Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2921C9F45D0711F0B77E1CE9DAE4EC9C.roa
File: 2921C9F45D0711F0B77E1CE9DAE4EC9C.roa (raw, json)
Hash identifier: pCimdtw2CPNj36gwGbnB0Q8XW70Tk9UpZE0SQNoAtV4=
Subject key identifier: A0:FA:8A:4A:19:D3:B7:0C:04:F8:58:14:5E:42:97:6B:FE:00:14:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D18
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2921C9F45D0711F0B77E1CE9DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 20:56:19 +0000
ROA not before: Wed 09 Jul 2025 20:56:14 +0000
ROA not after: Sun 24 Aug 2025 20:56:14 +0000
asID: 138195
IP address blocks: 154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101656 (0x18d18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 20:56:14 2025 GMT
Not After : Aug 24 20:56:14 2025 GMT
Subject: CN=686ed773-cd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d9:6f:be:4e:ce:bc:d9:0b:48:c2:7d:2d:c6:
8f:e2:64:e9:76:cf:41:df:9e:8f:8d:c2:32:e0:7f:
41:d3:29:9e:f1:be:c5:20:f3:a7:5c:85:71:a7:57:
6f:4b:db:a0:db:34:87:1c:3d:55:f6:58:c2:82:25:
4e:ee:a3:c2:79:35:9a:9a:4a:79:8e:68:ee:49:55:
39:3b:c4:0f:e0:90:37:20:4d:c6:60:85:fc:db:2a:
5b:88:24:df:15:92:3a:a7:70:01:4d:17:2d:59:d7:
86:12:73:8d:c7:ef:b8:44:5f:34:c0:02:b8:a1:7d:
36:a8:02:c6:03:14:d5:98:94:39:94:14:99:0f:ed:
bf:91:52:19:03:17:56:c7:fe:c9:eb:10:0e:fb:ab:
83:fe:e2:3e:6d:3a:38:8b:12:39:39:09:4f:ab:ce:
c8:85:b6:36:87:35:02:48:07:fd:ed:c9:16:43:fd:
50:d3:16:17:37:06:e0:e3:df:ef:e2:a2:35:f1:e7:
83:ba:dd:28:f5:7b:7c:54:35:2a:61:f1:35:2a:28:
ba:53:19:6a:eb:8b:ea:25:9e:39:9e:37:b6:af:9c:
dc:0d:d0:fa:aa:ff:33:b6:ac:e2:9e:fa:76:f7:05:
a7:f0:22:84:03:66:8f:ef:4b:54:0f:8a:80:ae:6b:
cb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FA:8A:4A:19:D3:B7:0C:04:F8:58:14:5E:42:97:6B:FE:00:14:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2921C9F45D0711F0B77E1CE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7c:52:e7:d6:d8:81:59:7a:bb:53:f5:f0:83:0b:89:f9:b0:
a9:58:38:aa:c1:99:57:43:6c:d7:93:3e:6b:fd:45:07:9c:0a:
25:e0:8a:68:42:9e:9e:59:23:5e:25:f4:18:88:d2:e3:a6:b3:
1a:1c:1d:3b:ef:99:2f:43:ab:f0:72:17:2c:3b:00:4a:d0:1f:
2e:79:9a:0d:1f:57:8a:ad:c1:51:cf:bf:91:f0:f7:4b:e6:55:
9b:ec:ed:6f:a3:c9:f5:94:34:d6:27:e0:44:b6:fb:10:42:51:
bb:02:91:94:60:be:28:2e:60:cb:7b:90:8e:7b:0c:16:9b:6c:
5c:90:d7:71:7e:6c:d0:23:ed:1a:90:8c:46:f2:09:45:09:25:
95:fd:4e:c7:22:eb:3c:2d:c7:f1:9b:d4:94:a0:17:23:3a:1e:
dd:aa:49:95:8f:b5:31:43:20:ea:a3:ca:ca:aa:a9:4f:53:98:
73:f4:38:b5:2a:e5:06:f0:08:da:0f:4d:2c:0a:82:ed:66:a6:
db:a9:ae:c1:7c:de:27:33:20:e4:17:f1:eb:43:dc:79:7b:0e:
b3:1a:5e:28:eb:0b:f1:89:95:4d:d8:8e:7b:9b:75:1c:1c:a6:
a4:90:c0:2d:10:2d:0b:e3:f3:e5:39:ce:5a:ef:81:02:4b:bf:
00:35:19:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY0YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MjA1NjE0WhcNMjUwODI0MjA1NjE0WjAYMRYw
FAYDVQQDEw02ODZlZDc3My1jZDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApNlvvk7OvNkLSMJ9LcaP4mTpds9B356PjcIy4H9B0yme8b7FIPOnXIVx
p1dvS9ug2zSHHD1V9ljCgiVO7qPCeTWamkp5jmjuSVU5O8QP4JA3IE3GYIX82ypb
iCTfFZI6p3ABTRctWdeGEnONx++4RF80wAK4oX02qALGAxTVmJQ5lBSZD+2/kVIZ
AxdWx/7J6xAO+6uD/uI+bTo4ixI5OQlPq87IhbY2hzUCSAf97ckWQ/1Q0xYXNwbg
49/v4qI18eeDut0o9Xt8VDUqYfE1Kii6Uxlq64vqJZ45nje2r5zcDdD6qv8ztqzi
nvp29wWn8CKEA2aP70tUD4qArmvLKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKD6
ikoZ07cMBPhYFF5Cl2v+ABQIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTIxQzlGNDVEMDcxMUYwQjc3RTFDRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8YMA0GCSqGSIb3DQEB
CwUAA4IBAQAwfFLn1tiBWXq7U/XwgwuJ+bCpWDiqwZlXQ2zXkz5r/UUHnAol4Ipo
Qp6eWSNeJfQYiNLjprMaHB0775kvQ6vwchcsOwBK0B8ueZoNH1eKrcFRz7+R8PdL
5lWb7O1vo8n1lDTWJ+BEtvsQQlG7ApGUYL4oLmDLe5COewwWm2xckNdxfmzQI+0a
kIxG8glFCSWV/U7HIus8Lcfxm9SUoBcjOh7dqkmVj7UxQyDqo8rKqqlPU5hz9Di1
KuUG8AjaD00sCoLtZqbbqa7BfN4nMyDkF/HrQ9x5ew6zGl4o6wvxiZVN2I57m3Uc
HKakkMAtEC0L4/PlOc5a74ECS78ANRnP
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:43 2025 by rpki-client