Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D63C8E7E49CC11F0944B89C6DAE4EC9C.roa
File: D63C8E7E49CC11F0944B89C6DAE4EC9C.roa (raw, json)
Hash identifier: SVIGmrRDrnr5zwO6+l0Wy4I3yNGPUlEiNtKdj85YSLQ=
Subject key identifier: DC:DE:94:E3:F0:FF:7E:3C:11:64:E5:20:E8:C7:E3:00:7B:85:95:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0186AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D63C8E7E49CC11F0944B89C6DAE4EC9C.roa
Signing time: Sun 15 Jun 2025 09:40:57 +0000
ROA not before: Sun 15 Jun 2025 09:40:52 +0000
ROA not after: Sun 22 Jun 2025 09:40:52 +0000
asID: 134687
IP address blocks: 154.93.4.0/24 maxlen: 24
154.93.5.0/24 maxlen: 24
154.93.6.0/24 maxlen: 24
154.93.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100014 (0x186ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 15 09:40:52 2025 GMT
Not After : Jun 22 09:40:52 2025 GMT
Subject: CN=684e9529-ab5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6a:c3:f5:7a:5c:ca:57:af:3f:ae:09:3b:90:
a0:b2:ce:67:90:99:09:e9:1d:1d:cd:30:c9:05:ec:
72:29:d4:a0:79:2e:28:50:40:c1:45:3a:8c:75:87:
d6:db:42:58:4d:7d:08:1f:6d:75:17:85:7d:c5:3c:
5a:0f:7d:bd:da:ce:0a:5a:ce:35:c6:de:3f:6c:1d:
c1:32:c7:00:39:b9:a6:3a:75:81:c9:15:d0:73:6c:
2a:30:7f:7f:8d:9c:e6:0c:d7:3c:a9:7e:80:95:87:
eb:f1:55:82:d6:28:fd:f0:e3:c0:c9:aa:58:bc:f9:
1b:01:24:28:85:07:e3:86:c9:1e:c1:4f:a1:99:9e:
bb:27:ec:78:80:81:c1:34:4a:aa:5d:0e:40:e2:4e:
26:7e:e1:3e:7d:36:7d:a4:72:7a:1b:85:04:4f:dd:
28:aa:78:88:e4:9a:0a:dc:5e:89:ba:7b:59:0d:49:
d3:65:2e:af:38:d5:0c:4e:db:c4:8b:b3:80:ee:c1:
fa:05:27:4f:de:18:98:ea:cf:3c:51:09:18:67:f8:
99:ff:04:49:0b:54:a4:43:fb:b0:ce:0b:ed:87:19:
c3:7e:7a:14:70:80:7c:1d:e6:0d:4a:4e:b8:ab:da:
17:51:09:d7:ea:90:71:d0:12:6c:62:cd:77:09:96:
85:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DE:94:E3:F0:FF:7E:3C:11:64:E5:20:E8:C7:E3:00:7B:85:95:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D63C8E7E49CC11F0944B89C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.4.0/22
Signature Algorithm: sha256WithRSAEncryption
65:5b:69:4c:c1:5e:fe:7c:6f:66:57:d1:be:6a:c6:11:0f:51:
d2:3b:cb:67:e7:fb:f2:64:de:74:7b:0c:85:bb:06:9b:d9:81:
e4:08:32:1e:fc:1c:7b:cf:21:73:25:7e:8e:45:bb:2b:f2:e1:
96:ac:90:95:61:4d:53:39:20:5b:0d:f7:22:6e:be:20:c6:7c:
84:8e:98:8b:8c:4d:1c:f1:d1:16:51:e6:8f:2e:e1:95:f4:97:
ae:7a:cd:15:e0:ae:1c:12:f4:aa:e9:e4:5d:39:67:ce:93:82:
2c:2d:de:c7:f7:5d:ed:b6:e5:56:75:9f:d2:cb:ae:58:ee:ef:
41:49:09:19:ea:4f:4b:16:80:0c:68:6b:6a:60:24:07:0d:36:
02:9e:d4:d9:06:d6:d3:d5:73:93:ad:b8:5c:bd:be:a0:ac:f5:
a6:37:44:d4:b9:21:07:66:09:73:82:50:09:6e:05:80:69:b7:
41:f5:8d:d1:43:1a:02:69:bf:00:ad:ec:57:b5:70:40:b8:d6:
77:d8:a5:4e:db:5f:a9:5f:c2:c7:8c:f1:89:88:c1:12:2d:4d:
49:63:14:58:c9:5c:8b:9d:d7:d7:e7:cf:06:fe:8c:8a:39:4b:
74:0a:00:f4:88:88:50:0d:4c:46:9c:f0:9d:89:42:42:d0:21:
a2:37:c0:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYauMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE1MDk0MDUyWhcNMjUwNjIyMDk0MDUyWjAYMRYw
FAYDVQQDEw02ODRlOTUyOS1hYjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA02rD9XpcylevP64JO5Cgss5nkJkJ6R0dzTDJBexyKdSgeS4oUEDBRTqM
dYfW20JYTX0IH211F4V9xTxaD3292s4KWs41xt4/bB3BMscAObmmOnWByRXQc2wq
MH9/jZzmDNc8qX6AlYfr8VWC1ij98OPAyapYvPkbASQohQfjhskewU+hmZ67J+x4
gIHBNEqqXQ5A4k4mfuE+fTZ9pHJ6G4UET90oqniI5JoK3F6JuntZDUnTZS6vONUM
TtvEi7OA7sH6BSdP3hiY6s88UQkYZ/iZ/wRJC1SkQ/uwzgvthxnDfnoUcIB8HeYN
Sk64q9oXUQnX6pBx0BJsYs13CZaFUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNze
lOPw/348EWTlIOjH4wB7hZWoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjNDOEU3RTQ5Q0MxMUYwOTQ0Qjg5QzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCml0EMA0GCSqGSIb3DQEB
CwUAA4IBAQBlW2lMwV7+fG9mV9G+asYRD1HSO8tn5/vyZN50ewyFuwab2YHkCDIe
/Bx7zyFzJX6ORbsr8uGWrJCVYU1TOSBbDfcibr4gxnyEjpiLjE0c8dEWUeaPLuGV
9Jeues0V4K4cEvSq6eRdOWfOk4IsLd7H913ttuVWdZ/Sy65Y7u9BSQkZ6k9LFoAM
aGtqYCQHDTYCntTZBtbT1XOTrbhcvb6grPWmN0TUuSEHZglzglAJbgWAabdB9Y3R
QxoCab8ArexXtXBAuNZ32KVO21+pX8LHjPGJiMESLU1JYxRYyVyLndfX588G/oyK
OUt0CgD0iIhQDUxGnPCdiUJC0CGiN8Am
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:32:10 2025 by rpki-client