6au
Uvf6zvKI9JJ69uMNptVIcA7ogNYTdEbVqQwteMUDjiAhUjA8O2FHCFsjpSKOiQT9
dsbfhCwvdZ5dRXonyq4e4/u61z26srAC
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:07:26 2025 by rpki-client