Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9C8F6BA45FE11F0B7ED32F3DAE4EC9C.roa
File: F9C8F6BA45FE11F0B7ED32F3DAE4EC9C.roa (raw, json)
Hash identifier: 1/F6Zd93zlDkJCyYH7jcq23tbCn+L9BBWI9GWl/+WwU=
Subject key identifier: 58:29:D8:11:5D:B6:38:6D:5F:CE:63:96:C5:8C:67:01:9B:77:11:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185C8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9C8F6BA45FE11F0B7ED32F3DAE4EC9C.roa
Signing time: Tue 10 Jun 2025 13:29:47 +0000
ROA not before: Tue 10 Jun 2025 13:29:42 +0000
ROA not after: Mon 16 Jun 2025 13:29:42 +0000
asID: 400619
IP address blocks: 154.91.48.0/20 maxlen: 24
154.91.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 16 Jun 2025 13:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99784 (0x185c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 10 13:29:42 2025 GMT
Not After : Jun 16 13:29:42 2025 GMT
Subject: CN=6848334b-f55d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7e:fb:58:b2:7b:72:15:9c:f5:44:1f:ab:4a:
f6:0e:5e:63:f8:4b:eb:71:0a:ab:10:ae:da:de:d2:
17:f8:13:a8:d0:6f:0f:eb:4c:b4:54:c2:e3:98:c0:
0a:0c:88:79:a5:2d:8e:e4:d2:4c:62:87:a8:5c:d2:
64:b0:c6:77:bb:39:b1:f0:b1:2f:ff:e3:cf:fc:d6:
58:61:d6:85:6a:24:b3:d4:4d:06:3a:3b:3e:61:20:
99:c1:e6:cb:8e:b3:4f:ac:70:49:c1:7f:8d:a0:af:
27:a9:ee:82:67:39:b7:8b:2a:39:c4:5e:1a:b1:41:
b4:f5:c4:89:ad:a3:52:8f:fa:38:70:4c:40:1f:69:
5d:47:06:70:af:68:ec:8e:25:fd:75:6d:3d:f1:b5:
95:5e:46:a0:88:60:04:f1:ac:4d:cc:eb:3f:ce:de:
60:a0:f4:c5:04:b0:de:37:b8:52:4a:74:d9:d2:6d:
6e:16:8c:87:03:39:b3:7d:2c:02:85:4a:0c:a8:cf:
b8:ba:e1:89:f3:ae:42:ef:b3:8b:98:4e:ae:df:d2:
00:ff:f7:58:c1:b3:1c:1c:83:9a:e4:2b:6d:71:51:
5b:95:ca:29:91:2a:f4:8f:4e:19:ac:a4:82:b8:75:
60:6c:c8:3b:55:85:09:ce:1a:b3:dd:fa:b2:9d:f4:
0b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:29:D8:11:5D:B6:38:6D:5F:CE:63:96:C5:8C:67:01:9B:77:11:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9C8F6BA45FE11F0B7ED32F3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.48.0/20
154.91.176.0/20
Signature Algorithm: sha256WithRSAEncryption
77:c2:a3:c0:1f:23:47:db:59:df:c6:9d:bd:a8:c7:78:1e:6e:
da:26:89:2f:d9:03:a7:8c:88:4c:a9:f3:d0:0c:97:e5:b3:ed:
f2:cc:28:cf:0c:cd:68:25:d7:38:ee:93:dc:36:05:95:f0:25:
17:0a:ee:73:f4:de:79:e3:d9:d6:ad:d6:92:32:db:40:0c:59:
a6:72:f8:76:ba:d5:77:4b:11:8f:21:dc:13:e3:02:55:51:12:
e2:ba:e4:34:18:5e:df:30:12:63:f2:16:b8:21:8d:2a:7a:56:
c5:a2:a4:3a:d1:3b:2e:1b:c0:8b:55:e5:1b:09:00:e9:49:b5:
72:e7:cb:fa:4b:6c:c0:cb:fa:a0:03:8d:f6:f6:3c:35:26:12:
f5:06:fe:eb:4e:fd:66:92:f7:97:6c:30:6b:86:27:68:c5:7b:
2d:fd:a4:a3:82:c7:d8:e9:65:48:bf:bc:5b:5f:04:cb:7d:95:
a0:11:10:da:c5:28:3f:c4:cc:6c:b6:45:53:20:0a:dc:27:ff:
2f:8e:d4:fb:b2:1b:6d:34:a9:79:f5:7d:6e:e8:0e:1a:72:a3:
62:66:3a:df:c3:46:81:4e:3c:3f:c4:aa:65:71:5b:b9:6e:c6:
65:32:42:a0:4c:5f:ce:b4:48:af:b8:ed:bb:31:03:b5:56:bd:
1e:bf:8d:56
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYXIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEwMTMyOTQyWhcNMjUwNjE2MTMyOTQyWjAYMRYw
FAYDVQQDEw02ODQ4MzM0Yi1mNTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvH77WLJ7chWc9UQfq0r2Dl5j+EvrcQqrEK7a3tIX+BOo0G8P60y0VMLj
mMAKDIh5pS2O5NJMYoeoXNJksMZ3uzmx8LEv/+PP/NZYYdaFaiSz1E0GOjs+YSCZ
webLjrNPrHBJwX+NoK8nqe6CZzm3iyo5xF4asUG09cSJraNSj/o4cExAH2ldRwZw
r2jsjiX9dW098bWVXkagiGAE8axNzOs/zt5goPTFBLDeN7hSSnTZ0m1uFoyHAzmz
fSwChUoMqM+4uuGJ865C77OLmE6u39IA//dYwbMcHIOa5CttcVFblcopkSr0j04Z
rKSCuHVgbMg7VYUJzhqz3fqynfQL+wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFgp
2BFdtjhtX85jlsWMZwGbdxGPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GOUM4RjZCQTQ1RkUxMUYwQjdFRDMyRjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEmlswAwQEmluwMA0GCSqG
SIb3DQEBCwUAA4IBAQB3wqPAHyNH21nfxp29qMd4Hm7aJokv2QOnjIhMqfPQDJfl
s+3yzCjPDM1oJdc47pPcNgWV8CUXCu5z9N5549nWrdaSMttADFmmcvh2utV3SxGP
IdwT4wJVURLiuuQ0GF7fMBJj8ha4IY0qelbFoqQ60TsuG8CLVeUbCQDpSbVy58v6
S2zAy/qgA4329jw1JhL1Bv7rTv1mkveXbDBrhidoxXst/aSjgsfY6WVIv7xbXwTL
fZWgERDaxSg/xMxstkVTIArcJ/8vjtT7shttNKl59X1u6A4acqNiZjrfw0aBTjw/
xKplcVu5bsZlMkKgTF/OtEivuO27MQO1Vr0ev41W
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:05:26 2025 by rpki-client