Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DE1435058E511F097BCCE83DAE4EC9C.roa
File: 2DE1435058E511F097BCCE83DAE4EC9C.roa (raw, json)
Hash identifier: C8SRHpDP8sk63ovUWH9HKOybrllL2n/s40FD1Uprj2I=
Subject key identifier: 87:A4:7A:03:8E:16:97:40:6F:6A:2C:73:E9:2A:15:3D:EE:42:E3:13
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A66
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DE1435058E511F097BCCE83DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 14:42:59 +0000
ROA not before: Fri 04 Jul 2025 14:42:53 +0000
ROA not after: Sun 24 Aug 2025 14:42:53 +0000
asID: 40065
IP address blocks: 154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100966 (0x18a66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 14:42:53 2025 GMT
Not After : Aug 24 14:42:53 2025 GMT
Subject: CN=6867e873-80a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:d0:82:0d:fd:9b:d6:dc:65:60:20:81:c5:
3f:2f:e5:84:fa:12:4a:2c:96:ae:2f:9d:b4:6d:c4:
c6:52:81:a7:de:03:e4:58:58:b7:9e:36:60:f3:e1:
1c:9f:20:68:19:00:ee:a4:45:cd:06:8c:8f:9b:9c:
88:6b:4f:4e:a8:91:82:43:fd:33:39:cf:92:a8:8e:
a2:89:59:e8:96:28:7c:1e:aa:fb:0b:ae:aa:76:e2:
36:b6:c0:ea:0d:8f:15:71:4c:cd:af:ba:24:df:36:
4f:0a:0a:55:f2:e9:14:66:d1:57:63:b7:e9:99:1e:
ee:c1:79:48:88:d7:5e:81:dd:f1:d5:76:05:c9:b5:
7d:eb:d4:87:ec:ff:1f:81:ec:c7:ba:f5:c0:2d:3d:
90:b8:26:80:71:de:a3:2e:ac:5a:18:39:fb:42:5b:
d8:e1:8b:77:d6:a1:6f:14:21:63:86:3e:17:51:ec:
70:a6:11:e4:04:c5:e4:50:b7:fb:c3:d8:b6:f3:0f:
88:11:0e:2e:f5:11:07:4f:31:13:85:47:3b:99:86:
c1:14:38:7d:02:cc:22:f6:fb:6b:e4:ff:e0:33:e3:
9a:c1:40:e5:5f:e3:0b:02:26:47:5d:4b:50:a6:17:
03:37:59:c0:0e:17:90:4c:01:fb:7f:90:d9:ce:fb:
c4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A4:7A:03:8E:16:97:40:6F:6A:2C:73:E9:2A:15:3D:EE:42:E3:13
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DE1435058E511F097BCCE83DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/20
Signature Algorithm: sha256WithRSAEncryption
76:9c:48:b5:b8:06:99:3e:d2:02:fc:3f:f4:1e:fc:59:fe:8d:
fa:31:8f:5a:95:59:47:81:e4:36:97:38:90:96:36:6d:32:88:
ae:df:21:c8:e4:d3:a3:16:91:33:6b:66:30:ad:3a:ef:73:66:
e9:66:af:2b:68:3f:45:dd:d3:62:af:9b:6a:db:dd:28:0d:b1:
8b:92:38:07:dd:82:33:de:79:c4:dd:e5:ad:3f:04:a8:05:97:
9f:3f:14:c0:e4:38:0f:c6:b3:27:63:dc:84:2a:ec:c5:02:d6:
0f:c5:38:43:92:be:53:03:e6:6e:31:1c:9c:f6:33:8d:2b:88:
d8:0c:bc:4b:60:e3:ef:a3:a0:78:d8:90:9b:ad:a0:10:76:5a:
40:4c:06:10:87:29:f7:04:60:6d:38:27:37:36:c8:d4:2b:4e:
32:a7:af:f2:ed:6d:d5:1f:84:92:7f:1e:c7:25:d3:fb:ea:3f:
c4:90:ff:b1:61:3f:b9:b1:7d:37:08:25:16:f7:f1:5e:39:07:
95:09:83:ca:66:8a:bd:16:9c:6b:76:d4:ad:d5:dc:8d:58:b6:
28:4d:b3:0c:8c:dd:a8:94:0d:14:8b:9e:7e:f0:64:67:06:1a:
ee:28:69:6f:eb:e4:6a:b9:ea:c9:db:18:4a:27:18:52:24:d2:
17:14:b7:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYpmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTQ0MjUzWhcNMjUwODI0MTQ0MjUzWjAYMRYw
FAYDVQQDEw02ODY3ZTg3My04MGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtXQgg39m9bcZWAggcU/L+WE+hJKLJauL520bcTGUoGn3gPkWFi3njZg
8+EcnyBoGQDupEXNBoyPm5yIa09OqJGCQ/0zOc+SqI6iiVnolih8Hqr7C66qduI2
tsDqDY8VcUzNr7ok3zZPCgpV8ukUZtFXY7fpmR7uwXlIiNdegd3x1XYFybV969SH
7P8fgezHuvXALT2QuCaAcd6jLqxaGDn7QlvY4Yt31qFvFCFjhj4XUexwphHkBMXk
ULf7w9i28w+IEQ4u9REHTzEThUc7mYbBFDh9Aswi9vtr5P/gM+OawUDlX+MLAiZH
XUtQphcDN1nADheQTAH7f5DZzvvE2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIek
egOOFpdAb2osc+kqFT3uQuMTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yREUxNDM1MDU4RTUxMUYwOTdCQ0NFODNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQB2nEi1uAaZPtIC/D/0HvxZ/o36MY9alVlHgeQ2lziQljZtMoiu3yHI
5NOjFpEza2YwrTrvc2bpZq8raD9F3dNir5tq290oDbGLkjgH3YIz3nnE3eWtPwSo
BZefPxTA5DgPxrMnY9yEKuzFAtYPxThDkr5TA+ZuMRyc9jONK4jYDLxLYOPvo6B4
2JCbraAQdlpATAYQhyn3BGBtOCc3NsjUK04yp6/y7W3VH4SSfx7HJdP76j/EkP+x
YT+5sX03CCUW9/FeOQeVCYPKZoq9FpxrdtSt1dyNWLYoTbMMjN2olA0Ui55+8GRn
BhruKGlv6+RquerJ2xhKJxhSJNIXFLe9
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:09 2025 by rpki-client