Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E4BF7C4617011F0900D637ADAE4EC9C.roa
File: 3E4BF7C4617011F0900D637ADAE4EC9C.roa (raw, json)
Hash identifier: gqwKtGtYy1XX6Hd/W1O7FNkxbZd+1WAHhApkxSM4kP4=
Subject key identifier: 95:62:C6:35:5D:46:38:D1:CC:10:77:49:6A:10:B9:08:7B:97:F6:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DCC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E4BF7C4617011F0900D637ADAE4EC9C.roa
Signing time: Tue 15 Jul 2025 11:38:36 +0000
ROA not before: Tue 15 Jul 2025 11:38:31 +0000
ROA not after: Tue 28 Apr 2026 11:38:31 +0000
asID: 13335
IP address blocks: 154.207.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101836 (0x18dcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 15 11:38:31 2025 GMT
Not After : Apr 28 11:38:31 2026 GMT
Subject: CN=68763dbc-cee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8e:bf:44:f3:49:50:6c:c3:bc:2c:c7:54:af:
88:39:8c:f2:71:28:e6:83:3b:28:85:a4:25:54:61:
7b:c2:74:e4:34:ef:98:c7:ca:0d:b5:d6:f5:bb:87:
29:d4:dd:3a:63:d5:02:19:c9:4b:3f:99:2a:3f:ba:
a2:d6:b0:79:57:00:da:da:bd:cf:f7:23:e2:c1:46:
e3:d6:22:ca:0b:4f:1f:0e:66:5e:45:fe:44:b5:0d:
dd:43:56:82:4e:08:87:b5:ba:35:18:8e:79:4a:f6:
a9:19:83:ec:63:dd:04:f9:c2:6f:be:2c:d4:85:cb:
21:5a:bc:d4:41:25:53:3f:39:19:1f:96:68:f0:3f:
b5:39:e3:55:5e:ee:cb:f7:e2:f0:83:d5:a7:85:f3:
42:54:77:bb:c6:4e:c7:1d:41:16:f6:90:24:b8:3f:
ef:f8:81:8a:ed:4c:01:fd:72:e0:0b:13:a5:b3:83:
80:79:e1:5f:3b:26:40:da:2c:29:7c:09:9a:84:05:
fe:e4:b2:5e:c6:11:47:e8:9d:f9:41:2e:d5:1c:64:
91:2a:29:40:71:8f:a1:82:99:e0:e1:e3:7a:bf:41:
36:7c:37:2b:96:25:6f:65:71:9f:4a:6e:7c:2c:a5:
f8:a1:7e:96:1c:2b:53:76:cc:f0:ce:22:db:08:f5:
b2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:62:C6:35:5D:46:38:D1:CC:10:77:49:6A:10:B9:08:7B:97:F6:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E4BF7C4617011F0900D637ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.79.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2d:40:52:b2:3c:41:de:e4:cf:8b:a7:20:3b:8c:d3:0b:35:
f8:89:4c:cb:6b:c8:a2:2a:4a:f8:a5:6f:1c:38:c0:3f:e5:3b:
1c:9f:69:da:9b:5e:e9:68:45:87:59:ba:5c:77:70:b0:e0:41:
42:bb:16:c5:e2:a4:43:04:f8:37:73:cc:8c:63:c4:25:a9:74:
0f:bf:fb:74:45:3e:5a:0c:7e:7a:fc:7a:1e:36:4b:4d:cb:ec:
62:39:ea:4f:d7:12:47:48:25:3a:90:25:31:8c:de:4a:ad:c0:
73:0f:35:c5:f8:f3:31:26:2d:4b:b9:b9:9b:a5:03:52:4e:e7:
d4:08:ca:0f:8a:6c:df:a8:38:41:0f:8b:74:df:c1:9b:08:61:
fa:2b:7b:cc:9a:b0:ac:f0:bf:bb:0a:04:9a:66:fe:a8:ee:a5:
4e:43:dc:2d:d4:57:8d:f0:e1:e4:b7:ee:1a:3d:69:0a:b3:e8:
b1:44:d8:ab:4d:e9:80:98:75:b0:fb:b7:fb:7b:74:77:d7:da:
94:b4:a0:4b:d9:2d:61:69:8a:19:91:cc:28:9a:5d:7f:fb:6d:
3d:ce:a2:4a:b4:9f:df:a2:8c:c5:e1:17:f5:a1:c4:53:6a:20:
14:d0:31:a6:86:26:39:da:8e:f4:56:62:77:ca:63:76:b6:41:
a7:8a:4d:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY3MMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE1MTEzODMxWhcNMjYwNDI4MTEzODMxWjAYMRYw
FAYDVQQDEw02ODc2M2RiYy1jZWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtY6/RPNJUGzDvCzHVK+IOYzycSjmgzsohaQlVGF7wnTkNO+Yx8oNtdb1
u4cp1N06Y9UCGclLP5kqP7qi1rB5VwDa2r3P9yPiwUbj1iLKC08fDmZeRf5EtQ3d
Q1aCTgiHtbo1GI55SvapGYPsY90E+cJvvizUhcshWrzUQSVTPzkZH5Zo8D+1OeNV
Xu7L9+Lwg9WnhfNCVHe7xk7HHUEW9pAkuD/v+IGK7UwB/XLgCxOls4OAeeFfOyZA
2iwpfAmahAX+5LJexhFH6J35QS7VHGSRKilAcY+hgpng4eN6v0E2fDcrliVvZXGf
Sm58LKX4oX6WHCtTdszwziLbCPWy9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJVi
xjVdRjjRzBB3SWoQuQh7l/ZGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTRCRjdDNDYxNzAxMUYwOTAwRDYzN0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms9PMA0GCSqGSIb3DQEB
CwUAA4IBAQAdLUBSsjxB3uTPi6cgO4zTCzX4iUzLa8iiKkr4pW8cOMA/5Tscn2na
m17paEWHWbpcd3Cw4EFCuxbF4qRDBPg3c8yMY8QlqXQPv/t0RT5aDH56/HoeNktN
y+xiOepP1xJHSCU6kCUxjN5KrcBzDzXF+PMxJi1LubmbpQNSTufUCMoPimzfqDhB
D4t038GbCGH6K3vMmrCs8L+7CgSaZv6o7qVOQ9wt1FeN8OHkt+4aPWkKs+ixRNir
TemAmHWw+7f7e3R319qUtKBL2S1haYoZkcwoml1/+209zqJKtJ/foozF4Rf1ocRT
aiAU0DGmhiY52o70VmJ3ymN2tkGnik08
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:56:43 2025 by rpki-client