Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A88204622811F0B2DF49ABDAE4EC9C.roa
File: 36A88204622811F0B2DF49ABDAE4EC9C.roa (raw, json)
Hash identifier: ooi+2yuBCrmLkdwZyQNh3GByWg5N80ep04vqhfyKRCI=
Subject key identifier: 00:D0:30:A8:7C:BB:37:A2:4A:96:07:8D:8E:32:EC:45:99:5E:3C:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DEF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A88204622811F0B2DF49ABDAE4EC9C.roa
Signing time: Wed 16 Jul 2025 09:35:31 +0000
ROA not before: Wed 16 Jul 2025 09:35:26 +0000
ROA not after: Sat 23 Aug 2025 09:35:26 +0000
asID: 133180
IP address blocks: 154.83.4.0/24 maxlen: 24
154.94.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101871 (0x18def)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 16 09:35:26 2025 GMT
Not After : Aug 23 09:35:26 2025 GMT
Subject: CN=68777263-c65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:8a:9a:2f:a1:0b:ba:78:77:30:b2:fe:09:
74:05:76:69:8b:4e:f5:2e:8e:63:92:0b:cd:c3:ba:
68:25:7f:e2:b3:a6:6f:92:a6:ab:52:5c:f0:3e:da:
19:a9:9b:02:37:2a:6a:86:22:45:46:5b:3f:da:89:
35:cc:d1:d9:d6:9f:66:47:84:3b:12:ea:ca:71:dd:
7e:fb:28:24:95:55:fd:68:ed:42:02:ee:75:69:95:
fb:96:57:c7:bb:59:7e:2d:26:8a:60:d0:f9:9a:c1:
e4:ae:ef:f9:4c:e8:71:66:98:38:d3:07:70:56:0a:
45:ae:67:09:b8:0d:8f:71:0b:5d:cf:a1:5b:84:99:
ac:62:91:1b:02:ce:0f:a4:e8:84:21:36:38:0c:3c:
cb:8a:3f:c6:83:38:3f:4c:fa:ee:74:38:f8:50:1d:
4e:fd:65:cd:ad:63:ea:8c:52:8a:4f:aa:3c:7d:69:
8b:5d:5f:ed:b4:36:43:e5:29:26:90:25:e2:53:87:
19:cb:4e:f4:42:2d:ed:65:1b:e6:b4:e8:63:20:26:
43:25:ca:a0:a2:66:f3:df:19:ca:02:3b:ab:8b:15:
9e:e6:bf:3a:14:3b:ac:b0:40:dd:99:d8:7f:ac:e3:
af:a8:65:9c:83:6c:00:6e:57:ab:4f:6d:41:92:7d:
7b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D0:30:A8:7C:BB:37:A2:4A:96:07:8D:8E:32:EC:45:99:5E:3C:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A88204622811F0B2DF49ABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.4.0/24
154.94.16.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:d4:27:a7:38:c8:29:a6:41:5f:cb:2c:3a:95:f2:59:46:d8:
4d:75:56:2d:d5:85:02:c4:a5:a5:78:69:9a:06:fe:5e:71:2a:
a7:7d:d6:ff:4d:03:36:74:76:37:8f:92:ff:1a:f0:1a:e6:a9:
b8:fb:00:07:9b:76:3d:ec:0d:10:95:24:ce:ba:fd:8e:d4:2c:
69:3e:23:cd:2c:aa:24:8b:41:88:39:21:65:e7:d0:41:21:ad:
0b:42:c8:f1:a0:1c:7e:72:69:e3:ac:a1:8e:2b:a6:48:5d:eb:
9f:6f:6e:32:de:0c:26:14:91:43:72:71:ea:48:ee:d7:f0:b5:
19:6a:fe:46:8f:62:0d:45:aa:6c:53:c3:86:8c:0c:fc:bf:6a:
40:ea:34:1a:9c:ca:92:8a:7c:bc:42:a5:43:1f:55:19:0a:ac:
9a:43:04:96:ae:0b:e5:80:53:f0:c7:90:42:0a:81:17:42:aa:
8e:fc:20:78:25:ab:d8:ed:cc:af:ef:28:f2:3b:c4:54:44:1d:
ab:b7:86:9f:60:51:b8:cc:6a:92:1f:bc:b8:cf:d0:6d:ad:ad:
99:8d:fc:07:87:79:b3:48:e1:ee:c0:bb:c7:2b:e4:94:f5:da:
59:00:0e:04:68:10:f9:2b:e4:3d:ef:38:2b:82:53:12:03:c8:
37:b0:dc:6d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAY3vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE2MDkzNTI2WhcNMjUwODIzMDkzNTI2WjAYMRYw
FAYDVQQDEw02ODc3NzI2My1jNjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuGuKmi+hC7p4dzCy/gl0BXZpi071Lo5jkgvNw7poJX/is6ZvkqarUlzw
PtoZqZsCNypqhiJFRls/2ok1zNHZ1p9mR4Q7EurKcd1++ygklVX9aO1CAu51aZX7
llfHu1l+LSaKYND5msHkru/5TOhxZpg40wdwVgpFrmcJuA2PcQtdz6FbhJmsYpEb
As4PpOiEITY4DDzLij/Ggzg/TPrudDj4UB1O/WXNrWPqjFKKT6o8fWmLXV/ttDZD
5SkmkCXiU4cZy070Qi3tZRvmtOhjICZDJcqgombz3xnKAjurixWe5r86FDussEDd
mdh/rOOvqGWcg2wAblerT21Bkn17aQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFADQ
MKh8uzeiSpYHjY4y7EWZXjwDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkE4ODIwNDYyMjgxMUYwQjJERjQ5QUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlMEAwQCml4QMA0GCSqG
SIb3DQEBCwUAA4IBAQCk1CenOMgppkFfyyw6lfJZRthNdVYt1YUCxKWleGmaBv5e
cSqnfdb/TQM2dHY3j5L/GvAa5qm4+wAHm3Y97A0QlSTOuv2O1CxpPiPNLKoki0GI
OSFl59BBIa0LQsjxoBx+cmnjrKGOK6ZIXeufb24y3gwmFJFDcnHqSO7X8LUZav5G
j2INRapsU8OGjAz8v2pA6jQanMqSiny8QqVDH1UZCqyaQwSWrgvlgFPwx5BCCoEX
QqqO/CB4JavY7cyv7yjyO8RURB2rt4afYFG4zGqSH7y4z9Btra2ZjfwHh3mzSOHu
wLvHK+SU9dpZAA4EaBD5K+Q97zgrglMSA8g3sNxt
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:04:06 2025 by rpki-client