Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C3AC076477811F08A4BA58EDAE4EC9C.roa
File: 8C3AC076477811F08A4BA58EDAE4EC9C.roa (raw, json)
Hash identifier: qACKWBkICW+Ht4d2oLiqXdac3OW7gNSSWNMx2LH9RrA=
Subject key identifier: 12:36:1B:75:4F:3F:1B:5A:32:9D:D6:78:9B:4D:79:CA:23:40:07:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018611
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C3AC076477811F08A4BA58EDAE4EC9C.roa
Signing time: Thu 12 Jun 2025 10:32:33 +0000
ROA not before: Thu 12 Jun 2025 10:32:28 +0000
ROA not after: Thu 17 Jul 2025 10:32:28 +0000
asID: 21859
IP address blocks: 154.222.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99857 (0x18611)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 10:32:28 2025 GMT
Not After : Jul 17 10:32:28 2025 GMT
Subject: CN=684aacc0-42b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:55:24:71:35:75:e8:2a:b4:0c:f6:cb:23:95:
8c:dd:8b:eb:cb:1e:e6:8b:f0:55:47:1f:fd:f6:3e:
90:be:d0:83:a4:e1:df:c0:5e:07:72:4b:87:d9:89:
58:b3:ae:ac:c0:76:28:13:ea:01:be:38:09:b5:b1:
55:c6:4f:96:46:64:5d:28:72:fc:04:ef:0c:e3:3a:
b6:68:25:8e:f6:10:86:36:8c:4e:a4:dd:22:74:d7:
de:45:d3:48:ab:45:eb:ef:fd:c6:d9:d5:a4:5b:4d:
e9:9b:7c:a6:06:91:60:8a:50:be:5b:02:f3:ab:dc:
0c:ec:4e:2d:70:f8:a1:4b:24:ae:27:a3:ff:ed:70:
f4:97:a7:96:c0:84:47:63:5e:39:8f:bd:4f:28:ab:
ec:47:18:15:39:4d:5c:ce:1a:6d:37:c4:fb:d6:46:
96:96:b6:18:07:b6:a6:d0:2b:22:48:06:40:ce:aa:
d3:97:57:49:ea:77:94:dd:72:d8:80:8d:79:9e:c6:
bc:b8:b6:46:cd:b5:0a:a3:1b:a7:5a:ff:e1:5e:81:
35:c5:74:43:5d:5a:8c:75:b9:8f:e2:f0:55:62:7e:
9a:43:f7:14:e4:aa:91:40:99:52:78:a6:7e:77:32:
b2:45:24:83:29:27:f7:d9:08:96:29:e2:25:59:d4:
56:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:36:1B:75:4F:3F:1B:5A:32:9D:D6:78:9B:4D:79:CA:23:40:07:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C3AC076477811F08A4BA58EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.87.0/24
Signature Algorithm: sha256WithRSAEncryption
09:32:d6:96:35:92:90:bb:9b:f1:ff:50:aa:38:4b:3b:ba:56:
74:b4:4d:cf:ac:11:af:55:1a:32:c9:48:5b:c4:e9:dd:5f:2f:
ed:d1:f5:6c:ce:c5:f9:c9:15:65:c7:cb:19:9b:b4:e5:4e:03:
fa:fd:4e:85:c9:72:eb:fe:49:76:37:2e:c9:52:d2:2d:78:64:
b8:31:fb:27:1f:53:a1:5b:30:f1:84:4c:7c:3c:11:10:3a:af:
f8:08:a0:7b:c8:99:f1:19:5b:fb:4e:d1:03:7c:47:c9:96:c9:
7d:af:c1:25:fe:f0:44:25:1f:b2:ca:de:2f:3e:30:88:b3:6e:
81:4c:da:f7:f7:b7:94:a6:4b:b0:0f:ce:88:16:25:64:58:a8:
51:be:54:fb:90:f8:2a:42:e6:69:e2:ea:2b:3d:8e:a0:f8:c1:
59:07:a8:f6:1d:0e:73:a8:d1:91:39:ef:45:8d:1a:28:68:b5:
74:0a:7a:f8:df:fa:4b:77:eb:8c:1b:66:64:52:55:61:22:ee:
4f:7e:07:b7:53:63:f1:06:7a:75:b1:58:1b:7f:8e:ba:41:5a:
a0:33:98:ff:f8:16:d1:be:82:c3:5d:30:bc:3b:70:95:c3:64:
ee:74:88:b7:00:fa:22:81:21:a3:a9:d6:58:54:03:9f:b9:6f:
88:bf:6a:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYYRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEyMTAzMjI4WhcNMjUwNzE3MTAzMjI4WjAYMRYw
FAYDVQQDEw02ODRhYWNjMC00MmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1UkcTV16Cq0DPbLI5WM3Yvryx7mi/BVRx/99j6QvtCDpOHfwF4HckuH
2YlYs66swHYoE+oBvjgJtbFVxk+WRmRdKHL8BO8M4zq2aCWO9hCGNoxOpN0idNfe
RdNIq0Xr7/3G2dWkW03pm3ymBpFgilC+WwLzq9wM7E4tcPihSySuJ6P/7XD0l6eW
wIRHY145j71PKKvsRxgVOU1czhptN8T71kaWlrYYB7am0CsiSAZAzqrTl1dJ6neU
3XLYgI15nsa8uLZGzbUKoxunWv/hXoE1xXRDXVqMdbmP4vBVYn6aQ/cU5KqRQJlS
eKZ+dzKyRSSDKSf32QiWKeIlWdRW2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBI2
G3VPPxtaMp3WeJtNecojQAf8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzNBQzA3NjQ3NzgxMUYwOEE0QkE1OEVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5XMA0GCSqGSIb3DQEB
CwUAA4IBAQAJMtaWNZKQu5vx/1CqOEs7ulZ0tE3PrBGvVRoyyUhbxOndXy/t0fVs
zsX5yRVlx8sZm7TlTgP6/U6FyXLr/kl2Ny7JUtIteGS4MfsnH1OhWzDxhEx8PBEQ
Oq/4CKB7yJnxGVv7TtEDfEfJlsl9r8El/vBEJR+yyt4vPjCIs26BTNr397eUpkuw
D86IFiVkWKhRvlT7kPgqQuZp4uorPY6g+MFZB6j2HQ5zqNGROe9FjRooaLV0Cnr4
3/pLd+uMG2ZkUlVhIu5Pfge3U2PxBnp1sVgbf466QVqgM5j/+BbRvoLDXTC8O3CV
w2TudIi3APoigSGjqdZYVAOfuW+Iv2oa
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:14:21 2025 by rpki-client