Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC346C85AAA11F0BB150E82DAE4EC9C.roa
File: 3BC346C85AAA11F0BB150E82DAE4EC9C.roa (raw, json)
Hash identifier: Osb06WS18iuGDQmtjOjJGUhk8BwUhvCbjrVnv4BVF6M=
Subject key identifier: 15:D6:98:61:FB:48:99:CE:32:15:0E:7B:73:4C:D8:66:2D:40:74:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BBE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC346C85AAA11F0BB150E82DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 20:46:05 +0000
ROA not before: Sun 06 Jul 2025 20:45:59 +0000
ROA not after: Sun 24 Aug 2025 20:45:59 +0000
asID: 58931
IP address blocks: 154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101310 (0x18bbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 20:45:59 2025 GMT
Not After : Aug 24 20:45:59 2025 GMT
Subject: CN=686ae08c-2f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:df:22:48:c7:9c:6e:0f:ee:d0:35:d6:c1:a2:
12:43:51:1f:ae:8b:b8:f9:cb:05:fc:7d:de:98:bd:
a5:ac:d4:c4:6b:8a:2f:69:a6:98:59:d3:fd:02:db:
6a:75:a7:70:20:fb:c7:29:03:31:4f:08:39:c9:db:
fe:98:4d:92:d2:12:4f:fa:88:7b:f1:5f:49:14:66:
29:e9:b5:95:f2:98:86:72:92:95:1b:da:22:17:57:
d2:97:ba:83:48:6d:86:77:10:70:33:8e:89:b1:34:
8c:3c:11:31:e1:01:4d:14:d2:20:bc:1f:15:c1:32:
35:5c:7a:bf:c7:6f:83:a6:30:17:68:4c:53:d0:63:
7d:7b:c5:a1:af:88:67:76:61:c9:d5:2e:ab:28:45:
9d:a5:07:3a:55:04:8c:9b:50:bc:c9:b9:55:2b:7c:
fb:3c:67:9e:69:70:4d:df:cb:02:4b:d6:40:af:d0:
c2:b2:f5:1c:f8:d3:35:8a:6a:a0:9e:2b:39:b5:54:
5d:3a:53:f0:2f:23:4d:d1:9f:d2:34:6d:f0:50:85:
4d:3e:7c:b7:d1:2b:23:55:65:39:96:bf:39:e9:3f:
45:35:06:f7:e0:26:2d:3b:a0:00:55:72:67:af:fc:
2a:5a:d2:b0:8b:02:37:5f:2f:25:4e:2d:66:2a:db:
5a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:D6:98:61:FB:48:99:CE:32:15:0E:7B:73:4C:D8:66:2D:40:74:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC346C85AAA11F0BB150E82DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
84:a7:ce:de:71:01:f7:91:29:14:25:7f:09:05:eb:60:dc:55:
6f:be:13:a1:e0:a9:32:16:46:17:3d:85:1a:32:0f:2e:fa:a9:
89:95:01:c9:3f:f7:c2:43:40:38:92:d7:87:98:c0:82:97:87:
38:cc:73:59:d6:e8:3c:a5:d4:dc:a9:d9:a7:28:c1:8f:54:02:
6f:c4:e0:75:56:04:c9:7c:19:3a:68:13:15:04:46:ae:c1:da:
b0:31:8e:c2:bc:96:e8:3a:49:37:ad:d5:02:05:a0:94:eb:e7:
57:2d:3d:cb:64:f9:54:b0:13:d7:7a:93:6d:89:9e:00:4d:9c:
ce:3b:33:5e:97:0b:34:28:3f:05:1f:61:a7:40:55:04:85:26:
9c:6c:ef:de:3c:53:2d:e6:e1:60:5f:7c:30:5d:59:69:ed:e2:
9e:48:34:25:68:69:f8:d2:62:a8:b2:2a:ee:1b:05:92:c4:1a:
34:6e:13:5c:ed:44:68:25:0a:5d:5f:3c:e5:ac:0a:d9:e2:1a:
b5:fd:49:3c:00:af:2e:42:6b:59:da:5a:c5:56:c2:24:78:7e:
7c:9b:8a:08:bf:1a:18:fc:66:7d:a0:9a:9e:6d:92:bf:63:79:
04:14:23:ef:db:ac:32:b7:4d:dd:27:0c:14:1c:68:a5:07:6e:
56:b4:96:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYu+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MjA0NTU5WhcNMjUwODI0MjA0NTU5WjAYMRYw
FAYDVQQDEw02ODZhZTA4Yy0yZjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzN8iSMecbg/u0DXWwaISQ1Efrou4+csF/H3emL2lrNTEa4ovaaaYWdP9
AttqdadwIPvHKQMxTwg5ydv+mE2S0hJP+oh78V9JFGYp6bWV8piGcpKVG9oiF1fS
l7qDSG2GdxBwM46JsTSMPBEx4QFNFNIgvB8VwTI1XHq/x2+DpjAXaExT0GN9e8Wh
r4hndmHJ1S6rKEWdpQc6VQSMm1C8yblVK3z7PGeeaXBN38sCS9ZAr9DCsvUc+NM1
imqgnis5tVRdOlPwLyNN0Z/SNG3wUIVNPny30SsjVWU5lr856T9FNQb34CYtO6AA
VXJnr/wqWtKwiwI3Xy8lTi1mKttaJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBXW
mGH7SJnOMhUOe3NM2GYtQHSfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkMzNDZDODVBQUExMUYwQkIxNTBFODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8YMA0GCSqGSIb3DQEB
CwUAA4IBAQCEp87ecQH3kSkUJX8JBetg3FVvvhOh4KkyFkYXPYUaMg8u+qmJlQHJ
P/fCQ0A4kteHmMCCl4c4zHNZ1ug8pdTcqdmnKMGPVAJvxOB1VgTJfBk6aBMVBEau
wdqwMY7CvJboOkk3rdUCBaCU6+dXLT3LZPlUsBPXepNtiZ4ATZzOOzNelws0KD8F
H2GnQFUEhSacbO/ePFMt5uFgX3wwXVlp7eKeSDQlaGn40mKosiruGwWSxBo0bhNc
7URoJQpdXzzlrArZ4hq1/Uk8AK8uQmtZ2lrFVsIkeH58m4oIvxoY/GZ9oJqebZK/
Y3kEFCPv26wyt03dJwwUHGilB25WtJba
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:20 2025 by rpki-client