Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03BD5AD4617B11F0918F90BEDAE4EC9C.roa
File: 03BD5AD4617B11F0918F90BEDAE4EC9C.roa (raw, json)
Hash identifier: ygCCCtOC78oRZRQqtyILzNlUwpbdAZa/WH+F5BHnAoY=
Subject key identifier: B2:21:56:93:EB:F0:CA:D7:6D:A7:D8:87:D0:CA:31:91:1C:A1:CD:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DDC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03BD5AD4617B11F0918F90BEDAE4EC9C.roa
Signing time: Tue 15 Jul 2025 12:55:42 +0000
ROA not before: Tue 15 Jul 2025 12:55:38 +0000
ROA not after: Sun 21 Sep 2025 12:55:38 +0000
asID: 18779
IP address blocks: 154.205.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101852 (0x18ddc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 15 12:55:38 2025 GMT
Not After : Sep 21 12:55:38 2025 GMT
Subject: CN=68764fce-5792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:53:65:90:4c:1c:38:c5:b3:62:90:81:8b:63:
e8:a3:fd:74:f3:67:17:d2:8d:92:6d:21:16:17:a1:
f5:e5:de:4e:74:88:19:45:d6:ac:2b:aa:6d:e7:2f:
b2:81:39:1a:71:6c:19:7c:19:3b:22:66:de:33:cb:
21:d0:59:3d:58:7d:0b:ac:3b:7c:1f:8d:35:a2:68:
92:3a:98:d3:6b:a6:56:9c:7d:b3:d1:7c:d2:8b:86:
9d:df:ea:ca:4b:53:25:9e:1e:53:7e:6b:a0:92:3b:
8b:74:fe:2a:e9:84:4a:cd:b3:e4:56:06:a7:07:d2:
48:de:79:87:e4:97:dc:50:0a:e8:e7:c1:89:ec:41:
6c:11:e0:a9:41:96:42:8d:7f:bb:5f:ed:2c:9e:d4:
eb:d5:83:b8:e6:81:0e:a7:86:d2:25:71:7c:62:0c:
03:4b:66:b9:54:62:85:a6:39:7a:94:e7:04:d1:36:
cf:bb:10:13:ae:e9:33:f7:14:33:53:21:89:db:3b:
d0:1e:48:0a:58:23:1c:db:f2:2e:58:d7:06:2f:6a:
01:98:e0:c6:55:02:9f:03:d0:2d:6d:a6:6a:51:50:
cd:71:34:cb:1d:ff:dd:72:0e:68:a4:dc:93:46:3a:
88:51:b8:79:ca:36:e0:2c:2a:f0:ae:00:1f:2e:fe:
d2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:21:56:93:EB:F0:CA:D7:6D:A7:D8:87:D0:CA:31:91:1C:A1:CD:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03BD5AD4617B11F0918F90BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.30.0/23
Signature Algorithm: sha256WithRSAEncryption
41:a2:41:40:64:a6:2c:d1:c9:c6:b7:49:6c:8e:75:03:46:40:
30:3d:85:b8:45:b8:d1:e4:95:63:47:1c:d3:12:8f:df:39:60:
2f:3b:a5:b4:3f:dd:93:fb:3f:ff:b0:2f:38:4a:7c:e3:cc:95:
e8:4f:77:03:03:a1:f0:bb:dd:f5:fa:c3:9f:ff:97:97:52:f5:
33:75:f4:22:d7:08:af:fc:f6:eb:85:47:f5:86:ff:93:be:e3:
0b:87:ea:93:d3:6e:dd:bf:86:d6:f2:52:a3:46:3d:ca:64:35:
23:15:b7:1f:72:b4:3a:e0:d0:24:bb:46:d9:6d:0c:e0:76:b0:
4d:25:d7:a9:8d:cf:61:30:b9:3a:5c:a3:42:84:3d:fd:97:cc:
87:fe:00:ca:5a:7d:54:73:af:d5:4f:69:2e:28:6c:68:e4:1e:
d1:49:12:33:37:31:40:47:3b:56:6c:9b:ab:18:c9:e0:f4:93:
a4:49:66:c7:0a:7c:0e:68:ea:9d:c9:c6:2d:79:40:af:47:ca:
a8:8d:6f:a0:bf:94:f1:e6:e6:ac:a8:0b:d4:7c:94:b2:f4:62:
c0:13:f1:61:ce:67:d7:e1:dd:42:46:f9:84:aa:0d:5d:7c:0d:
1f:e2:0d:16:62:d3:8e:53:68:94:05:a9:bb:ce:14:cd:70:f6:
9e:8e:e0:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY3cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE1MTI1NTM4WhcNMjUwOTIxMTI1NTM4WjAYMRYw
FAYDVQQDEw02ODc2NGZjZS01NzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAolNlkEwcOMWzYpCBi2Poo/1082cX0o2SbSEWF6H15d5OdIgZRdasK6pt
5y+ygTkacWwZfBk7ImbeM8sh0Fk9WH0LrDt8H401omiSOpjTa6ZWnH2z0XzSi4ad
3+rKS1Mlnh5TfmugkjuLdP4q6YRKzbPkVganB9JI3nmH5JfcUAro58GJ7EFsEeCp
QZZCjX+7X+0sntTr1YO45oEOp4bSJXF8YgwDS2a5VGKFpjl6lOcE0TbPuxATrukz
9xQzUyGJ2zvQHkgKWCMc2/IuWNcGL2oBmODGVQKfA9AtbaZqUVDNcTTLHf/dcg5o
pNyTRjqIUbh5yjbgLCrwrgAfLv7SAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLIh
VpPr8MrXbafYh9DKMZEcoc1gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wM0JENUFENDYxN0IxMUYwOTE4RjkwQkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms0eMA0GCSqGSIb3DQEB
CwUAA4IBAQBBokFAZKYs0cnGt0lsjnUDRkAwPYW4RbjR5JVjRxzTEo/fOWAvO6W0
P92T+z//sC84SnzjzJXoT3cDA6Hwu931+sOf/5eXUvUzdfQi1wiv/PbrhUf1hv+T
vuMLh+qT027dv4bW8lKjRj3KZDUjFbcfcrQ64NAku0bZbQzgdrBNJdepjc9hMLk6
XKNChD39l8yH/gDKWn1Uc6/VT2kuKGxo5B7RSRIzNzFARztWbJurGMng9JOkSWbH
CnwOaOqdycYteUCvR8qojW+gv5Tx5uasqAvUfJSy9GLAE/FhzmfX4d1CRvmEqg1d
fA0f4g0WYtOOU2iUBam7zhTNcPaejuAb
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:47 2025 by rpki-client