Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF43350A48FF11F08876AC91DAE4EC9C.roa
File: CF43350A48FF11F08876AC91DAE4EC9C.roa (raw, json)
Hash identifier: 31lPFjJinWWvhdTcFQBYnzMBnwswmItRbYYYhujuE0U=
Subject key identifier: B2:A9:32:72:5B:EE:17:C2:F6:11:97:FB:ED:CB:D0:A2:46:EF:64:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018675
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF43350A48FF11F08876AC91DAE4EC9C.roa
Signing time: Sat 14 Jun 2025 09:13:18 +0000
ROA not before: Sat 14 Jun 2025 09:13:12 +0000
ROA not after: Fri 04 Jul 2025 09:13:12 +0000
asID: 398993
IP address blocks: 154.92.176.0/20 maxlen: 24
154.199.208.0/20 maxlen: 24
154.199.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99957 (0x18675)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 14 09:13:12 2025 GMT
Not After : Jul 4 09:13:12 2025 GMT
Subject: CN=684d3d2e-84bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:85:80:22:7d:ce:e7:5b:3b:26:da:b5:e3:61:
17:35:f7:0f:cd:2a:00:b3:37:ed:b1:80:e6:7a:d3:
52:0f:9a:e1:12:f8:a1:60:e2:97:7f:a5:3c:75:0b:
cf:bf:fa:b5:07:65:ef:28:a1:3b:a4:06:89:62:2d:
24:02:e1:c0:c1:55:00:e9:8f:e8:59:70:d9:00:aa:
cb:39:2d:82:1b:45:42:89:b9:fe:0c:bc:fe:ce:05:
fa:51:f0:41:de:42:a3:43:8e:e8:5b:09:f3:99:e6:
cf:bb:66:2e:90:1a:fb:07:32:9f:44:9e:13:c8:d4:
df:e9:9f:f8:13:93:a5:ea:3d:f2:92:b9:6b:e9:a2:
4a:c3:92:62:7e:ae:59:7b:41:a7:79:1d:67:2b:98:
eb:18:9b:0b:48:eb:1d:03:40:98:3d:aa:45:ab:b6:
31:7c:6e:e4:4a:de:12:b8:67:3a:ec:b3:d0:94:19:
ba:22:1a:2b:dd:f3:e9:e2:b8:ea:d4:ae:66:fd:29:
10:a0:fe:61:0f:9d:7d:eb:f8:12:d5:53:56:7f:b1:
2b:4f:e1:a8:93:12:80:76:8d:60:8b:04:0a:6e:77:
db:92:43:9f:dd:fe:a0:2b:ba:7a:06:9d:ca:48:95:
cd:98:10:f5:0b:1d:58:69:d4:79:39:d4:0a:0d:55:
d1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A9:32:72:5B:EE:17:C2:F6:11:97:FB:ED:CB:D0:A2:46:EF:64:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF43350A48FF11F08876AC91DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.176.0/20
154.199.208.0-154.199.255.255
Signature Algorithm: sha256WithRSAEncryption
45:61:75:30:ad:99:a9:cd:05:12:2e:f7:d8:1e:63:68:ec:94:
3f:ec:a1:90:dd:0b:32:0e:b0:94:84:6f:84:d4:eb:ac:13:40:
6c:95:95:4e:3d:21:a4:5f:13:12:cb:fe:c3:ea:91:c9:88:28:
3c:a8:aa:f9:69:62:37:fc:a9:04:17:f7:c2:00:45:53:fd:35:
98:40:2f:24:8e:95:c8:13:31:d1:a8:95:7d:08:a4:27:60:98:
27:86:9f:44:f2:14:5a:59:0a:37:58:60:32:f2:4e:b8:82:f4:
3d:5f:33:15:61:3b:77:e3:0e:00:10:63:a4:9b:44:0d:5c:e5:
ba:f8:2d:38:c0:20:a8:8a:b3:3d:78:78:bb:11:95:90:d4:48:
d9:72:09:fc:75:8c:af:33:83:39:84:c6:6b:60:b0:17:59:9d:
d6:52:69:67:f9:e6:9e:48:36:7c:e7:1d:66:a9:19:9f:55:d9:
91:bd:a6:e7:27:38:17:7d:4f:42:ac:e8:c4:9b:e1:4c:40:1e:
e0:52:34:58:b4:40:d9:01:b4:31:35:5f:d1:20:12:43:36:fb:
7b:7d:d5:83:be:d1:5f:55:16:43:36:31:67:91:00:90:cd:76:
51:62:b2:d8:ec:4d:fb:3e:6a:09:c0:d5:7a:82:14:c0:1b:2e:
be:51:fb:2f
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIDAYZ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE0MDkxMzEyWhcNMjUwNzA0MDkxMzEyWjAYMRYw
FAYDVQQDEw02ODRkM2QyZS04NGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6YWAIn3O51s7Jtq142EXNfcPzSoAszftsYDmetNSD5rhEvihYOKXf6U8
dQvPv/q1B2XvKKE7pAaJYi0kAuHAwVUA6Y/oWXDZAKrLOS2CG0VCibn+DLz+zgX6
UfBB3kKjQ47oWwnzmebPu2YukBr7BzKfRJ4TyNTf6Z/4E5Ol6j3ykrlr6aJKw5Ji
fq5Ze0GneR1nK5jrGJsLSOsdA0CYPapFq7YxfG7kSt4SuGc67LPQlBm6Ihor3fPp
4rjq1K5m/SkQoP5hD5196/gS1VNWf7ErT+GokxKAdo1giwQKbnfbkkOf3f6gK7p6
Bp3KSJXNmBD1Cx1YadR5OdQKDVXRoQIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFLKp
MnJb7hfC9hGX++3L0KJG72S6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjQzMzUwQTQ4RkYxMUYwODg3NkFDOTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQEmlywMAsDBASax9ADAwOa
wDANBgkqhkiG9w0BAQsFAAOCAQEARWF1MK2Zqc0FEi732B5jaOyUP+yhkN0LMg6w
lIRvhNTrrBNAbJWVTj0hpF8TEsv+w+qRyYgoPKiq+WliN/ypBBf3wgBFU/01mEAv
JI6VyBMx0aiVfQikJ2CYJ4afRPIUWlkKN1hgMvJOuIL0PV8zFWE7d+MOABBjpJtE
DVzluvgtOMAgqIqzPXh4uxGVkNRI2XIJ/HWMrzODOYTGa2CwF1md1lJpZ/nmnkg2
fOcdZqkZn1XZkb2m5yc4F31PQqzoxJvhTEAe4FI0WLRA2QG0MTVf0SASQzb7e33V
g77RX1UWQzYxZ5EAkM12UWKy2OxN+z5qCcDVeoIUwBsuvlH7Lw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:12:39 2025 by rpki-client