Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/278E84B25B5711F0BE0381EEDAE4EC9C.roa
File: 278E84B25B5711F0BE0381EEDAE4EC9C.roa (raw, json)
Hash identifier: kGC2815YbHkaHGoxv453BClF7YOpAVKsLyYPjBkO9xI=
Subject key identifier: 96:C6:C6:9B:DB:1F:4A:0D:5B:96:35:84:2B:7C:3B:1A:EC:24:A5:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C36
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/278E84B25B5711F0BE0381EEDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 17:23:54 +0000
ROA not before: Mon 07 Jul 2025 17:23:49 +0000
ROA not after: Sun 24 Aug 2025 17:23:49 +0000
asID: 40065
IP address blocks: 154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101430 (0x18c36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 17:23:49 2025 GMT
Not After : Aug 24 17:23:49 2025 GMT
Subject: CN=686c02aa-026e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9b:83:69:9c:cb:dc:af:ab:24:29:46:42:15:
78:2a:dd:5b:72:e4:e7:6d:58:b9:7f:a8:cb:24:c8:
fc:4e:e2:c3:68:8c:8a:58:04:c7:97:a3:1c:51:33:
a6:ab:98:a3:38:44:3a:2a:3d:8c:4f:f1:dd:3f:e9:
49:dc:46:26:64:b9:c9:21:f7:9b:72:19:a3:b7:7f:
b4:51:44:02:1b:16:48:dd:b3:d5:7e:c8:bb:8b:f6:
99:e2:95:d3:63:6c:61:cb:c1:6d:83:c2:01:02:f6:
f4:fc:b3:da:71:a6:a7:1a:6c:2c:d6:58:e7:b8:56:
0a:13:d6:0c:ed:79:3b:24:49:ba:9b:80:3f:d4:45:
13:0b:96:4b:78:5d:84:6c:e2:57:36:b3:ac:db:54:
27:94:9c:da:ff:21:46:63:ca:6b:0a:ef:f3:c3:fd:
11:5e:f4:96:cb:5a:d0:d9:a1:47:43:39:bc:2b:8e:
d2:bc:f3:ef:d8:86:9a:90:39:5e:a8:34:88:d3:7c:
09:6a:37:e2:1b:39:0d:57:71:f3:21:2c:f6:e7:f5:
ec:ef:79:d0:5b:6f:ba:e8:11:58:1e:2e:99:12:8b:
8a:da:6d:fe:ba:6b:6a:b0:d6:19:95:47:e4:a7:dd:
ec:0a:d1:95:0d:19:aa:86:cc:07:45:3c:10:2f:43:
d4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C6:C6:9B:DB:1F:4A:0D:5B:96:35:84:2B:7C:3B:1A:EC:24:A5:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/278E84B25B5711F0BE0381EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/20
Signature Algorithm: sha256WithRSAEncryption
ac:2a:8f:74:08:fc:2e:23:93:bf:cc:23:69:5d:a6:1f:b2:aa:
7f:36:03:2a:b6:bf:76:18:2b:4b:46:03:5b:41:95:0b:21:74:
95:36:27:35:89:ca:40:0b:ac:c3:79:de:4b:f7:7c:25:7f:94:
58:1e:80:8c:17:20:08:3b:08:f9:b5:0d:78:f9:f4:8a:64:5d:
71:22:67:54:46:a9:30:1b:f1:95:60:6f:36:93:04:2e:f6:3a:
7a:ae:14:12:28:66:af:f3:50:36:b7:b6:20:de:2b:d7:5d:90:
cb:c5:6a:7f:ff:33:21:5b:4a:db:1b:56:cb:a8:c3:a7:06:7a:
08:5b:45:b1:26:ea:0d:bd:21:a2:02:18:dc:9f:23:78:af:12:
cb:06:8b:fb:52:42:6f:5e:c3:b6:bc:57:03:05:19:77:62:1d:
49:b7:0a:7c:75:df:f0:d9:12:1a:e9:4d:01:81:68:b5:c7:0a:
e9:5a:e1:bf:b6:e0:51:72:d8:b1:c4:3b:41:fc:a0:4c:f7:48:
d7:ab:50:13:8c:89:ee:8e:c2:ba:fc:95:41:61:fd:94:af:6b:
55:34:92:a7:c2:e8:cd:1c:6b:10:49:11:58:41:64:83:4e:88:
54:7b:aa:e8:8f:af:5e:37:ea:17:28:71:5d:2d:57:8a:3b:d5:
1e:53:3c:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYw2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTcyMzQ5WhcNMjUwODI0MTcyMzQ5WjAYMRYw
FAYDVQQDEw02ODZjMDJhYS0wMjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3JuDaZzL3K+rJClGQhV4Kt1bcuTnbVi5f6jLJMj8TuLDaIyKWATHl6Mc
UTOmq5ijOEQ6Kj2MT/HdP+lJ3EYmZLnJIfebchmjt3+0UUQCGxZI3bPVfsi7i/aZ
4pXTY2xhy8Ftg8IBAvb0/LPacaanGmws1ljnuFYKE9YM7Xk7JEm6m4A/1EUTC5ZL
eF2EbOJXNrOs21QnlJza/yFGY8prCu/zw/0RXvSWy1rQ2aFHQzm8K47SvPPv2Iaa
kDleqDSI03wJajfiGzkNV3HzISz25/Xs73nQW2+66BFYHi6ZEouK2m3+umtqsNYZ
lUfkp93sCtGVDRmqhswHRTwQL0PUIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJbG
xpvbH0oNW5Y1hCt8OxrsJKUtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNzhFODRCMjVCNTcxMUYwQkUwMzgxRUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQCsKo90CPwuI5O/zCNpXaYfsqp/NgMqtr92GCtLRgNbQZULIXSVNic1
icpAC6zDed5L93wlf5RYHoCMFyAIOwj5tQ14+fSKZF1xImdURqkwG/GVYG82kwQu
9jp6rhQSKGav81A2t7Yg3ivXXZDLxWp//zMhW0rbG1bLqMOnBnoIW0WxJuoNvSGi
AhjcnyN4rxLLBov7UkJvXsO2vFcDBRl3Yh1Jtwp8dd/w2RIa6U0BgWi1xwrpWuG/
tuBRctixxDtB/KBM90jXq1ATjInujsK6/JVBYf2Ur2tVNJKnwujNHGsQSRFYQWSD
TohUe6roj69eN+oXKHFdLVeKO9UeUzy7
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:58 2025 by rpki-client