Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A60ED26599011F0A4407CDFDAE4EC9C.roa
File: 0A60ED26599011F0A4407CDFDAE4EC9C.roa (raw, json)
Hash identifier: YgVFYPDFzojxcaTOeltB8MYAcIW9B2Z6Ka0pnS4GV80=
Subject key identifier: 1E:7C:50:8A:A6:4D:80:6A:6E:51:62:62:6E:7A:16:A5:2E:A7:8F:32
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AE0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A60ED26599011F0A4407CDFDAE4EC9C.roa
Signing time: Sat 05 Jul 2025 11:06:04 +0000
ROA not before: Sat 05 Jul 2025 11:05:59 +0000
ROA not after: Mon 11 Aug 2025 11:05:59 +0000
asID: 214143
IP address blocks: 154.197.60.0/23 maxlen: 24
154.197.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101088 (0x18ae0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 11:05:59 2025 GMT
Not After : Aug 11 11:05:59 2025 GMT
Subject: CN=6869071c-1164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:38:4c:8b:3d:1b:31:41:6a:44:bb:06:9a:
41:5a:ec:32:63:73:6f:41:f0:2e:b5:75:2e:4f:7d:
46:6d:50:e2:2b:a6:62:d1:a3:01:15:69:b4:2b:95:
9a:07:84:45:26:e8:81:44:4e:90:44:f9:20:6a:8d:
10:cd:3b:05:32:01:f4:2b:45:7b:a3:e3:eb:68:75:
f6:42:63:c6:52:fe:4d:c0:60:d5:cc:f2:3f:19:81:
38:0d:d1:3e:90:0d:9e:85:02:e1:19:76:87:24:78:
cf:10:03:0f:ae:e6:4e:ee:be:4e:04:e9:f5:97:32:
04:ae:4a:6e:38:d7:49:1f:4e:20:55:5b:22:44:46:
9c:6b:2b:d1:22:d1:5a:06:c7:7e:2d:6a:dd:12:37:
14:cc:10:86:b7:a2:0e:63:18:4a:e9:07:79:4c:7e:
1f:3b:7e:3f:e1:1f:56:ef:22:73:31:f7:20:ec:ea:
5a:a0:0a:d9:4c:87:64:7a:ac:39:0a:6c:fe:eb:ef:
10:c2:9c:24:9f:b8:4d:a4:4d:0d:4a:85:44:37:91:
7d:b1:99:26:b1:e9:ea:fc:17:cd:a3:b2:55:73:92:
7c:ca:22:6e:c7:f1:dd:aa:0a:0e:72:9d:12:9b:26:
bb:0d:ae:40:e1:ac:b2:ee:73:e6:51:a9:b4:eb:a3:
fd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7C:50:8A:A6:4D:80:6A:6E:51:62:62:6E:7A:16:A5:2E:A7:8F:32
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A60ED26599011F0A4407CDFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.60.0/23
154.197.86.0/23
Signature Algorithm: sha256WithRSAEncryption
70:8e:de:c0:e8:9a:93:b5:f2:7d:29:ea:3b:86:fb:51:36:de:
78:60:5b:b4:46:f8:7b:54:74:8b:cc:42:e1:86:1e:32:8b:bb:
c2:41:2d:a5:90:70:63:f5:69:eb:b8:0f:67:a5:22:16:9b:45:
f0:c5:63:5e:fb:47:09:16:23:e2:ef:10:81:d7:e5:53:e1:35:
43:c7:ea:a0:81:19:3f:f8:fa:03:67:d5:5c:28:e6:7a:3f:99:
3b:16:5c:64:d2:f9:3f:e0:d6:49:7a:7a:e3:39:3b:ff:12:e0:
dc:fe:4b:92:13:97:5b:08:08:fc:8b:cb:79:3a:99:41:43:9c:
4c:96:05:24:5f:1b:a2:a7:8f:16:87:04:5b:73:c4:8c:dd:2c:
d3:85:b7:63:8b:6d:95:a7:bc:31:80:4a:2b:ac:84:9e:44:63:
13:0f:28:94:da:13:71:e0:2d:c6:53:58:56:74:8e:73:13:f3:
3b:a7:5a:41:92:3d:47:67:c0:2d:7d:bd:1b:d2:14:80:90:66:
45:b4:18:9a:d2:7d:ad:12:73:20:29:dd:0b:d7:70:d5:45:f6:
72:3f:df:1c:e7:2d:f1:3c:60:7f:93:eb:34:69:c9:ab:c3:c4:
3f:de:cb:2d:63:bc:62:95:5e:3a:ce:98:f9:9f:83:f6:da:f3:
1b:3e:e5:8e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYrgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTEwNTU5WhcNMjUwODExMTEwNTU5WjAYMRYw
FAYDVQQDEw02ODY5MDcxYy0xMTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNM4TIs9GzFBakS7BppBWuwyY3NvQfAutXUuT31GbVDiK6Zi0aMBFWm0
K5WaB4RFJuiBRE6QRPkgao0QzTsFMgH0K0V7o+PraHX2QmPGUv5NwGDVzPI/GYE4
DdE+kA2ehQLhGXaHJHjPEAMPruZO7r5OBOn1lzIErkpuONdJH04gVVsiREacayvR
ItFaBsd+LWrdEjcUzBCGt6IOYxhK6Qd5TH4fO34/4R9W7yJzMfcg7OpaoArZTIdk
eqw5Cmz+6+8Qwpwkn7hNpE0NSoVEN5F9sZkmsenq/BfNo7JVc5J8yiJux/HdqgoO
cp0Smya7Da5A4ayy7nPmUam066P9PwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFB58
UIqmTYBqblFiYm56FqUup48yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQTYwRUQyNjU5OTAxMUYwQTQ0MDdDREZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsU8AwQBmsVWMA0GCSqG
SIb3DQEBCwUAA4IBAQBwjt7A6JqTtfJ9Keo7hvtRNt54YFu0Rvh7VHSLzELhhh4y
i7vCQS2lkHBj9WnruA9npSIWm0XwxWNe+0cJFiPi7xCB1+VT4TVDx+qggRk/+PoD
Z9VcKOZ6P5k7Flxk0vk/4NZJenrjOTv/EuDc/kuSE5dbCAj8i8t5OplBQ5xMlgUk
Xxuip48WhwRbc8SM3SzThbdji22Vp7wxgEorrISeRGMTDyiU2hNx4C3GU1hWdI5z
E/M7p1pBkj1HZ8Atfb0b0hSAkGZFtBia0n2tEnMgKd0L13DVRfZyP98c5y3xPGB/
k+s0acmrw8Q/3sstY7xilV46zpj5n4P22vMbPuWO
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:45:50 2025 by rpki-client