Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41F9A636591511F08E33D3B6DAE4EC9C.roa
File: 41F9A636591511F08E33D3B6DAE4EC9C.roa (raw, json)
Hash identifier: 8fFYirW8m7Nx6VkDlXqhFguFiNT8aWQTmQyFuytEvCE=
Subject key identifier: 2B:5F:4F:68:41:95:60:D1:E8:DA:84:8D:59:35:CD:2E:A6:85:DD:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AB2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41F9A636591511F08E33D3B6DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 20:27:09 +0000
ROA not before: Fri 04 Jul 2025 20:27:03 +0000
ROA not after: Fri 17 Jul 2026 20:27:03 +0000
asID: 153706
IP address blocks: 154.193.208.0/24 maxlen: 24
154.193.209.0/24 maxlen: 24
154.193.210.0/24 maxlen: 24
154.193.211.0/24 maxlen: 24
154.193.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101042 (0x18ab2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 20:27:03 2025 GMT
Not After : Jul 17 20:27:03 2026 GMT
Subject: CN=6868391d-754b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:5f:74:93:10:b8:40:8f:10:1a:ca:d3:f5:
f9:4f:70:ee:d3:c0:58:4d:e8:12:0d:af:65:8d:74:
29:0f:54:70:58:c6:2c:62:10:8f:5e:6b:8f:ba:3a:
4b:f3:d7:e4:1f:04:9a:07:a3:07:a1:56:5e:a7:52:
ab:4a:2e:77:1e:8c:5c:33:68:5a:fe:33:bc:f1:c3:
65:78:f8:d9:ce:f8:e6:27:7a:6f:bf:4c:ea:b2:2c:
84:9d:cb:8b:3f:dc:ed:7a:19:93:b3:65:c0:78:49:
a3:5d:92:28:c5:b4:c8:15:37:57:f1:02:a3:10:e2:
39:f5:ef:de:65:e9:74:7b:0d:95:e6:ed:c5:13:4d:
d2:34:83:91:70:35:43:3a:ef:4b:61:64:0e:43:98:
41:6b:5d:cc:e5:7d:dc:be:39:30:a0:b9:41:82:93:
30:b0:0a:64:d7:a8:e7:d3:61:61:a3:fb:c9:45:34:
1c:61:4e:af:9e:aa:07:cd:f6:86:8a:da:94:3e:40:
16:10:84:8f:c1:fb:22:f2:0d:fa:4a:e1:9a:38:3c:
0d:0f:d0:71:96:a8:26:31:f7:98:8a:01:c9:34:01:
d1:29:34:06:85:2e:8c:c0:33:de:fb:3e:bb:9b:ca:
e2:7c:ca:04:d2:23:4c:50:ee:01:45:8e:6a:d5:88:
57:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5F:4F:68:41:95:60:D1:E8:DA:84:8D:59:35:CD:2E:A6:85:DD:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/41F9A636591511F08E33D3B6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.208.0/22
154.193.247.0/24
Signature Algorithm: sha256WithRSAEncryption
65:91:5a:06:92:fb:3b:96:50:a4:1f:ca:87:51:da:a7:67:fe:
ef:73:de:2c:60:c9:5c:4f:ee:55:b1:98:8e:c6:85:09:76:a9:
48:6f:2c:01:8e:a9:bc:41:ff:5c:49:24:6f:c6:6f:bf:77:a8:
97:27:39:be:b5:94:06:b2:2b:ff:78:7b:60:c3:ae:97:c1:d9:
53:45:37:24:b2:ff:f0:85:c8:c9:2a:82:71:13:01:af:4c:d6:
a8:84:ad:34:17:eb:06:52:a7:fe:91:5e:32:55:d8:10:5d:07:
22:e0:14:70:c4:b9:c9:1c:c0:df:93:8d:9b:a5:9d:9c:59:3f:
52:a0:07:26:0f:4e:a5:58:ba:86:a8:77:32:0c:1b:35:fd:cc:
cf:2a:4a:be:ea:49:ff:e1:d6:0b:df:d9:5e:bf:0d:ea:ea:52:
ee:be:94:99:2f:e9:c3:86:38:f7:80:35:92:c9:5d:8e:9c:56:
0b:83:de:83:ee:ab:1d:7c:26:5e:8e:64:6e:46:e3:b5:a6:50:
c6:66:bf:2c:a1:85:1f:4f:0e:ea:48:61:e5:31:cc:ac:71:d2:
60:76:70:92:0c:91:1b:a4:9a:96:4c:45:9f:37:fa:91:4f:b7:
20:3e:5d:10:4d:7b:9d:54:2e:6f:e5:f5:b4:a3:be:3b:6e:6a:
b2:9d:48:3c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYqyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MjAyNzAzWhcNMjYwNzE3MjAyNzAzWjAYMRYw
FAYDVQQDEw02ODY4MzkxZC03NTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw1BfdJMQuECPEBrK0/X5T3Du08BYTegSDa9ljXQpD1RwWMYsYhCPXmuP
ujpL89fkHwSaB6MHoVZep1KrSi53HoxcM2ha/jO88cNlePjZzvjmJ3pvv0zqsiyE
ncuLP9ztehmTs2XAeEmjXZIoxbTIFTdX8QKjEOI59e/eZel0ew2V5u3FE03SNIOR
cDVDOu9LYWQOQ5hBa13M5X3cvjkwoLlBgpMwsApk16jn02Fho/vJRTQcYU6vnqoH
zfaGitqUPkAWEISPwfsi8g36SuGaODwND9BxlqgmMfeYigHJNAHRKTQGhS6MwDPe
+z67m8rifMoE0iNMUO4BRY5q1YhX+wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCtf
T2hBlWDR6NqEjVk1zS6mhd1LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MUY5QTYzNjU5MTUxMUYwOEUzM0QzQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsHQAwQAmsH3MA0GCSqG
SIb3DQEBCwUAA4IBAQBlkVoGkvs7llCkH8qHUdqnZ/7vc94sYMlcT+5VsZiOxoUJ
dqlIbywBjqm8Qf9cSSRvxm+/d6iXJzm+tZQGsiv/eHtgw66XwdlTRTcksv/whcjJ
KoJxEwGvTNaohK00F+sGUqf+kV4yVdgQXQci4BRwxLnJHMDfk42bpZ2cWT9SoAcm
D06lWLqGqHcyDBs1/czPKkq+6kn/4dYL39levw3q6lLuvpSZL+nDhjj3gDWSyV2O
nFYLg96D7qsdfCZejmRuRuO1plDGZr8soYUfTw7qSGHlMcyscdJgdnCSDJEbpJqW
TEWfN/qRT7cgPl0QTXudVC5v5fW0o747bmqynUg8
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:39 2025 by rpki-client