Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A7BE3705BE611F0955B2598DAE4EC9C.roa
File: 1A7BE3705BE611F0955B2598DAE4EC9C.roa (raw, json)
Hash identifier: PingE1qwt4M6oMnp2Zs8GMVv2PyMmFT88Iq1Apt4SAM=
Subject key identifier: 06:37:2B:97:DC:FE:79:88:63:3F:30:6E:F0:2B:A7:9C:FE:08:93:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C91
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A7BE3705BE611F0955B2598DAE4EC9C.roa
Signing time: Tue 08 Jul 2025 10:27:10 +0000
ROA not before: Tue 08 Jul 2025 10:27:04 +0000
ROA not after: Sat 02 Aug 2025 10:27:04 +0000
asID: 20326
IP address blocks: 154.198.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101521 (0x18c91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 8 10:27:04 2025 GMT
Not After : Aug 2 10:27:04 2025 GMT
Subject: CN=686cf27e-66fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f7:61:a1:cf:b4:b3:61:e0:f1:76:c6:b0:87:
08:f1:a5:60:16:93:d1:10:fd:d9:1f:43:5e:08:64:
b1:de:e0:3c:41:bf:ad:42:6b:5d:15:be:d2:62:d1:
9e:97:0a:7c:f5:b4:df:38:1a:c5:b0:81:49:f8:e9:
89:3b:79:04:23:d2:f5:ea:c6:55:f4:59:09:f3:74:
7d:1b:3c:d5:89:4f:f9:1c:5d:cf:71:ef:b5:b7:22:
bd:6f:98:b6:4d:20:bd:ee:34:43:cf:02:eb:72:57:
d0:89:bd:49:48:5f:cf:5f:cc:af:0b:7d:6d:67:ff:
d1:f4:99:db:13:83:31:1e:ad:42:86:a9:76:d2:64:
a0:72:25:b3:fe:97:f5:5a:3e:59:23:0d:9b:d9:b1:
10:0e:18:1f:6d:f3:f6:26:a5:27:e9:2d:09:d5:66:
e6:17:eb:26:8a:c1:ff:20:ff:82:2b:63:1b:22:3f:
14:ea:91:fd:1b:89:aa:2a:d4:dc:16:51:bc:ed:69:
6b:26:67:01:87:40:26:25:cc:0f:1f:77:0e:d5:3c:
32:e5:58:b1:0f:80:07:54:0f:7e:49:de:39:08:17:
45:0b:32:d6:c1:6d:65:a7:05:db:69:c2:c9:f3:04:
90:5b:7f:80:a4:36:49:b8:c4:1d:dd:c0:49:44:80:
24:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:37:2B:97:DC:FE:79:88:63:3F:30:6E:F0:2B:A7:9C:FE:08:93:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A7BE3705BE611F0955B2598DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.176.0/21
Signature Algorithm: sha256WithRSAEncryption
96:d1:d0:c8:b4:7b:85:aa:4a:ea:5a:56:87:20:be:d4:6b:3e:
5f:d7:97:52:79:39:ef:92:6a:07:6f:c2:0b:8a:96:0a:f5:84:
38:82:c3:a9:0d:9c:43:15:52:0d:3e:23:2d:49:bd:3d:83:84:
f9:27:73:88:d1:c3:c7:d8:2a:72:85:65:28:b2:5d:89:f1:7e:
b0:4b:f2:e2:e4:e4:04:13:8d:32:f0:68:8a:05:47:3e:d5:28:
74:16:44:e3:e1:96:07:58:86:aa:69:18:27:76:a5:db:f7:49:
32:27:1d:eb:7a:ee:84:44:82:8a:b5:57:09:f6:ea:f0:05:59:
af:ee:7b:f4:62:5a:3a:d6:87:84:00:ee:34:17:0d:dc:87:a4:
ad:d3:3c:78:94:0b:ba:6b:84:06:0c:b6:b3:e9:f8:19:f6:1e:
21:dd:cd:54:25:aa:33:27:71:a0:30:08:cd:cd:af:d3:b7:d5:
6d:34:e2:03:f4:81:60:5d:06:6c:dd:c8:72:79:80:9e:c4:a8:
91:d0:8b:04:a1:e4:67:18:ae:13:f0:f8:8c:71:52:5c:a9:28:
6f:f8:a2:fa:30:84:8a:f6:f2:dd:75:48:3d:74:e6:71:58:4c:
f2:7e:1a:bc:97:51:10:35:b7:c2:9a:8d:68:be:6f:e9:b8:a4:
8f:9c:8f:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYyRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA4MTAyNzA0WhcNMjUwODAyMTAyNzA0WjAYMRYw
FAYDVQQDEw02ODZjZjI3ZS02NmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuPdhoc+0s2Hg8XbGsIcI8aVgFpPREP3ZH0NeCGSx3uA8Qb+tQmtdFb7S
YtGelwp89bTfOBrFsIFJ+OmJO3kEI9L16sZV9FkJ83R9GzzViU/5HF3Pce+1tyK9
b5i2TSC97jRDzwLrclfQib1JSF/PX8yvC31tZ//R9JnbE4MxHq1Chql20mSgciWz
/pf1Wj5ZIw2b2bEQDhgfbfP2JqUn6S0J1WbmF+smisH/IP+CK2MbIj8U6pH9G4mq
KtTcFlG87WlrJmcBh0AmJcwPH3cO1Twy5VixD4AHVA9+Sd45CBdFCzLWwW1lpwXb
acLJ8wSQW3+ApDZJuMQd3cBJRIAkrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAY3
K5fc/nmIYz8wbvArp5z+CJNpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQTdCRTM3MDVCRTYxMUYwOTU1QjI1OThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsawMA0GCSqGSIb3DQEB
CwUAA4IBAQCW0dDItHuFqkrqWlaHIL7Uaz5f15dSeTnvkmoHb8ILipYK9YQ4gsOp
DZxDFVINPiMtSb09g4T5J3OI0cPH2CpyhWUosl2J8X6wS/Li5OQEE40y8GiKBUc+
1Sh0FkTj4ZYHWIaqaRgndqXb90kyJx3reu6ERIKKtVcJ9urwBVmv7nv0Ylo61oeE
AO40Fw3ch6St0zx4lAu6a4QGDLaz6fgZ9h4h3c1UJaozJ3GgMAjNza/Tt9VtNOID
9IFgXQZs3chyeYCexKiR0IsEoeRnGK4T8PiMcVJcqShv+KL6MISK9vLddUg9dOZx
WEzyfhq8l1EQNbfCmo1ovm/puKSPnI/E
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:34:08 2025 by rpki-client