Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/008325405E4E11F0AA03BD8DDAE4EC9C.roa
File: 008325405E4E11F0AA03BD8DDAE4EC9C.roa (raw, json)
Hash identifier: Wn+GpXTfOjOWusfwtd12DeoYNl/cvWN/oUWeRdFsB90=
Subject key identifier: D3:D1:9D:76:E0:DB:1F:36:80:49:BE:A8:E9:3F:23:B9:43:3B:C4:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D6A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/008325405E4E11F0AA03BD8DDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 11:55:56 +0000
ROA not before: Fri 11 Jul 2025 11:55:50 +0000
ROA not after: Mon 10 Aug 2026 11:55:50 +0000
asID: 984
IP address blocks: 154.222.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101738 (0x18d6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 11:55:50 2025 GMT
Not After : Aug 10 11:55:50 2026 GMT
Subject: CN=6870fbcc-b504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6b:31:af:d5:67:84:56:85:8f:bc:e4:1b:ec:
3b:e9:ca:11:ee:1e:c3:24:13:39:ae:da:c9:07:fb:
26:9b:e4:93:1f:18:91:47:9f:ac:33:12:d5:1c:96:
95:97:79:a0:7c:5e:ce:5a:43:d7:56:37:b6:73:51:
47:2e:2c:a8:48:89:30:11:eb:77:d6:ed:30:99:5f:
c5:b3:55:1c:c5:a2:0c:0a:92:9a:2a:e9:3d:03:8d:
27:4f:cf:e6:45:25:56:fd:6c:8d:7b:be:69:23:33:
6a:48:13:f0:e2:82:32:6c:a5:a4:5a:52:91:d3:50:
6b:e6:46:6a:3b:b5:85:00:99:ee:8f:a8:f3:8f:8e:
7c:02:b2:60:cd:25:81:6b:c9:09:c9:2b:1c:3c:ad:
21:a3:b9:3d:3e:c0:63:32:ff:2c:f1:09:03:01:3f:
8e:46:04:d7:af:bd:6b:8a:37:08:15:dc:a5:1e:db:
96:ca:73:6f:ef:c4:34:b1:b3:50:5b:57:d4:a1:9b:
81:e5:a6:a9:cb:f3:bc:80:57:e2:7f:4b:be:83:27:
f3:5b:46:ab:fd:cb:53:1f:ad:0b:1e:ab:29:ac:9f:
f7:3e:b0:40:b6:cd:b1:5d:5c:d1:6f:1b:1b:3e:1d:
b3:31:d7:dd:b7:1b:b5:b2:cc:39:38:b3:9f:ef:e9:
16:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D1:9D:76:E0:DB:1F:36:80:49:BE:A8:E9:3F:23:B9:43:3B:C4:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/008325405E4E11F0AA03BD8DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.69.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:41:19:1a:00:99:b2:05:36:6b:cb:61:5f:d6:6d:0f:5d:2a:
2e:9d:7e:39:1c:07:b7:9b:2b:8b:b1:43:f4:9a:90:df:cf:26:
6d:96:a6:2a:a7:77:be:87:1a:88:27:eb:96:0e:6c:95:2b:7d:
ac:c0:02:b5:2b:29:25:ad:21:fa:eb:97:6f:66:29:42:7d:0f:
29:84:aa:c5:2e:28:bb:05:09:5d:e3:31:47:5c:e7:c8:c6:b8:
e5:15:d9:04:e6:bc:e5:5a:31:e0:6c:db:e1:24:54:75:de:ae:
7e:2f:3a:5d:fb:57:bf:75:86:2e:7e:14:99:ec:c8:e6:cd:35:
03:38:b7:58:af:c5:cf:0d:d2:45:59:68:44:e2:44:d4:d3:86:
4c:3d:af:73:be:2b:c2:12:4f:11:29:42:0d:c9:96:f7:89:8b:
ab:04:7d:ff:8c:1c:70:00:ef:4d:75:4b:3e:b8:da:e5:d4:23:
92:02:ae:08:b2:f2:f7:7a:7a:d7:15:5c:4c:ff:ab:50:13:1d:
64:57:d2:84:a4:f0:ec:d6:97:66:7e:a4:bb:2a:6f:6b:b8:f1:
eb:e3:14:67:cd:ad:76:b2:e3:9a:32:16:7c:2e:99:21:04:ab:
70:6f:4e:08:59:fa:bf:c1:b6:19:87:6a:c2:0c:9d:c5:b7:dc:
73:a1:4d:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY1qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTE1NTUwWhcNMjYwODEwMTE1NTUwWjAYMRYw
FAYDVQQDEw02ODcwZmJjYy1iNTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Wsxr9VnhFaFj7zkG+w76coR7h7DJBM5rtrJB/smm+STHxiRR5+sMxLV
HJaVl3mgfF7OWkPXVje2c1FHLiyoSIkwEet31u0wmV/Fs1UcxaIMCpKaKuk9A40n
T8/mRSVW/WyNe75pIzNqSBPw4oIybKWkWlKR01Br5kZqO7WFAJnuj6jzj458ArJg
zSWBa8kJySscPK0ho7k9PsBjMv8s8QkDAT+ORgTXr71rijcIFdylHtuWynNv78Q0
sbNQW1fUoZuB5aapy/O8gFfif0u+gyfzW0ar/ctTH60LHqsprJ/3PrBAts2xXVzR
bxsbPh2zMdfdtxu1ssw5OLOf7+kW4wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNPR
nXbg2x82gEm+qOk/I7lDO8RgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDgzMjU0MDVFNEUxMUYwQUEwM0JEOEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5FMA0GCSqGSIb3DQEB
CwUAA4IBAQAMQRkaAJmyBTZry2Ff1m0PXSounX45HAe3myuLsUP0mpDfzyZtlqYq
p3e+hxqIJ+uWDmyVK32swAK1KyklrSH665dvZilCfQ8phKrFLii7BQld4zFHXOfI
xrjlFdkE5rzlWjHgbNvhJFR13q5+Lzpd+1e/dYYufhSZ7MjmzTUDOLdYr8XPDdJF
WWhE4kTU04ZMPa9zvivCEk8RKUINyZb3iYurBH3/jBxwAO9NdUs+uNrl1COSAq4I
svL3enrXFVxM/6tQEx1kV9KEpPDs1pdmfqS7Km9ruPHr4xRnza12suOaMhZ8Lpkh
BKtwb04IWfq/wbYZh2rCDJ3Ft9xzoU0f
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:46 2025 by rpki-client