Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2167BE065CF511F0B9A5D3F4DAE4EC9C.roa
File: 2167BE065CF511F0B9A5D3F4DAE4EC9C.roa (raw, json)
Hash identifier: nOGObUHVOLx6AOdlinjZ1DHiabpFPWBEm2BNePyVFW4=
Subject key identifier: BD:56:EA:0D:37:77:4A:E9:D2:2E:39:A5:56:FA:DA:4C:DC:B1:E9:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2167BE065CF511F0B9A5D3F4DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 18:47:15 +0000
ROA not before: Wed 09 Jul 2025 18:47:10 +0000
ROA not after: Sat 16 Aug 2025 18:47:10 +0000
asID: 401701
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101636 (0x18d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 18:47:10 2025 GMT
Not After : Aug 16 18:47:10 2025 GMT
Subject: CN=686eb933-5942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f4:5e:fb:13:85:cb:c0:5c:e5:1f:a3:03:5a:
ad:80:48:60:b9:61:d8:ae:3b:7f:31:ba:8f:81:cc:
b7:37:b7:1f:23:a2:2f:0a:c5:e5:14:0a:13:67:3e:
6d:53:b6:23:5b:a3:9a:c9:8b:5f:b0:f7:e2:ad:3d:
c5:13:23:5f:53:6f:2e:d3:ce:3a:b9:bb:4f:35:01:
be:65:fd:60:ae:57:bd:e7:1c:21:e7:57:87:43:62:
88:1b:0e:04:1a:eb:dd:24:59:4e:9c:0d:c3:cf:64:
2e:18:2d:92:6e:65:5e:de:95:1c:79:43:63:0c:3a:
f8:09:46:33:b5:34:e1:58:38:8d:a4:0e:09:73:99:
1d:39:9e:99:b9:86:45:50:2e:46:d6:cd:74:95:cd:
17:24:67:f6:4e:a6:4c:7b:be:ee:89:6b:39:11:7f:
bc:8f:fb:5f:75:2e:a5:ee:64:2e:48:54:5d:33:a7:
db:f1:df:79:85:8e:b7:38:02:54:8e:cf:dd:4a:06:
30:7e:d3:9f:b1:32:64:42:38:7b:2a:15:3a:39:e3:
90:fe:87:80:c8:6e:67:91:02:a9:bf:c1:df:87:a1:
db:bc:7b:e1:71:cd:a4:6b:f2:48:df:19:4c:ec:4e:
77:9a:6d:11:55:a5:e2:7c:24:fd:1d:f4:6b:73:92:
27:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:56:EA:0D:37:77:4A:E9:D2:2E:39:A5:56:FA:DA:4C:DC:B1:E9:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2167BE065CF511F0B9A5D3F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:3b:ab:d1:68:3b:e5:45:38:ae:58:79:7c:c2:d6:ab:2a:58:
fd:7a:c6:b0:e4:d6:df:a0:f3:89:4d:9a:b3:04:79:e3:44:ed:
bb:47:9b:25:20:3e:7a:65:d8:f3:87:45:a8:1b:d2:9c:0e:d1:
37:f5:ba:cc:1c:60:cd:38:c5:24:41:c0:f7:7f:a2:0c:d5:ba:
c7:26:a5:64:53:85:7f:47:fc:0f:f9:3b:41:89:ee:d2:65:5d:
1e:5b:b3:09:45:5c:53:6d:5e:02:dd:d4:e1:97:35:70:b4:d7:
23:44:ad:ed:2a:0f:83:45:71:0f:53:d5:3c:99:80:5b:d0:c9:
af:a7:57:38:d3:82:42:2c:47:ba:66:5f:0c:06:c8:13:3c:9c:
6f:4d:a3:88:e2:a7:aa:44:d7:5a:39:a2:fa:ee:d4:18:f3:15:
5e:27:15:34:dd:cc:5f:d9:0f:31:af:76:9c:77:f2:cd:84:50:
5d:18:33:43:fb:e5:22:ea:e1:28:5b:84:af:07:68:ec:9e:7f:
4d:ef:e0:31:53:ce:73:d9:b0:55:5f:d1:37:a9:a7:f6:11:f0:
14:2c:45:0f:af:09:78:9b:67:de:cd:78:fc:63:95:a0:c0:7a:
63:21:f3:b9:9a:3f:7e:3b:74:68:de:db:31:a1:bd:ad:ec:cd:
27:ff:fd:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY0EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTg0NzEwWhcNMjUwODE2MTg0NzEwWjAYMRYw
FAYDVQQDEw02ODZlYjkzMy01OTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzPRe+xOFy8Bc5R+jA1qtgEhguWHYrjt/MbqPgcy3N7cfI6IvCsXlFAoT
Zz5tU7YjW6OayYtfsPfirT3FEyNfU28u0846ubtPNQG+Zf1grle95xwh51eHQ2KI
Gw4EGuvdJFlOnA3Dz2QuGC2SbmVe3pUceUNjDDr4CUYztTThWDiNpA4Jc5kdOZ6Z
uYZFUC5G1s10lc0XJGf2TqZMe77uiWs5EX+8j/tfdS6l7mQuSFRdM6fb8d95hY63
OAJUjs/dSgYwftOfsTJkQjh7KhU6OeOQ/oeAyG5nkQKpv8Hfh6HbvHvhcc2ka/JI
3xlM7E53mm0RVaXifCT9HfRrc5InSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL1W
6g03d0rp0i45pVb62kzcselrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTY3QkUwNjVDRjUxMUYwQjlBNUQzRjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQAMO6vRaDvlRTiuWHl8wtarKlj9esaw5NbfoPOJTZqzBHnjRO27R5sl
ID56Zdjzh0WoG9KcDtE39brMHGDNOMUkQcD3f6IM1brHJqVkU4V/R/wP+TtBie7S
ZV0eW7MJRVxTbV4C3dThlzVwtNcjRK3tKg+DRXEPU9U8mYBb0Mmvp1c404JCLEe6
Zl8MBsgTPJxvTaOI4qeqRNdaOaL67tQY8xVeJxU03cxf2Q8xr3acd/LNhFBdGDND
++Ui6uEoW4SvB2jsnn9N7+AxU85z2bBVX9E3qaf2EfAULEUPrwl4m2fezXj8Y5Wg
wHpjIfO5mj9+O3Ro3tsxob2t7M0n//1F
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:43:50 2025 by rpki-client