Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D72D02E608411F0B519AC7ADAE4EC9C.roa
File: 0D72D02E608411F0B519AC7ADAE4EC9C.roa (raw, json)
Hash identifier: DDu2Z0yXNyeVtcPGo8klJ+iG2l62xpmawfoiu/xHh+Y=
Subject key identifier: 0D:31:B7:34:86:D2:FA:6D:35:0C:76:F6:F4:1C:AB:D7:83:CA:D0:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D99
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D72D02E608411F0B519AC7ADAE4EC9C.roa
Signing time: Mon 14 Jul 2025 07:27:53 +0000
ROA not before: Mon 14 Jul 2025 07:27:48 +0000
ROA not after: Sat 02 May 2026 07:27:48 +0000
asID: 4809
IP address blocks: 154.83.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101785 (0x18d99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 14 07:27:48 2025 GMT
Not After : May 2 07:27:48 2026 GMT
Subject: CN=6874b179-0e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:61:07:54:e1:5e:74:e2:15:3e:bc:b6:16:72:
eb:d2:9e:44:36:d0:c8:c2:9e:2d:f2:76:57:bf:27:
6d:70:40:90:99:fe:c8:ce:94:e3:b1:33:36:52:9a:
45:28:62:cf:bc:fb:50:5f:2f:04:8b:39:7d:5c:64:
2b:1c:88:1b:bc:1e:7f:63:86:cc:ff:f8:ba:4c:98:
0f:43:ea:f5:a9:4e:29:4e:4e:93:31:71:e9:33:01:
dd:0d:98:28:e2:9c:8b:8d:58:40:e2:84:bd:9e:55:
cc:92:33:c3:4b:d4:b2:66:22:0e:7d:fa:a6:32:29:
bd:95:bd:6a:d8:3c:64:c6:a5:11:3c:8a:dc:ea:ef:
6c:3f:7b:e9:a1:db:0d:a5:9c:29:5e:b7:78:17:d2:
ee:b7:7d:6c:f0:0e:c7:d6:5e:a2:3e:0e:77:1e:af:
01:e8:b7:40:25:67:09:8c:65:fc:9c:06:bd:e4:45:
90:1e:b0:35:5b:25:75:50:72:3c:a3:ed:2d:4b:5f:
41:36:18:f3:7a:bf:b0:46:f8:b2:7a:e5:28:3b:d5:
95:0f:d8:f3:9b:63:7d:d2:c0:fd:8c:a4:44:3a:43:
93:69:6e:68:74:5d:9b:4e:da:c5:ef:6e:5d:92:0d:
38:1c:04:23:ea:de:14:1f:1e:60:11:70:39:17:e3:
c2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:31:B7:34:86:D2:FA:6D:35:0C:76:F6:F4:1C:AB:D7:83:CA:D0:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D72D02E608411F0B519AC7ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.28.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:b7:a9:7e:26:a9:ce:21:9a:dd:42:bd:63:01:50:da:7c:33:
3c:4b:1f:e4:5e:c9:4d:02:50:f4:fa:10:6d:65:31:77:5f:47:
0c:f4:af:17:c5:f4:51:5a:32:da:95:4c:ae:57:25:ef:63:4a:
9c:d9:fb:1c:ed:cf:d4:26:05:d4:87:0e:2f:34:88:18:62:cf:
0a:16:42:a0:91:7a:ba:59:98:6b:58:0a:c2:e8:36:6a:d6:e5:
a0:db:81:95:ba:d1:05:1f:d8:24:a1:b1:db:6a:75:e1:ec:04:
f6:6b:57:04:4a:4d:8c:0c:48:17:ef:5f:3b:26:48:4c:4d:1b:
3b:35:da:d1:5f:82:f9:bf:68:d0:a9:d6:91:97:f8:79:22:64:
ac:0a:b3:73:ce:d2:d7:0c:d8:63:f0:2c:3b:fd:f5:2b:77:6b:
e7:fb:3f:df:3d:3c:a0:83:f8:e2:93:1e:49:52:ad:d2:35:3a:
7f:0d:17:02:ac:68:18:66:02:b6:be:22:c5:1c:c9:90:e6:67:
b3:a1:46:82:0a:8b:4e:bf:3e:50:59:cd:5a:56:4e:36:cd:c9:
4a:40:d0:7a:c8:f3:db:bb:29:2a:fc:16:73:91:9c:72:b5:2e:
5c:59:d9:b4:08:6a:0e:ab:2a:dc:45:a0:76:51:30:dd:80:3d:
c7:7f:ed:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY2ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE0MDcyNzQ4WhcNMjYwNTAyMDcyNzQ4WjAYMRYw
FAYDVQQDEw02ODc0YjE3OS0wZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAumEHVOFedOIVPry2FnLr0p5ENtDIwp4t8nZXvydtcECQmf7IzpTjsTM2
UppFKGLPvPtQXy8Eizl9XGQrHIgbvB5/Y4bM//i6TJgPQ+r1qU4pTk6TMXHpMwHd
DZgo4pyLjVhA4oS9nlXMkjPDS9SyZiIOffqmMim9lb1q2DxkxqURPIrc6u9sP3vp
odsNpZwpXrd4F9Lut31s8A7H1l6iPg53Hq8B6LdAJWcJjGX8nAa95EWQHrA1WyV1
UHI8o+0tS19BNhjzer+wRviyeuUoO9WVD9jzm2N90sD9jKREOkOTaW5odF2bTtrF
725dkg04HAQj6t4UHx5gEXA5F+PCzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA0x
tzSG0vptNQx29vQcq9eDytAWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDcyRDAyRTYwODQxMUYwQjUxOUFDN0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMcMA0GCSqGSIb3DQEB
CwUAA4IBAQDGt6l+JqnOIZrdQr1jAVDafDM8Sx/kXslNAlD0+hBtZTF3X0cM9K8X
xfRRWjLalUyuVyXvY0qc2fsc7c/UJgXUhw4vNIgYYs8KFkKgkXq6WZhrWArC6DZq
1uWg24GVutEFH9gkobHbanXh7AT2a1cESk2MDEgX7187JkhMTRs7NdrRX4L5v2jQ
qdaRl/h5ImSsCrNzztLXDNhj8Cw7/fUrd2vn+z/fPTygg/jikx5JUq3SNTp/DRcC
rGgYZgK2viLFHMmQ5mezoUaCCotOvz5QWc1aVk42zclKQNB6yPPbuykq/BZzkZxy
tS5cWdm0CGoOqyrcRaB2UTDdgD3Hf+0u
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:17 2025 by rpki-client