Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F3876AC439411F0BE495EC1DAE4EC9C.roa
File: 8F3876AC439411F0BE495EC1DAE4EC9C.roa (raw, json)
Hash identifier: 75Xq1A1/tZ01sj2VmvFgiHPQ3hO+6Zn8X8RK9tpqYTg=
Subject key identifier: 55:38:EC:D0:6A:92:7B:23:D3:F1:93:B2:E5:1F:99:D8:4C:9E:AC:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01855A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F3876AC439411F0BE495EC1DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 11:42:59 +0000
ROA not before: Sat 07 Jun 2025 11:42:54 +0000
ROA not after: Sun 31 Aug 2025 11:42:54 +0000
asID: 399077
IP address blocks: 154.91.64.0/24 maxlen: 24
154.91.65.0/24 maxlen: 24
154.91.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99674 (0x1855a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 7 11:42:54 2025 GMT
Not After : Aug 31 11:42:54 2025 GMT
Subject: CN=684425c3-ce86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:16:a0:66:81:be:d9:f1:95:c2:4e:e2:34:
60:b2:b9:b3:d2:a3:2a:be:27:4a:6c:57:33:60:2a:
f7:65:b4:01:02:ca:50:85:39:1b:69:4e:72:22:aa:
6b:8e:22:5c:5b:84:26:de:db:93:e1:7a:41:fd:fa:
6b:1a:a2:49:f7:5a:ea:38:35:9d:5b:b1:c2:4d:67:
2c:46:73:bc:4f:5c:69:cd:c3:00:6c:c0:f8:dd:fc:
d2:60:9d:42:2a:cd:05:3b:b0:ef:e6:da:1f:83:f0:
d0:7d:e8:bf:d1:0a:d5:29:22:76:02:6d:7b:0d:75:
e9:66:11:cf:55:87:48:a1:94:60:4b:5c:54:65:db:
ee:1a:06:7b:28:b9:76:a7:5d:f8:c7:61:f7:96:83:
c8:fe:9f:a7:24:da:98:4f:82:b2:f5:9e:6c:34:fe:
26:0a:78:00:e4:8c:20:f9:69:d1:cf:a8:cb:97:d8:
56:6b:91:c7:b4:93:4d:cd:6e:f5:5c:ce:c7:44:65:
32:5b:e3:91:39:7a:fb:39:47:04:fe:cc:f9:08:34:
98:ac:ab:7d:56:8f:cc:53:d4:59:bc:10:95:00:b3:
7a:94:05:30:3e:10:31:15:2b:82:37:4e:a2:38:3f:
d2:28:30:12:8a:1d:92:26:93:5d:02:2a:ee:06:aa:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:38:EC:D0:6A:92:7B:23:D3:F1:93:B2:E5:1F:99:D8:4C:9E:AC:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F3876AC439411F0BE495EC1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.64.0-154.91.66.255
Signature Algorithm: sha256WithRSAEncryption
65:2b:09:5c:bb:89:3d:cb:4c:07:e7:bd:11:a0:4d:e2:55:3c:
10:3c:e5:c5:92:8c:42:49:5e:60:92:44:fc:8b:dc:ce:98:c1:
8e:09:28:88:90:b1:a4:c6:26:6c:bb:23:7a:fa:3d:5f:e7:bd:
3e:95:a0:78:66:88:b0:67:88:0a:22:e0:96:a5:99:cb:15:7e:
2d:69:c1:fc:17:d9:67:ab:be:ad:a5:85:4c:a1:7e:c1:95:8b:
a5:53:cd:0b:7e:e9:40:e5:9a:e7:84:59:6f:e3:ac:db:a5:07:
f3:a4:be:2f:a1:42:a6:ae:69:77:8a:0b:13:6d:c8:50:26:52:
71:12:2d:5b:45:89:6e:d5:2f:a6:7d:87:23:7f:c8:7e:0b:3f:
71:7d:a2:9e:5e:a6:46:84:2a:e6:e3:40:77:65:96:9e:4a:2f:
a6:60:e7:de:d3:33:7a:4c:60:33:99:fc:b3:86:b0:03:53:c8:
af:f3:7f:be:3b:2e:4d:db:0a:96:fd:c5:cd:62:b1:87:07:be:
a1:27:85:09:47:10:7f:62:26:70:a5:6d:5b:59:95:77:d3:bb:
a0:ba:c7:48:94:08:b0:1f:45:16:29:42:c6:e8:ac:7b:ac:66:
f1:ed:e0:16:82:cb:03:ae:ae:85:94:e1:00:b6:82:d8:0a:79:
7d:3f:16:c7
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYVaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA3MTE0MjU0WhcNMjUwODMxMTE0MjU0WjAYMRYw
FAYDVQQDEw02ODQ0MjVjMy1jZTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtIUWoGaBvtnxlcJO4jRgsrmz0qMqvidKbFczYCr3ZbQBAspQhTkbaU5y
IqprjiJcW4Qm3tuT4XpB/fprGqJJ91rqODWdW7HCTWcsRnO8T1xpzcMAbMD43fzS
YJ1CKs0FO7Dv5tofg/DQfei/0QrVKSJ2Am17DXXpZhHPVYdIoZRgS1xUZdvuGgZ7
KLl2p134x2H3loPI/p+nJNqYT4Ky9Z5sNP4mCngA5Iwg+WnRz6jLl9hWa5HHtJNN
zW71XM7HRGUyW+OROXr7OUcE/sz5CDSYrKt9Vo/MU9RZvBCVALN6lAUwPhAxFSuC
N06iOD/SKDASih2SJpNdAiruBqr//wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFU4
7NBqknsj0/GTsuUfmdhMnqw0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RjM4NzZBQzQzOTQxMUYwQkU0OTVFQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAaaW0ADBACaW0IwDQYJ
KoZIhvcNAQELBQADggEBAGUrCVy7iT3LTAfnvRGgTeJVPBA85cWSjEJJXmCSRPyL
3M6YwY4JKIiQsaTGJmy7I3r6PV/nvT6VoHhmiLBniAoi4JalmcsVfi1pwfwX2Wer
vq2lhUyhfsGVi6VTzQt+6UDlmueEWW/jrNulB/Okvi+hQqauaXeKCxNtyFAmUnES
LVtFiW7VL6Z9hyN/yH4LP3F9op5epkaEKubjQHdllp5KL6Zg597TM3pMYDOZ/LOG
sANTyK/zf747Lk3bCpb9xc1isYcHvqEnhQlHEH9iJnClbVtZlXfTu6C6x0iUCLAf
RRYpQsborHusZvHt4BaCywOuroWU4QC2gtgKeX0/Fsc=
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:07:56 2025 by rpki-client