Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FFB8BEE406711F0958F0D9EDAE4EC9C.roa
File: 9FFB8BEE406711F0958F0D9EDAE4EC9C.roa (raw, json)
Hash identifier: hvlwdZvTLQn3lp+ET1UBpoiBBJDPJGW3FjFk4AF+a0A=
Subject key identifier: 54:9D:FD:A6:F3:6A:FF:1C:AE:3E:53:D6:9F:D2:BF:4B:08:D1:66:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01845F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FFB8BEE406711F0958F0D9EDAE4EC9C.roa
Signing time: Tue 03 Jun 2025 10:43:46 +0000
ROA not before: Tue 03 Jun 2025 10:43:42 +0000
ROA not after: Mon 07 Jul 2025 10:43:42 +0000
asID: 20473
IP address blocks: 154.222.70.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99423 (0x1845f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 3 10:43:42 2025 GMT
Not After : Jul 7 10:43:42 2025 GMT
Subject: CN=683ed1e2-3a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:89:48:5d:b6:e1:09:e4:13:a8:9a:ba:9a:
ba:04:18:35:92:ad:8e:d7:aa:e6:40:66:1c:1e:62:
9d:d9:7c:14:74:08:a0:06:9d:44:7a:eb:6c:88:c4:
8b:a5:cb:8d:05:49:6e:08:b9:46:54:dc:da:d3:28:
25:d4:0c:15:87:4d:fc:5f:a0:75:5c:04:e7:f9:f4:
c6:43:ad:4a:7d:47:a8:8a:05:dc:06:89:d9:9e:ad:
1d:98:8e:60:12:c0:77:1a:52:98:83:74:64:34:cd:
c2:f2:9a:08:7f:13:57:37:42:7b:1b:f7:b5:15:b2:
13:ff:e0:9f:da:5d:a7:4b:ce:df:b5:57:e9:81:27:
e6:03:40:be:2c:eb:68:bd:88:44:78:98:95:b2:6e:
55:ed:96:f3:fa:fb:87:35:2b:7e:ab:63:2e:b4:d2:
82:9f:a2:7c:01:6f:96:31:79:66:97:6a:36:bf:35:
45:de:52:f2:6e:be:de:87:48:a2:53:d7:dc:a3:6c:
ef:47:7c:25:94:58:a6:7d:92:17:ab:d4:5e:0a:37:
b7:60:e4:70:99:5c:23:7e:95:e5:ac:d6:16:7d:06:
15:04:c4:16:ff:59:56:2f:f7:92:d6:6b:71:3e:81:
8f:b9:b8:a7:a5:98:e8:4e:d6:bc:f0:c3:fb:25:7d:
a2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9D:FD:A6:F3:6A:FF:1C:AE:3E:53:D6:9F:D2:BF:4B:08:D1:66:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FFB8BEE406711F0958F0D9EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.70.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:b0:ef:62:ea:27:08:ba:31:21:b4:c1:6d:61:dd:98:23:59:
05:b7:64:a1:bd:eb:58:cc:dd:e7:3c:6d:6f:66:8a:02:4d:0c:
de:d4:94:41:aa:a6:c6:9a:60:4a:21:39:0b:bb:f0:b7:b2:87:
d7:0e:d6:2f:a4:8d:22:e7:a6:fa:60:f6:da:aa:6c:80:13:de:
9c:66:9f:a3:aa:e8:f5:28:db:76:41:24:1e:35:bf:52:71:0a:
cc:7a:83:62:a6:53:96:11:9c:5e:74:d3:e1:e1:1a:98:c8:de:
ee:bf:9e:f7:d6:2c:84:0b:f9:c7:93:5d:6b:2c:b6:0b:af:4a:
57:1e:33:f6:71:70:57:8b:0f:ad:23:b8:95:85:77:f0:ca:99:
e4:98:2a:73:5b:32:2d:0b:21:5e:01:fc:d9:e3:ad:45:77:3e:
79:d6:15:69:c7:4d:43:df:7c:5e:40:9e:d2:06:55:ee:40:0a:
01:bd:4c:fd:40:bc:47:71:ad:39:4c:c0:85:28:83:f4:90:28:
d0:cc:88:6b:df:0a:f6:11:c5:f7:50:a4:02:10:77:92:54:d4:
44:c2:50:d5:82:ce:53:fb:48:d2:25:32:3c:df:a5:71:36:13:
e5:4b:00:3d:33:b2:32:86:22:5c:8f:90:60:6f:a4:90:ac:7c:
f8:e1:d2:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYRfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAzMTA0MzQyWhcNMjUwNzA3MTA0MzQyWjAYMRYw
FAYDVQQDEw02ODNlZDFlMi0zYTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxLaJSF224QnkE6iaupq6BBg1kq2O16rmQGYcHmKd2XwUdAigBp1Eeuts
iMSLpcuNBUluCLlGVNza0ygl1AwVh038X6B1XATn+fTGQ61KfUeoigXcBonZnq0d
mI5gEsB3GlKYg3RkNM3C8poIfxNXN0J7G/e1FbIT/+Cf2l2nS87ftVfpgSfmA0C+
LOtovYhEeJiVsm5V7Zbz+vuHNSt+q2MutNKCn6J8AW+WMXlml2o2vzVF3lLybr7e
h0iiU9fco2zvR3wllFimfZIXq9ReCje3YORwmVwjfpXlrNYWfQYVBMQW/1lWL/eS
1mtxPoGPubinpZjoTta88MP7JX2iFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFSd
/abzav8crj5T1p/Sv0sI0Wa7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RkZCOEJFRTQwNjcxMUYwOTU4RjBEOUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt5GMA0GCSqGSIb3DQEB
CwUAA4IBAQDOsO9i6icIujEhtMFtYd2YI1kFt2ShvetYzN3nPG1vZooCTQze1JRB
qqbGmmBKITkLu/C3sofXDtYvpI0i56b6YPbaqmyAE96cZp+jquj1KNt2QSQeNb9S
cQrMeoNiplOWEZxedNPh4RqYyN7uv5731iyEC/nHk11rLLYLr0pXHjP2cXBXiw+t
I7iVhXfwypnkmCpzWzItCyFeAfzZ461Fdz551hVpx01D33xeQJ7SBlXuQAoBvUz9
QLxHca05TMCFKIP0kCjQzIhr3wr2EcX3UKQCEHeSVNREwlDVgs5T+0jSJTI836Vx
NhPlSwA9M7IyhiJcj5Bgb6SQrHz44dIs
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:10:03 2025 by rpki-client