Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34F47EA85A8111F0B83C777ADAE4EC9C.roa
File: 34F47EA85A8111F0B83C777ADAE4EC9C.roa (raw, json)
Hash identifier: 8krHSTGa5/q8OhBJBoZztSZ3cKla0K4+tPqI92eYg8A=
Subject key identifier: B1:59:4F:8C:AA:C5:24:2E:08:E0:B0:8F:22:71:53:C3:B6:56:51:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018B90
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34F47EA85A8111F0B83C777ADAE4EC9C.roa
Signing time: Sun 06 Jul 2025 15:52:24 +0000
ROA not before: Sun 06 Jul 2025 15:52:19 +0000
ROA not after: Mon 11 Aug 2025 15:52:19 +0000
asID: 214143
IP address blocks: 154.81.132.0/22 maxlen: 24
154.81.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101264 (0x18b90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 15:52:19 2025 GMT
Not After : Aug 11 15:52:19 2025 GMT
Subject: CN=686a9bb8-402c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:20:cb:03:7a:71:ac:18:7f:52:08:2c:04:
5f:8f:e7:df:4c:ec:9c:47:42:28:f1:d8:03:bb:2c:
9d:c1:45:38:d6:39:df:5c:54:18:d5:d0:61:dc:6c:
3d:a5:c8:8f:39:69:d5:5f:6f:88:ac:ba:21:fc:8a:
2f:c3:7c:c0:54:e1:ba:16:d2:a7:1f:6b:4d:f6:7a:
f0:f1:01:82:e3:c8:f2:27:9c:62:de:5b:61:0a:57:
29:69:4f:9f:28:9e:e9:ab:5c:15:e8:b3:c8:0e:df:
a8:4b:5a:d2:83:dd:d8:cd:76:d2:1c:f9:da:96:55:
37:d4:db:ec:0f:d3:55:75:dd:57:73:db:d4:ae:30:
cd:9c:41:78:0a:88:f8:30:61:8b:8f:47:8f:04:ba:
0c:a9:4d:0e:2b:82:76:19:02:1a:58:34:fb:b3:f3:
04:97:55:67:97:98:fc:b9:07:38:2a:ce:d2:29:b4:
3d:ce:5d:7b:6c:1f:b9:52:d6:38:e2:ee:ae:5d:7b:
e5:ad:62:f2:87:9d:eb:4f:4d:0d:22:ce:b6:11:b8:
75:1c:ef:ab:29:4f:e7:aa:51:94:ed:23:16:34:06:
4c:f5:3c:00:c9:b7:0c:f0:61:94:6d:68:93:76:9a:
a2:75:29:22:d3:5a:3c:4b:4d:cd:2e:99:49:31:cd:
e8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:59:4F:8C:AA:C5:24:2E:08:E0:B0:8F:22:71:53:C3:B6:56:51:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34F47EA85A8111F0B83C777ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.132.0/22
154.81.138.0/23
Signature Algorithm: sha256WithRSAEncryption
85:80:5b:43:67:83:8a:f5:05:d9:68:26:3b:2f:c8:61:b0:35:
f2:22:96:06:9e:a1:32:06:6c:d7:52:c5:fa:3a:0c:7b:d0:99:
38:10:6c:59:c2:0b:c1:4d:29:e8:6a:2a:f0:c8:fd:61:13:c7:
83:2f:24:8a:7d:07:1f:b5:77:d5:b2:82:4d:7b:b3:be:82:0b:
f4:3d:08:ad:ad:2c:d0:89:6d:7c:f7:5c:71:cf:e6:7e:7f:57:
62:af:1c:fc:f3:d1:b5:4b:69:dd:b1:ef:46:52:82:be:f9:2e:
c7:12:89:15:46:f8:57:e6:48:c8:fa:de:4b:a4:ba:2f:21:51:
0d:7d:45:b6:3c:1b:ce:6f:10:69:48:79:50:11:1a:67:55:ae:
ff:84:3f:a8:47:ee:d3:b8:50:ee:88:c1:fe:17:ed:95:c7:bd:
f5:b7:e6:79:7f:89:ea:71:a4:4a:ef:3d:fa:1d:96:bb:2b:92:
4e:58:02:07:9f:4f:50:a9:a1:e3:27:e1:1c:ca:07:cb:76:43:
9d:ba:99:b3:1d:03:92:5a:02:e8:43:7e:1d:74:ed:2a:fd:a6:
13:27:20:f6:85:83:45:f0:df:9c:af:45:2c:da:de:86:8e:36:
28:f1:2a:b7:3e:4c:0f:2a:31:d2:c0:18:05:af:82:bd:73:e2:
2f:3f:79:99
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYuQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MTU1MjE5WhcNMjUwODExMTU1MjE5WjAYMRYw
FAYDVQQDEw02ODZhOWJiOC00MDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtfogywN6cawYf1IILARfj+ffTOycR0Io8dgDuyydwUU41jnfXFQY1dBh
3Gw9pciPOWnVX2+IrLoh/Iovw3zAVOG6FtKnH2tN9nrw8QGC48jyJ5xi3lthClcp
aU+fKJ7pq1wV6LPIDt+oS1rSg93YzXbSHPnallU31NvsD9NVdd1Xc9vUrjDNnEF4
Coj4MGGLj0ePBLoMqU0OK4J2GQIaWDT7s/MEl1Vnl5j8uQc4Ks7SKbQ9zl17bB+5
UtY44u6uXXvlrWLyh53rT00NIs62Ebh1HO+rKU/nqlGU7SMWNAZM9TwAybcM8GGU
bWiTdpqidSki01o8S03NLplJMc3oIwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLFZ
T4yqxSQuCOCwjyJxU8O2VlEYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNEY0N0VBODVBODExMUYwQjgzQzc3N0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlGEAwQBmlGKMA0GCSqG
SIb3DQEBCwUAA4IBAQCFgFtDZ4OK9QXZaCY7L8hhsDXyIpYGnqEyBmzXUsX6Ogx7
0Jk4EGxZwgvBTSnoairwyP1hE8eDLySKfQcftXfVsoJNe7O+ggv0PQitrSzQiW18
91xxz+Z+f1dirxz889G1S2ndse9GUoK++S7HEokVRvhX5kjI+t5LpLovIVENfUW2
PBvObxBpSHlQERpnVa7/hD+oR+7TuFDuiMH+F+2Vx731t+Z5f4nqcaRK7z36HZa7
K5JOWAIHn09QqaHjJ+EcygfLdkOdupmzHQOSWgLoQ34ddO0q/aYTJyD2hYNF8N+c
r0Us2t6GjjYo8Sq3PkwPKjHSwBgFr4K9c+IvP3mZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:22 2025 by rpki-client