Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0278995C5B8811F099901FA6DAE4EC9C.roa
File: 0278995C5B8811F099901FA6DAE4EC9C.roa (raw, json)
Hash identifier: RASwl9UGVaPp43vZ86srn4T/fJwgw8h5cYuyf1xHrC0=
Subject key identifier: 6B:E0:93:D4:99:32:04:BC:36:48:C8:4F:5D:B9:12:A6:FD:74:67:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C84
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0278995C5B8811F099901FA6DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 23:13:39 +0000
ROA not before: Mon 07 Jul 2025 23:13:29 +0000
ROA not after: Fri 17 Jul 2026 23:13:29 +0000
asID: 139923
IP address blocks: 154.193.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101508 (0x18c84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 23:13:29 2025 GMT
Not After : Jul 17 23:13:29 2026 GMT
Subject: CN=686c54a3-5fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:48:9e:4a:71:fe:65:8c:f9:70:7d:80:0d:d6:
b7:a1:ad:5a:bf:b3:45:61:f5:24:8b:e6:56:0c:d5:
a7:0e:c6:fd:f6:aa:c6:6d:2a:b7:b5:20:05:67:fd:
9f:6f:93:ca:61:c1:f2:e7:16:ed:fe:93:42:e4:90:
fb:17:ed:a1:f0:32:fe:9f:a4:6e:bc:17:4a:58:79:
16:99:3e:8c:4f:f7:29:53:d1:59:0f:dd:95:b3:e3:
05:03:93:61:18:7f:f0:92:cd:ae:56:66:95:e8:85:
0c:d0:af:d5:b8:be:21:2e:09:22:c1:a7:c5:8a:10:
9f:63:0f:ce:0b:ee:32:29:a0:0f:93:ee:a3:3a:50:
87:fe:1b:74:4e:21:96:6a:24:5e:1a:94:59:1a:e0:
24:34:e6:5e:69:8c:ea:60:7d:68:98:9b:ab:3a:78:
1a:04:bf:2e:e8:42:8e:27:2c:32:35:0a:f9:9d:81:
3b:c3:ef:11:c6:8c:67:8e:c8:d6:4c:c1:8f:d8:a4:
a5:f8:48:a0:86:6d:19:bb:83:68:d6:a0:d2:9e:63:
ee:c2:f7:62:9b:02:cd:11:80:15:ce:4c:77:c1:7c:
48:0a:33:66:a7:3d:ee:7d:d9:0f:ae:d3:9b:a2:2d:
fe:2d:0a:f2:e1:af:01:9b:97:2c:db:e5:37:7f:db:
4d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E0:93:D4:99:32:04:BC:36:48:C8:4F:5D:B9:12:A6:FD:74:67:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0278995C5B8811F099901FA6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.240.0/21
Signature Algorithm: sha256WithRSAEncryption
94:42:0f:ac:15:1c:71:5f:c4:15:4a:1e:d4:32:ff:b5:35:15:
7a:74:dc:34:8f:0c:a6:29:8c:fe:30:d8:02:fc:9b:86:df:a4:
d9:2c:6d:e8:40:64:20:cc:69:69:a6:eb:27:84:6f:21:2f:44:
de:f5:7b:fe:f3:de:b8:5f:57:a6:91:92:f4:a7:f1:da:aa:0c:
05:ef:42:3c:de:ed:3e:1f:b1:c9:d9:8d:83:e8:45:ab:33:6d:
94:fb:0c:f9:35:4c:7e:ee:59:b5:f1:0d:dc:0e:a8:91:22:6c:
09:98:93:d8:be:52:48:a0:3d:33:50:c6:91:f8:b9:9d:64:50:
b5:4f:16:3e:22:04:1c:38:3d:24:57:92:a1:36:c6:4c:71:eb:
1b:27:0c:0c:52:b6:cd:0c:f3:54:17:48:99:b7:11:63:9f:73:
f0:3b:42:9a:26:58:c8:3e:ec:a5:5e:33:1d:c7:57:ff:2c:42:
1f:3d:98:e8:c6:66:30:21:69:55:4e:7b:70:5a:2f:7f:0b:61:
ab:e8:37:cc:08:25:f9:60:49:61:54:e9:a2:35:db:1b:e6:d7:
ef:5d:90:b3:d9:91:e5:5d:01:5d:1d:2b:37:27:19:d2:ed:f4:
21:f8:0f:b9:9e:43:3b:30:4d:20:fe:d0:96:88:3f:5b:42:55:
9f:3d:7a:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYyEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MjMxMzI5WhcNMjYwNzE3MjMxMzI5WjAYMRYw
FAYDVQQDEw02ODZjNTRhMy01ZmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtUieSnH+ZYz5cH2ADda3oa1av7NFYfUki+ZWDNWnDsb99qrGbSq3tSAF
Z/2fb5PKYcHy5xbt/pNC5JD7F+2h8DL+n6RuvBdKWHkWmT6MT/cpU9FZD92Vs+MF
A5NhGH/wks2uVmaV6IUM0K/VuL4hLgkiwafFihCfYw/OC+4yKaAPk+6jOlCH/ht0
TiGWaiReGpRZGuAkNOZeaYzqYH1omJurOngaBL8u6EKOJywyNQr5nYE7w+8Rxoxn
jsjWTMGP2KSl+Eighm0Zu4No1qDSnmPuwvdimwLNEYAVzkx3wXxICjNmpz3ufdkP
rtOboi3+LQry4a8Bm5cs2+U3f9tNlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGvg
k9SZMgS8NkjIT125Eqb9dGcrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjc4OTk1QzVCODgxMUYwOTk5MDFGQTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsHwMA0GCSqGSIb3DQEB
CwUAA4IBAQCUQg+sFRxxX8QVSh7UMv+1NRV6dNw0jwymKYz+MNgC/JuG36TZLG3o
QGQgzGlppusnhG8hL0Te9Xv+8964X1emkZL0p/HaqgwF70I83u0+H7HJ2Y2D6EWr
M22U+wz5NUx+7lm18Q3cDqiRImwJmJPYvlJIoD0zUMaR+LmdZFC1TxY+IgQcOD0k
V5KhNsZMcesbJwwMUrbNDPNUF0iZtxFjn3PwO0KaJljIPuylXjMdx1f/LEIfPZjo
xmYwIWlVTntwWi9/C2Gr6DfMCCX5YElhVOmiNdsb5tfvXZCz2ZHlXQFdHSs3JxnS
7fQh+A+5nkM7ME0g/tCWiD9bQlWfPXrg
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:38:21 2025 by rpki-client