Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C85BB20590411F0A579EEC6DAE4EC9C.roa
File: 2C85BB20590411F0A579EEC6DAE4EC9C.roa (raw, json)
Hash identifier: 8CvT6Qew3ipycQCdbVc8Rarwe6Ez5gDY2z9mXSok8DY=
Subject key identifier: 58:77:B2:F1:FD:AB:B0:BC:64:8D:1B:D1:1D:0B:C5:C4:63:DB:77:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A9C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C85BB20590411F0A579EEC6DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 18:24:51 +0000
ROA not before: Fri 04 Jul 2025 18:24:46 +0000
ROA not after: Thu 04 Sep 2025 18:24:46 +0000
asID: 398993
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101020 (0x18a9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 18:24:46 2025 GMT
Not After : Sep 4 18:24:46 2025 GMT
Subject: CN=68681c73-5c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:04:5e:ed:97:84:6f:e6:c0:7f:e7:33:25:
0a:fe:6f:c4:34:e6:88:a5:08:4e:e4:87:c8:01:d3:
9a:3a:f7:37:cd:85:2c:d3:fd:9e:04:96:15:8a:08:
c7:d2:c2:d6:8a:58:83:15:d0:54:3a:2d:f5:99:4e:
f9:b2:d2:db:16:97:7d:9a:c9:3a:a4:5a:22:eb:4f:
ad:58:95:f4:43:80:25:8a:63:cc:73:cd:8f:cf:b9:
99:b6:66:c5:8d:3a:f2:39:d4:70:75:36:f0:80:73:
61:d5:5d:ec:b5:19:66:49:9f:68:78:58:b2:3a:80:
c7:a8:67:e1:27:ea:4e:7b:da:9e:ed:98:03:a0:47:
ae:b5:c3:8b:3b:22:00:1b:cb:53:b4:8e:0a:d8:08:
fe:c8:4e:49:96:e4:19:41:ce:84:ae:8a:25:44:84:
d9:22:fd:9c:8c:d1:6f:f1:96:15:f4:93:ea:ac:df:
47:94:69:23:8a:16:a4:fb:b0:df:a1:8c:10:b4:b8:
ec:d0:d4:6b:7f:b1:3d:9c:7a:6b:d7:26:49:7b:76:
a7:3b:aa:e1:9b:9b:49:c8:c5:ae:a9:a6:02:0d:a9:
b0:c3:ca:7d:c3:4c:bb:b9:5d:16:3b:5a:29:ae:fc:
27:ea:1f:ea:b4:88:f7:9e:0c:8c:88:3a:5a:7e:7a:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:77:B2:F1:FD:AB:B0:BC:64:8D:1B:D1:1D:0B:C5:C4:63:DB:77:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C85BB20590411F0A579EEC6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
9c:63:58:1b:2b:20:b5:c4:0d:fe:2c:7b:eb:93:29:e1:b7:cb:
ae:00:bf:7a:07:17:66:d6:3a:83:56:66:8c:25:8f:2c:76:22:
96:0e:19:24:f1:da:47:13:70:3a:27:bc:ec:9c:4a:5b:8a:ac:
04:32:78:82:40:f6:a8:f1:ed:a0:c1:4f:90:b5:e1:8a:5a:6d:
24:2b:70:ae:52:8b:94:fa:f4:2e:bd:85:4a:8a:c8:6d:c5:16:
ba:65:36:54:b1:0e:01:5f:25:ec:0f:2f:a8:8b:bb:e6:7c:ce:
40:bb:9b:2e:21:1d:bd:3a:5d:4b:df:49:65:38:54:48:5d:c5:
2c:89:63:29:ba:dd:02:9c:56:d9:e7:c8:73:eb:fe:a1:4b:f4:
f4:36:12:94:90:29:2b:d9:53:61:74:6f:f1:e4:40:cc:cd:fe:
2f:4f:2a:7e:c4:81:a8:2d:08:54:8e:89:94:5f:56:92:31:a0:
25:c6:2a:a7:71:ed:73:1c:f7:fd:6f:55:c9:5c:c0:64:76:e8:
de:67:bf:4a:2c:4a:fc:0d:45:43:8e:88:23:90:7d:a0:1f:71:
f1:47:6a:56:7a:53:5c:ed:d2:24:9c:18:e5:f9:1c:50:5a:39:
2f:7d:23:06:ff:cb:d8:8f:d5:d0:38:4e:23:4c:fd:9b:85:f0:
29:94:dd:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYqcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTgyNDQ2WhcNMjUwOTA0MTgyNDQ2WjAYMRYw
FAYDVQQDEw02ODY4MWM3My01YzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvqIEXu2XhG/mwH/nMyUK/m/ENOaIpQhO5IfIAdOaOvc3zYUs0/2eBJYV
igjH0sLWiliDFdBUOi31mU75stLbFpd9msk6pFoi60+tWJX0Q4AlimPMc82Pz7mZ
tmbFjTryOdRwdTbwgHNh1V3stRlmSZ9oeFiyOoDHqGfhJ+pOe9qe7ZgDoEeutcOL
OyIAG8tTtI4K2Aj+yE5JluQZQc6EroolRITZIv2cjNFv8ZYV9JPqrN9HlGkjihak
+7DfoYwQtLjs0NRrf7E9nHpr1yZJe3anO6rhm5tJyMWuqaYCDamww8p9w0y7uV0W
O1oprvwn6h/qtIj3ngyMiDpafnq8awIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFh3
svH9q7C8ZI0b0R0LxcRj23fCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzg1QkIyMDU5MDQxMUYwQTU3OUVFQzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQCcY1gbKyC1xA3+LHvrkynht8uuAL96Bxdm1jqDVmaMJY8sdiKWDhkk
8dpHE3A6J7zsnEpbiqwEMniCQPao8e2gwU+QteGKWm0kK3CuUouU+vQuvYVKisht
xRa6ZTZUsQ4BXyXsDy+oi7vmfM5Au5suIR29Ol1L30llOFRIXcUsiWMput0CnFbZ
58hz6/6hS/T0NhKUkCkr2VNhdG/x5EDMzf4vTyp+xIGoLQhUjomUX1aSMaAlxiqn
ce1zHPf9b1XJXMBkdujeZ79KLEr8DUVDjogjkH2gH3HxR2pWelNc7dIknBjl+RxQ
WjkvfSMG/8vYj9XQOE4jTP2bhfAplN2k
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:38:26 2025 by rpki-client