Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D927D6B2473C11F090699087DAE4EC9C.roa
File: D927D6B2473C11F090699087DAE4EC9C.roa (raw, json)
Hash identifier: VkdfM3n7MtyNYVO6F703moIaRNFazuujWzIzVxKXPEo=
Subject key identifier: DB:E3:2D:40:04:B5:26:39:E1:C9:C8:8B:7B:95:44:FB:F9:FD:53:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01860D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D927D6B2473C11F090699087DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 03:25:12 +0000
ROA not before: Thu 12 Jun 2025 03:25:07 +0000
ROA not after: Wed 02 Jul 2025 03:25:07 +0000
asID: 21859
IP address blocks: 154.94.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99853 (0x1860d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 03:25:07 2025 GMT
Not After : Jul 2 03:25:07 2025 GMT
Subject: CN=684a4898-4216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:81:ae:fb:be:5f:a4:2c:10:6f:e7:e1:ca:bc:
db:66:8e:3b:7b:4c:0d:75:79:b9:dc:08:5c:b0:97:
07:dc:16:f5:52:7d:f7:5c:99:1d:e8:b3:22:05:7e:
54:83:cf:ff:4d:3e:25:ef:dc:74:d2:fe:74:c7:c0:
33:e7:f5:16:68:27:68:ba:31:c3:63:65:48:1b:0a:
06:9b:cd:cc:80:65:0b:87:9f:54:5c:b5:b1:f8:58:
51:85:e6:75:55:cf:ff:39:bf:0f:5f:1a:1e:5b:7e:
04:b4:01:c5:53:20:8f:ff:9a:9c:63:77:1c:3b:ca:
1c:4b:f5:b7:33:57:2d:f1:e8:4b:a7:05:88:c0:5e:
d1:e1:1e:d2:de:d5:45:02:5f:85:19:07:d5:28:da:
d3:d1:71:68:db:a5:c6:fb:f5:55:05:d8:67:e1:24:
a3:4b:12:b2:22:3a:f3:a4:73:90:0a:68:6f:ac:3e:
c7:37:26:d4:c4:47:24:6d:99:0f:42:f4:7b:96:19:
fe:9e:25:ad:0f:19:b4:3a:f6:ed:32:cf:7c:7b:20:
1b:04:95:e1:5d:09:de:04:84:83:aa:ba:7a:43:ea:
5a:ac:37:92:39:8d:82:2b:83:20:83:80:56:4b:26:
5f:71:e6:fb:03:34:b5:98:c5:6e:fd:58:bc:cd:78:
19:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E3:2D:40:04:B5:26:39:E1:C9:C8:8B:7B:95:44:FB:F9:FD:53:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D927D6B2473C11F090699087DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.1.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:67:c6:d2:fb:39:88:f6:d2:c5:1a:d2:f6:6f:c0:a2:22:ac:
12:b6:23:6f:93:27:33:ac:fc:08:86:86:1e:4e:3c:c0:e4:c0:
db:61:52:ec:30:23:32:32:85:d5:c0:84:f1:c3:06:6d:f3:e5:
00:d6:8b:25:ba:a5:ec:2b:3f:93:42:c1:52:2d:67:56:8e:4c:
58:d1:29:de:32:ee:28:e9:d8:98:8d:8b:80:94:22:e3:fb:f1:
f7:95:a7:f4:79:84:87:64:65:25:d3:58:b6:9b:b3:19:09:35:
63:25:9f:24:1a:2e:a5:c3:bc:63:d7:b3:65:0b:92:46:9b:f5:
81:81:ce:8b:46:af:d0:a1:07:e6:c6:6d:06:be:1d:0c:83:31:
20:c9:2e:78:cc:d9:c6:42:17:33:6e:a6:64:d5:79:6b:7e:87:
1a:37:dc:1d:85:2e:9d:5d:54:a0:15:17:69:a8:b5:91:80:64:
6d:57:25:b1:1c:1e:55:a4:89:6e:f7:f4:57:f9:b4:1c:4e:da:
4b:cf:b6:4b:48:95:c6:93:4a:78:13:36:04:1e:f2:fb:b8:fe:
ca:54:64:09:79:af:72:d2:b6:a2:d2:e8:05:5a:76:ce:39:51:
83:4f:b8:ae:ad:56:f5:0b:f9:d5:87:be:50:cf:15:aa:0c:45:
0f:d3:62:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYYNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEyMDMyNTA3WhcNMjUwNzAyMDMyNTA3WjAYMRYw
FAYDVQQDEw02ODRhNDg5OC00MjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArIGu+75fpCwQb+fhyrzbZo47e0wNdXm53AhcsJcH3Bb1Un33XJkd6LMi
BX5Ug8//TT4l79x00v50x8Az5/UWaCdoujHDY2VIGwoGm83MgGULh59UXLWx+FhR
heZ1Vc//Ob8PXxoeW34EtAHFUyCP/5qcY3ccO8ocS/W3M1ct8ehLpwWIwF7R4R7S
3tVFAl+FGQfVKNrT0XFo26XG+/VVBdhn4SSjSxKyIjrzpHOQCmhvrD7HNybUxEck
bZkPQvR7lhn+niWtDxm0OvbtMs98eyAbBJXhXQneBISDqrp6Q+parDeSOY2CK4Mg
g4BWSyZfceb7AzS1mMVu/Vi8zXgZ7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNvj
LUAEtSY54cnIi3uVRPv5/VMfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTI3RDZCMjQ3M0MxMUYwOTA2OTkwODdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4BMA0GCSqGSIb3DQEB
CwUAA4IBAQCfZ8bS+zmI9tLFGtL2b8CiIqwStiNvkyczrPwIhoYeTjzA5MDbYVLs
MCMyMoXVwITxwwZt8+UA1osluqXsKz+TQsFSLWdWjkxY0SneMu4o6diYjYuAlCLj
+/H3laf0eYSHZGUl01i2m7MZCTVjJZ8kGi6lw7xj17NlC5JGm/WBgc6LRq/QoQfm
xm0Gvh0MgzEgyS54zNnGQhczbqZk1XlrfocaN9wdhS6dXVSgFRdpqLWRgGRtVyWx
HB5VpIlu9/RX+bQcTtpLz7ZLSJXGk0p4EzYEHvL7uP7KVGQJea9y0rai0ugFWnbO
OVGDT7iurVb1C/nVh75QzxWqDEUP02Is
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:17:09 2025 by rpki-client