Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EDFF26A5E5511F08A9105BBDAE4EC9C.roa
File: 0EDFF26A5E5511F08A9105BBDAE4EC9C.roa (raw, json)
Hash identifier: zLTjCkZLuQDy0E7nzTG1FSgkU8VZKqjp7X4F5C7mbrU=
Subject key identifier: D9:B0:92:47:8D:AA:69:5D:86:8E:9A:28:8A:34:15:C9:D8:CE:07:CA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D7A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EDFF26A5E5511F08A9105BBDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 12:46:27 +0000
ROA not before: Fri 11 Jul 2025 12:46:22 +0000
ROA not after: Thu 14 Aug 2025 12:46:22 +0000
asID: 397630
IP address blocks: 154.83.44.0/22 maxlen: 24
154.84.132.0/24 maxlen: 24
154.84.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101754 (0x18d7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 12:46:22 2025 GMT
Not After : Aug 14 12:46:22 2025 GMT
Subject: CN=687107a3-aab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:2b:4b:92:c7:59:59:59:33:74:56:03:eb:
e3:39:20:f5:03:51:11:c8:38:8a:82:a5:42:6f:cc:
bd:10:fa:d8:6d:48:c1:4d:44:d0:58:54:3e:5f:0b:
0e:2e:8c:4e:34:46:50:8a:27:7b:27:a4:78:5e:dc:
b4:5c:67:2b:3b:1c:75:90:0a:cf:97:78:2e:76:fe:
e4:fb:36:3a:a3:db:09:22:69:d7:9f:ad:82:ab:18:
bb:6d:c9:2e:cc:f3:e8:e8:44:93:21:86:c3:9a:f5:
f6:4c:90:01:9e:c7:9f:d7:48:4e:fe:7d:a5:16:5a:
b3:b4:c4:30:42:c6:66:98:66:1b:8f:b9:63:b1:da:
f3:12:94:1e:18:4c:74:a1:0f:09:b9:8b:d3:4e:14:
83:91:e7:5a:58:93:9a:0b:27:77:f9:a4:76:cd:fe:
a0:8a:e5:7d:95:2d:ba:55:4b:e8:b4:ef:81:66:d9:
f3:9d:71:d4:8c:a0:78:8a:14:7f:8d:c3:7f:fb:01:
75:ea:9c:a9:1c:ff:6b:64:d4:16:8a:94:33:38:e9:
96:97:a3:e7:95:a7:08:76:7d:c6:4d:1d:e0:bc:bc:
fb:ef:21:07:ce:ff:01:7d:e8:60:76:2d:bc:e3:3c:
2a:c2:ac:9a:51:6d:5d:93:a9:a1:c4:81:8e:a8:9d:
bc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B0:92:47:8D:AA:69:5D:86:8E:9A:28:8A:34:15:C9:D8:CE:07:CA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0EDFF26A5E5511F08A9105BBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.44.0/22
154.84.132.0/24
154.84.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:a5:f8:e3:1a:3d:5c:86:90:1b:61:ac:c2:96:19:22:3a:8f:
e8:fe:ea:9f:d4:17:be:21:fa:83:c1:1b:b3:7a:5b:e8:66:b5:
18:a4:b3:55:eb:41:27:03:f4:00:d0:47:86:cc:24:47:7b:74:
48:f4:bc:2a:e6:44:56:48:b2:ce:a6:86:5f:a0:d2:66:3f:91:
59:4b:a3:1c:be:75:08:fc:49:01:73:bd:74:8d:74:6b:71:28:
ad:5d:9a:a8:27:13:be:a8:d8:76:2c:72:bc:0e:bf:02:70:50:
32:3f:ce:9d:66:78:25:3d:72:85:a2:fc:1a:71:f5:be:91:e6:
f9:1c:20:07:38:ef:47:9d:f5:37:1f:a8:99:34:cc:9b:be:c0:
c4:17:e3:1b:9a:42:bc:20:e3:e5:52:dd:e4:9e:29:a7:f7:cf:
db:0c:49:b6:62:5a:e4:af:ea:bd:38:17:60:4f:25:42:be:ac:
ea:01:12:30:2b:ae:02:f1:37:a2:41:08:9c:34:3e:36:54:7b:
dc:a7:3b:b5:da:2a:d4:b3:04:76:1b:17:c8:43:6d:90:c5:0e:
a9:2d:1a:5c:88:0d:66:17:b9:ff:83:54:4f:fa:68:d6:2a:53:
a2:94:ad:cc:6d:0b:82:df:63:f4:6e:00:97:7f:9e:da:e7:77:
76:0b:4e:fa
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAY16MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTI0NjIyWhcNMjUwODE0MTI0NjIyWjAYMRYw
FAYDVQQDEw02ODcxMDdhMy1hYWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvBArS5LHWVlZM3RWA+vjOSD1A1ERyDiKgqVCb8y9EPrYbUjBTUTQWFQ+
XwsOLoxONEZQiid7J6R4Xty0XGcrOxx1kArPl3gudv7k+zY6o9sJImnXn62Cqxi7
bckuzPPo6ESTIYbDmvX2TJABnsef10hO/n2lFlqztMQwQsZmmGYbj7ljsdrzEpQe
GEx0oQ8JuYvTThSDkedaWJOaCyd3+aR2zf6giuV9lS26VUvotO+BZtnznXHUjKB4
ihR/jcN/+wF16pypHP9rZNQWipQzOOmWl6PnlacIdn3GTR3gvLz77yEHzv8Bfehg
di284zwqwqyaUW1dk6mhxIGOqJ28QwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNmw
kkeNqmldho6aKIo0FcnYzgfKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRURGRjI2QTVFNTUxMUYwOEE5MTA1QkJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmlMsAwQAmlSEAwQAmlSG
MA0GCSqGSIb3DQEBCwUAA4IBAQCjpfjjGj1chpAbYazClhkiOo/o/uqf1Be+IfqD
wRuzelvoZrUYpLNV60EnA/QA0EeGzCRHe3RI9Lwq5kRWSLLOpoZfoNJmP5FZS6Mc
vnUI/EkBc710jXRrcSitXZqoJxO+qNh2LHK8Dr8CcFAyP86dZnglPXKFovwacfW+
keb5HCAHOO9HnfU3H6iZNMybvsDEF+MbmkK8IOPlUt3knimn98/bDEm2Ylrkr+q9
OBdgTyVCvqzqARIwK64C8TeiQQicND42VHvcpzu12irUswR2GxfIQ22QxQ6pLRpc
iA1mF7n/g1RP+mjWKlOilK3MbQuC32P0bgCXf57a53d2C076
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:43 2025 by rpki-client