Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/857192DC453011F0B31086B7DAE4EC9C.roa
File: 857192DC453011F0B31086B7DAE4EC9C.roa (raw, json)
Hash identifier: tQE6/Auc1rqg75KsWlZtf/hFWWa1dwlkAan8YUjz+MI=
Subject key identifier: F5:32:95:D2:49:DF:0C:DC:45:CD:BC:35:18:4D:9F:C6:CD:8B:8C:3D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/857192DC453011F0B31086B7DAE4EC9C.roa
Signing time: Mon 09 Jun 2025 12:51:55 +0000
ROA not before: Mon 09 Jun 2025 12:51:50 +0000
ROA not after: Tue 11 Nov 2025 12:51:50 +0000
asID: 55020
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99746 (0x185a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 9 12:51:50 2025 GMT
Not After : Nov 11 12:51:50 2025 GMT
Subject: CN=6846d8eb-8e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:63:a7:27:a0:83:70:23:f6:21:e8:0a:4d:b0:
fc:d9:d0:1c:ab:3e:b3:e6:b8:0d:7c:94:18:dc:54:
59:1f:f8:a7:06:a5:7a:bf:db:e6:84:2a:db:4e:38:
6c:b4:39:f7:8c:d6:bc:97:a4:ab:44:f0:33:ed:c6:
61:6e:af:c8:74:70:2f:22:ac:39:6e:53:a5:f0:2f:
8b:31:53:c0:29:24:f2:58:5d:74:53:ea:11:b0:f6:
49:6a:8b:04:92:5b:26:a8:c4:c2:36:ad:c6:9e:fc:
27:c8:f7:54:f3:42:2c:30:50:c0:22:7a:2e:be:e0:
97:b7:f5:c4:2e:aa:8d:3b:ae:9f:2e:c4:7a:20:20:
d9:4c:2d:00:e3:a4:f9:32:0c:17:9a:d7:71:d8:36:
41:9b:fd:9d:9d:68:44:7f:7a:19:9e:2a:15:a4:78:
d1:6a:d9:11:e6:71:22:38:24:9a:01:1a:2d:fc:2b:
33:e7:84:7c:af:77:1d:51:da:2b:d7:36:e4:7a:49:
32:01:b3:7e:6b:6a:57:27:bc:81:5f:f6:ff:83:1e:
93:b4:35:70:00:86:f3:09:61:27:7e:a9:04:77:7c:
ab:64:28:64:bf:51:85:a5:b5:d6:2d:01:10:49:39:
8c:82:0e:00:18:92:ca:f8:40:76:23:4d:62:dd:66:
c3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:32:95:D2:49:DF:0C:DC:45:CD:BC:35:18:4D:9F:C6:CD:8B:8C:3D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/857192DC453011F0B31086B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:e8:18:4b:1b:8e:68:4b:e7:e6:fa:dc:80:58:03:cf:6b:e4:
4b:65:50:07:09:f5:01:eb:46:ac:4c:ef:5b:c3:cc:5c:68:c8:
44:4b:b1:85:78:7f:a1:41:48:a2:8a:f0:4e:56:19:e1:22:ec:
40:9b:12:e1:ae:4f:fc:94:8c:7a:39:77:da:f6:d2:8d:ac:41:
fb:ac:4c:c6:0c:f5:3c:46:f8:59:da:3e:9c:09:78:32:b1:3f:
55:bc:7c:d4:3c:f2:b9:d4:7c:42:ea:6e:29:eb:69:09:a5:c5:
52:b2:99:d0:14:e4:2f:ab:25:ac:56:bb:a1:e8:b2:85:89:cb:
97:64:db:68:f7:05:66:13:c5:d8:b6:fd:69:a3:0b:f9:06:08:
7b:75:e5:52:f3:94:25:96:15:0b:f3:d7:55:12:ab:b4:a9:8e:
93:57:59:13:ba:04:16:7b:9c:0b:93:e3:c4:8a:a3:5f:65:2f:
6b:e0:1e:15:42:c1:24:5c:3f:b7:b3:3a:45:26:18:bc:f1:e8:
af:16:af:b2:39:8f:9a:c5:67:f9:43:33:22:57:b0:ba:70:67:
2a:b5:45:ce:24:f9:f3:fc:9b:8c:17:e7:28:14:6a:f7:d7:92:
d7:a4:b0:aa:55:11:bb:2a:a2:4b:56:0d:f9:38:79:33:2e:a8:
1e:19:88:20
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYWiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA5MTI1MTUwWhcNMjUxMTExMTI1MTUwWjAYMRYw
FAYDVQQDEw02ODQ2ZDhlYi04ZTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6GOnJ6CDcCP2IegKTbD82dAcqz6z5rgNfJQY3FRZH/inBqV6v9vmhCrb
TjhstDn3jNa8l6SrRPAz7cZhbq/IdHAvIqw5blOl8C+LMVPAKSTyWF10U+oRsPZJ
aosEklsmqMTCNq3GnvwnyPdU80IsMFDAInouvuCXt/XELqqNO66fLsR6ICDZTC0A
46T5MgwXmtdx2DZBm/2dnWhEf3oZnioVpHjRatkR5nEiOCSaARot/Csz54R8r3cd
Udor1zbkekkyAbN+a2pXJ7yBX/b/gx6TtDVwAIbzCWEnfqkEd3yrZChkv1GFpbXW
LQEQSTmMgg4AGJLK+EB2I01i3WbD9QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPUy
ldJJ3wzcRc28NRhNn8bNi4w9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NTcxOTJEQzQ1MzAxMUYwQjMxMDg2QjdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQB66BhLG45oS+fm+tyAWAPPa+RLZVAHCfUB60asTO9bw8xc
aMhES7GFeH+hQUiiivBOVhnhIuxAmxLhrk/8lIx6OXfa9tKNrEH7rEzGDPU8RvhZ
2j6cCXgysT9VvHzUPPK51HxC6m4p62kJpcVSspnQFOQvqyWsVruh6LKFicuXZNto
9wVmE8XYtv1powv5Bgh7deVS85QllhUL89dVEqu0qY6TV1kTugQWe5wLk+PEiqNf
ZS9r4B4VQsEkXD+3szpFJhi88eivFq+yOY+axWf5QzMiV7C6cGcqtUXOJPnz/JuM
F+coFGr315LXpLCqVRG7KqJLVg35OHkzLqgeGYgg
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:55:10 2025 by rpki-client