Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/320325B45CE811F0910D96A4DAE4EC9C.roa
File: 320325B45CE811F0910D96A4DAE4EC9C.roa (raw, json)
Hash identifier: Fg6XPRzwQjDTmzZbCPozKaq7drugpzg26TtJ4uRyeaM=
Subject key identifier: E0:A1:F6:9A:8C:30:CD:CA:AB:E5:B5:1F:7E:F0:AA:C6:57:A4:94:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CF2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/320325B45CE811F0910D96A4DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 17:14:39 +0000
ROA not before: Wed 09 Jul 2025 17:14:34 +0000
ROA not after: Sun 17 Aug 2025 17:14:34 +0000
asID: 203020
IP address blocks: 154.203.44.0/22 maxlen: 24
154.203.48.0/23 maxlen: 24
154.204.96.0/19 maxlen: 24
154.220.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101618 (0x18cf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 17:14:34 2025 GMT
Not After : Aug 17 17:14:34 2025 GMT
Subject: CN=686ea37f-e029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:a2:c7:13:b2:92:15:c2:a2:52:48:c4:58:
22:33:3f:72:f5:9b:0c:08:14:8a:0d:e5:f9:bf:c1:
fd:45:c2:1a:6c:ab:31:07:12:4b:88:d0:43:41:07:
44:09:4b:48:c5:4f:b3:38:07:11:73:58:b3:bf:80:
f1:5b:17:5b:ad:c4:bd:b2:d6:ea:22:b3:3b:51:e4:
22:87:77:ee:75:16:87:b2:66:59:de:59:5d:eb:74:
73:7a:d8:ac:78:a4:21:e6:92:8d:8e:5b:dd:6b:7a:
19:cd:7b:d7:d6:13:25:9a:db:ea:0c:74:6d:56:25:
35:2d:ef:06:c6:1a:17:eb:45:d6:05:bb:6c:20:34:
17:8d:95:2e:82:bf:72:ba:f9:13:70:d6:5a:88:9a:
4d:01:ff:4d:4e:fe:7a:b3:bc:47:70:b9:50:b3:d5:
de:f1:8e:f9:d2:8b:26:c7:63:d3:40:6a:e7:a7:8e:
01:e0:05:a4:1f:85:a6:29:7c:66:49:5f:7b:10:6e:
0a:8d:82:6c:6c:43:6a:98:75:30:b3:d6:ec:14:68:
62:c4:41:15:64:30:25:20:08:8d:6d:ae:14:0f:60:
b8:cf:44:3e:72:7f:d6:42:86:d8:19:b2:1b:5b:a9:
71:2b:48:db:7d:5c:57:d7:ef:8a:f9:77:0e:57:87:
f0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A1:F6:9A:8C:30:CD:CA:AB:E5:B5:1F:7E:F0:AA:C6:57:A4:94:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/320325B45CE811F0910D96A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.44.0-154.203.49.255
154.204.96.0/19
154.220.128.0/18
Signature Algorithm: sha256WithRSAEncryption
85:8e:a0:3a:4c:6a:9d:ee:d5:39:2d:36:59:c0:ce:4a:89:9b:
30:17:0e:bc:5d:6a:02:28:6c:bc:65:45:78:b4:65:da:a9:ea:
e2:f7:69:13:6a:08:64:7a:af:34:9f:60:ac:99:96:9b:f5:ef:
8f:14:d4:79:37:cb:cb:16:d7:87:e6:ad:40:e4:e1:03:9c:5f:
7b:b0:5d:e8:95:9d:59:11:b8:af:8c:f5:3b:1e:2a:35:9f:c2:
04:4b:9c:4a:2b:87:3f:09:ac:22:0e:e8:e4:31:32:cf:af:fd:
d7:0c:84:67:2c:a8:32:8d:15:53:0c:e1:6a:14:cb:9e:fd:97:
88:98:1e:d8:e3:d2:d0:a9:af:ae:a5:f3:fa:fe:d6:11:56:b3:
fb:90:df:9c:89:68:02:be:a4:e8:b3:1f:cf:d5:ed:f3:3c:5d:
e8:16:96:75:80:17:bf:e4:e7:3c:b2:7c:8c:79:ad:e5:cf:de:
b9:e1:83:b1:32:d3:3c:8a:de:7d:74:04:38:d9:62:d7:31:d5:
88:c7:e7:45:0c:9b:db:ac:e7:a4:1b:20:40:f9:6f:be:e8:2a:
94:de:ab:54:01:92:ea:8e:b9:29:7c:6b:e9:9f:c6:79:3d:e0:
32:fe:9f:47:4b:0d:7f:bb:82:bd:3b:58:81:40:99:7d:d8:38:
1e:fe:24:4d
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYzyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTcxNDM0WhcNMjUwODE3MTcxNDM0WjAYMRYw
FAYDVQQDEw02ODZlYTM3Zi1lMDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAttyixxOykhXColJIxFgiMz9y9ZsMCBSKDeX5v8H9RcIabKsxBxJLiNBD
QQdECUtIxU+zOAcRc1izv4DxWxdbrcS9stbqIrM7UeQih3fudRaHsmZZ3lld63Rz
etiseKQh5pKNjlvda3oZzXvX1hMlmtvqDHRtViU1Le8GxhoX60XWBbtsIDQXjZUu
gr9yuvkTcNZaiJpNAf9NTv56s7xHcLlQs9Xe8Y750osmx2PTQGrnp44B4AWkH4Wm
KXxmSV97EG4KjYJsbENqmHUws9bsFGhixEEVZDAlIAiNba4UD2C4z0Q+cn/WQobY
GbIbW6lxK0jbfVxX1++K+XcOV4fwtwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFOCh
9pqMMM3Kq+W1H37wqsZXpJRFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjAzMjVCNDVDRTgxMUYwOTEwRDk2QTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKayywDBAGayzADBAWa
zGADBAaa3IAwDQYJKoZIhvcNAQELBQADggEBAIWOoDpMap3u1TktNlnAzkqJmzAX
DrxdagIobLxlRXi0Zdqp6uL3aRNqCGR6rzSfYKyZlpv1748U1Hk3y8sW14fmrUDk
4QOcX3uwXeiVnVkRuK+M9TseKjWfwgRLnEorhz8JrCIO6OQxMs+v/dcMhGcsqDKN
FVMM4WoUy579l4iYHtjj0tCpr66l8/r+1hFWs/uQ35yJaAK+pOizH8/V7fM8XegW
lnWAF7/k5zyyfIx5reXP3rnhg7Ey0zyK3n10BDjZYtcx1YjH50UMm9us56QbIED5
b77oKpTeq1QBkuqOuSl8a+mfxnk94DL+n0dLDX+7gr07WIFAmX3YOB7+JE0=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:32:49 2025 by rpki-client