Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/418C5AFA623311F087C916F2DAE4EC9C.roa
File: 418C5AFA623311F087C916F2DAE4EC9C.roa (raw, json)
Hash identifier: 448lr5Q+SDXUnkGf4PwxvUlgkSkbfRYjeFJg4NVa50o=
Subject key identifier: D2:57:0D:78:5E:53:38:9D:EE:13:D9:95:20:2F:16:6D:AE:D7:AE:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/418C5AFA623311F087C916F2DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 10:54:33 +0000
ROA not before: Wed 16 Jul 2025 10:54:29 +0000
ROA not after: Tue 22 Jul 2025 10:54:29 +0000
asID: 399989
IP address blocks: 154.194.16.0/22 maxlen: 24
154.194.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 10:54:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101881 (0x18df9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 16 10:54:29 2025 GMT
Not After : Jul 22 10:54:29 2025 GMT
Subject: CN=687784e9-5fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f1:00:84:33:da:0d:b5:ac:45:3b:01:8b:37:
cb:e4:bf:f3:e8:15:95:4a:c4:f5:f3:08:51:5e:cc:
e8:32:09:04:ab:67:e6:95:89:bb:d4:40:9c:51:f5:
e1:b3:ae:20:6b:d3:ad:82:7d:d1:30:74:78:fb:c2:
c7:ea:ac:e6:95:d4:0f:97:aa:4b:92:57:75:f7:dc:
f1:65:23:57:1a:3b:78:ff:5d:f6:45:46:b4:6e:9b:
33:ef:55:00:9e:4e:07:19:52:8a:d1:69:45:b4:d8:
52:ac:7c:ee:b0:64:fb:d8:a5:a7:86:82:73:49:14:
19:d8:29:d2:01:d8:ce:56:f6:63:82:cd:1b:48:6c:
ad:a7:e1:5a:41:2c:bb:c1:37:08:73:ea:2e:58:e9:
d2:b8:21:e3:2c:a9:26:37:60:5e:c5:d6:7f:b0:05:
cc:6f:9e:68:35:9b:a1:4c:0e:f7:bf:a5:b3:ae:30:
c8:da:ae:4e:a7:2a:85:1f:5c:4f:82:b1:41:e7:e4:
ce:0d:c8:05:26:4c:d8:c5:3d:38:e2:18:1f:7c:a0:
44:89:e8:f2:1c:de:12:67:62:b1:af:ed:0c:ce:c6:
b8:75:4b:58:78:fe:95:7b:50:73:e8:2e:db:14:90:
29:43:1d:b4:cd:f7:a6:33:2c:cb:56:f6:f1:d2:ab:
c3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:57:0D:78:5E:53:38:9D:EE:13:D9:95:20:2F:16:6D:AE:D7:AE:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/418C5AFA623311F087C916F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
154.194.24.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:62:47:bf:4f:a5:77:fd:c0:dd:57:2a:ff:8c:1c:2b:98:e2:
15:d0:ee:dd:27:f9:fc:1c:e9:3a:26:57:85:56:98:14:92:a3:
f0:6a:bf:53:47:41:98:ab:d9:c6:aa:49:26:b5:7d:2f:72:b4:
5f:8c:9c:ac:f0:2e:9a:67:9a:93:cd:2c:8f:da:c1:c8:d1:b2:
d8:c6:b4:83:24:e9:59:bd:c6:71:21:dc:20:df:19:aa:fa:ef:
2a:5b:73:c1:23:ec:cd:57:d6:bd:d8:6b:02:c7:36:31:ec:5e:
89:70:17:9c:e8:6b:a8:e9:99:18:e3:22:64:10:a6:c5:fc:6a:
e4:27:9a:8b:d2:7c:38:30:d7:e2:f7:75:92:c5:80:34:9f:14:
6e:47:a5:46:44:32:0c:af:72:1f:67:05:20:54:77:90:ef:43:
32:5e:d8:76:48:57:7d:a6:b3:44:c8:68:7a:5a:58:3b:a0:61:
b9:8a:81:1b:66:8e:7e:14:8a:93:c3:1b:cf:bf:cd:dd:86:3b:
c4:22:37:a6:7e:a8:68:85:62:d5:08:6e:79:9a:53:29:fc:4a:
7a:c0:9e:9e:4e:92:ff:63:4b:fb:13:19:23:f7:fb:6a:89:37:
09:24:c5:c2:4a:9c:fe:a8:fc:f9:30:13:6f:66:53:c0:91:b9:
a4:39:27:6c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAY35MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE2MTA1NDI5WhcNMjUwNzIyMTA1NDI5WjAYMRYw
FAYDVQQDEw02ODc3ODRlOS01ZmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsPEAhDPaDbWsRTsBizfL5L/z6BWVSsT18whRXszoMgkEq2fmlYm71ECc
UfXhs64ga9Otgn3RMHR4+8LH6qzmldQPl6pLkld199zxZSNXGjt4/132RUa0bpsz
71UAnk4HGVKK0WlFtNhSrHzusGT72KWnhoJzSRQZ2CnSAdjOVvZjgs0bSGytp+Fa
QSy7wTcIc+ouWOnSuCHjLKkmN2BexdZ/sAXMb55oNZuhTA73v6WzrjDI2q5OpyqF
H1xPgrFB5+TODcgFJkzYxT044hgffKBEiejyHN4SZ2Kxr+0Mzsa4dUtYeP6Ve1Bz
6C7bFJApQx20zfemMyzLVvbx0qvD0wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNJX
DXheUzid7hPZlSAvFm2u167bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MThDNUFGQTYyMzMxMUYwODdDOTE2RjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIQAwQCmsIYMA0GCSqG
SIb3DQEBCwUAA4IBAQAsYke/T6V3/cDdVyr/jBwrmOIV0O7dJ/n8HOk6JleFVpgU
kqPwar9TR0GYq9nGqkkmtX0vcrRfjJys8C6aZ5qTzSyP2sHI0bLYxrSDJOlZvcZx
Idwg3xmq+u8qW3PBI+zNV9a92GsCxzYx7F6JcBec6Guo6ZkY4yJkEKbF/GrkJ5qL
0nw4MNfi93WSxYA0nxRuR6VGRDIMr3IfZwUgVHeQ70MyXth2SFd9prNEyGh6Wlg7
oGG5ioEbZo5+FIqTwxvPv83dhjvEIjemfqhohWLVCG55mlMp/Ep6wJ6eTpL/Y0v7
Exkj9/tqiTcJJMXCSpz+qPz5MBNvZlPAkbmkOSds
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:48:58 2025 by rpki-client