Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43CAE7245B2511F0A7F6E5ADDAE4EC9C.roa
File: 43CAE7245B2511F0A7F6E5ADDAE4EC9C.roa (raw, json)
Hash identifier: YJ3oSW7ulM4BZ3ICQpM4MsLYo2UVgy5pAzUL1tt3vOg=
Subject key identifier: B5:EE:3D:18:6A:51:8F:1F:6A:4F:76:B4:80:0B:6B:F8:0B:8E:5A:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C0C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43CAE7245B2511F0A7F6E5ADDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 11:26:46 +0000
ROA not before: Mon 07 Jul 2025 11:26:41 +0000
ROA not after: Sun 10 Aug 2025 11:26:41 +0000
asID: 8796
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101388 (0x18c0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 11:26:41 2025 GMT
Not After : Aug 10 11:26:41 2025 GMT
Subject: CN=686baef6-593d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:a2:df:38:97:5a:b1:32:aa:3c:77:17:af:
49:d4:6d:15:6b:ae:02:6a:7c:f1:9c:d5:fe:95:16:
63:cc:d2:06:2b:77:56:d1:58:ab:c4:99:4d:af:b0:
19:77:40:19:9c:66:cb:92:9b:f8:f4:76:4a:db:f0:
1a:6b:02:60:16:75:ed:95:ef:22:d1:92:30:2e:b7:
42:57:bc:19:ca:3f:a4:3a:82:df:50:78:6d:48:47:
55:67:27:3b:2e:3f:ec:eb:bd:38:e2:85:97:c4:5c:
50:04:f0:05:77:a0:b8:a5:6f:d3:44:fe:5e:4d:66:
91:b8:23:f7:98:b4:d0:89:5f:0e:47:d6:28:e7:f1:
6d:35:cf:e2:6d:bf:0b:6e:b9:4e:6e:fc:4d:f3:47:
fc:b9:c7:68:7e:b1:ea:f6:26:66:fc:34:e8:87:c5:
f5:91:a3:4e:da:06:2c:6a:2f:f5:49:9b:4d:f6:6d:
0c:96:03:22:73:4f:20:f1:21:94:6a:c2:bd:8b:e9:
b2:7f:8b:93:81:3e:42:99:71:27:4f:9a:02:58:00:
12:18:5b:cb:85:a1:79:34:fb:e5:c6:7f:f3:16:9f:
ed:f4:12:bb:5e:1f:b2:db:54:1e:b2:dc:ee:41:2f:
72:d0:3e:54:b9:86:14:d5:e7:99:9b:70:78:98:29:
a8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EE:3D:18:6A:51:8F:1F:6A:4F:76:B4:80:0B:6B:F8:0B:8E:5A:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43CAE7245B2511F0A7F6E5ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
cc:a0:79:fc:50:31:74:14:81:3b:60:36:7f:0f:a6:37:20:93:
d6:db:aa:4d:3a:a6:38:66:ca:3b:b6:fa:d2:65:06:9a:4b:58:
41:21:7d:94:9b:21:66:d4:a8:ad:6c:40:7e:c7:9c:e5:5e:e0:
a9:63:56:fe:d6:33:65:47:8a:aa:32:50:ba:02:28:a7:82:64:
bd:e5:4a:95:97:01:cd:db:06:f7:f2:35:bb:de:b5:f6:fe:d0:
31:bc:ff:cb:f3:28:8f:9b:3c:f3:70:70:3f:31:fc:5b:ac:db:
87:12:97:c4:a4:8f:ce:45:fb:43:c2:95:cb:c5:ac:4e:d6:08:
49:3e:df:c0:be:bf:9c:da:7d:8f:2d:83:16:95:f2:cc:e3:3c:
9c:1e:df:85:a6:b6:8a:df:ef:b5:8c:da:c0:e8:0d:c7:3a:91:
a9:ee:93:a3:04:80:e2:b5:98:98:62:68:12:c2:35:e2:af:dc:
b4:ff:e2:8f:a8:a8:89:42:39:cc:21:14:a3:96:a9:16:bf:bf:
6d:be:34:45:08:69:35:bc:06:27:c5:bd:70:a8:58:be:a7:d0:
fc:61:7e:c3:f4:ab:97:4d:50:b3:44:2e:00:e7:40:9c:0a:fb:
b5:25:9b:bd:83:b1:ed:64:76:a3:a5:e6:0e:49:0a:c3:3b:83:
4b:00:7f:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTEyNjQxWhcNMjUwODEwMTEyNjQxWjAYMRYw
FAYDVQQDEw02ODZiYWVmNi01OTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvSCi3ziXWrEyqjx3F69J1G0Va64CanzxnNX+lRZjzNIGK3dW0VirxJlN
r7AZd0AZnGbLkpv49HZK2/AaawJgFnXtle8i0ZIwLrdCV7wZyj+kOoLfUHhtSEdV
Zyc7Lj/s67044oWXxFxQBPAFd6C4pW/TRP5eTWaRuCP3mLTQiV8OR9Yo5/FtNc/i
bb8LbrlObvxN80f8ucdofrHq9iZm/DToh8X1kaNO2gYsai/1SZtN9m0MlgMic08g
8SGUasK9i+myf4uTgT5CmXEnT5oCWAASGFvLhaF5NPvlxn/zFp/t9BK7Xh+y21Qe
stzuQS9y0D5UuYYU1eeZm3B4mCmodwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLXu
PRhqUY8fak92tIALa/gLjlqlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0NBRTcyNDVCMjUxMUYwQTdGNkU1QUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQDMoHn8UDF0FIE7YDZ/D6Y3IJPW26pNOqY4Zso7tvrSZQaaS1hBIX2U
myFm1KitbEB+x5zlXuCpY1b+1jNlR4qqMlC6AiingmS95UqVlwHN2wb38jW73rX2
/tAxvP/L8yiPmzzzcHA/MfxbrNuHEpfEpI/ORftDwpXLxaxO1ghJPt/Avr+c2n2P
LYMWlfLM4zycHt+FpraK3++1jNrA6A3HOpGp7pOjBIDitZiYYmgSwjXir9y0/+KP
qKiJQjnMIRSjlqkWv79tvjRFCGk1vAYnxb1wqFi+p9D8YX7D9KuXTVCzRC4A50Cc
Cvu1JZu9g7HtZHajpeYOSQrDO4NLAH+b
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:04:01 2025 by rpki-client