Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33E475C662FC11F08C3EA49BDAE4EC9C.roa
File: 33E475C662FC11F08C3EA49BDAE4EC9C.roa (raw, json)
Hash identifier: lxxn4MZyUwSro03IcTxOJn4/t4+CXiLm306+8Vbklcc=
Subject key identifier: 1E:BD:52:BA:31:C3:2C:32:D9:E8:1D:52:0F:40:4F:17:3D:AA:75:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33E475C662FC11F08C3EA49BDAE4EC9C.roa
Signing time: Thu 17 Jul 2025 10:52:59 +0000
ROA not before: Thu 17 Jul 2025 10:52:55 +0000
ROA not after: Sat 16 Aug 2025 10:52:55 +0000
asID: 20473
IP address blocks: 154.81.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101916 (0x18e1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 10:52:55 2025 GMT
Not After : Aug 16 10:52:55 2025 GMT
Subject: CN=6878d60b-9e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b4:e1:d2:39:8d:d6:6d:79:17:7b:b8:8d:eb:
b2:c7:99:a0:bf:65:21:d9:a0:5a:a1:63:ba:25:68:
95:78:1b:19:e2:4e:96:ad:f4:e5:4f:e6:ae:8f:37:
d5:2a:37:cd:54:f5:93:67:76:cd:1f:8b:c6:f2:55:
ab:6d:54:cb:28:33:5e:6e:9a:78:45:43:c1:1f:17:
67:a9:03:85:84:55:03:b6:cb:de:3f:cd:9e:5b:a7:
fd:db:57:0e:59:bc:b9:fc:b1:94:d9:53:13:c8:cf:
5b:d6:06:06:8e:67:65:eb:8a:cc:64:ac:da:6a:46:
be:83:85:ad:16:2f:f5:c2:d2:33:89:1d:77:c1:21:
55:39:51:17:1b:32:6d:44:a3:c6:7b:de:8f:88:21:
58:a4:b8:66:67:6f:aa:00:c4:bd:47:03:35:19:24:
f6:2b:c6:e8:19:37:98:55:31:76:84:0a:0a:e2:0f:
70:68:14:9d:9e:bd:b9:d5:ab:51:81:98:6e:b9:cb:
db:ba:0f:fe:15:af:25:90:78:f0:7b:2e:2c:41:e9:
eb:01:61:45:d9:43:62:2b:44:85:73:b2:73:e5:83:
8d:41:ee:12:bf:f4:55:64:4f:96:36:d4:46:96:75:
5a:80:85:fe:00:60:bb:54:6d:25:18:34:69:76:73:
93:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BD:52:BA:31:C3:2C:32:D9:E8:1D:52:0F:40:4F:17:3D:AA:75:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33E475C662FC11F08C3EA49BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.156.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f8:f9:f1:82:ef:a7:c8:81:c8:a6:1f:1b:22:32:74:06:12:
af:ac:b1:14:92:d0:23:1e:07:f1:28:0d:69:79:b3:26:b7:5f:
64:c3:ec:e5:a9:27:36:8a:8c:06:eb:b4:90:c9:c2:ad:f1:90:
cf:02:8e:93:58:64:79:d3:93:6a:e2:86:1c:14:ab:5b:49:29:
69:04:4f:d9:23:4b:1c:cc:67:4a:c9:b4:1a:2c:ea:c2:37:6b:
bd:8f:11:48:f3:95:ae:3b:bc:fe:4a:04:af:ee:bc:8d:6f:e1:
5a:22:9a:00:76:95:88:ee:66:e5:2e:36:8a:e7:18:09:04:c2:
7b:17:b7:2d:30:72:e5:4c:a1:07:be:e1:19:34:e7:33:7f:88:
8f:94:91:e6:be:7d:df:54:2b:29:1b:a8:14:b2:87:b8:de:a7:
35:d1:5b:89:0d:ac:4b:79:e6:58:b1:54:ba:bf:51:d6:8b:ee:
73:18:e5:02:73:1b:e0:59:f5:09:3d:b7:0e:a5:95:2a:8a:79:
f9:d3:9f:19:77:58:ae:b2:e8:69:a0:29:ce:a8:ce:54:41:5f:
b4:dc:7d:8f:e1:65:e5:3b:05:58:58:ea:c4:16:d7:b5:b4:13:
49:a1:18:ef:93:71:bc:8c:6f:b2:c4:1b:b1:de:c5:77:af:c3:
79:df:4c:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY4cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTA1MjU1WhcNMjUwODE2MTA1MjU1WjAYMRYw
FAYDVQQDEw02ODc4ZDYwYi05ZTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxrTh0jmN1m15F3u4jeuyx5mgv2Uh2aBaoWO6JWiVeBsZ4k6WrfTlT+au
jzfVKjfNVPWTZ3bNH4vG8lWrbVTLKDNebpp4RUPBHxdnqQOFhFUDtsveP82eW6f9
21cOWby5/LGU2VMTyM9b1gYGjmdl64rMZKzaaka+g4WtFi/1wtIziR13wSFVOVEX
GzJtRKPGe96PiCFYpLhmZ2+qAMS9RwM1GST2K8boGTeYVTF2hAoK4g9waBSdnr25
1atRgZhuucvbug/+Fa8lkHjwey4sQenrAWFF2UNiK0SFc7Jz5YONQe4Sv/RVZE+W
NtRGlnVagIX+AGC7VG0lGDRpdnOTRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB69
Uroxwywy2egdUg9ATxc9qnW8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0U0NzVDNjYyRkMxMUYwOEMzRUE0OUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGcMA0GCSqGSIb3DQEB
CwUAA4IBAQBR+Pnxgu+nyIHIph8bIjJ0BhKvrLEUktAjHgfxKA1pebMmt19kw+zl
qSc2iowG67SQycKt8ZDPAo6TWGR505Nq4oYcFKtbSSlpBE/ZI0sczGdKybQaLOrC
N2u9jxFI85WuO7z+SgSv7ryNb+FaIpoAdpWI7mblLjaK5xgJBMJ7F7ctMHLlTKEH
vuEZNOczf4iPlJHmvn3fVCspG6gUsoe43qc10VuJDaxLeeZYsVS6v1HWi+5zGOUC
cxvgWfUJPbcOpZUqinn5058Zd1iusuhpoCnOqM5UQV+03H2P4WXlOwVYWOrEFte1
tBNJoRjvk3G8jG+yxBux3sV3r8N530xb
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:15 2025 by rpki-client