Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47DCFD34599A11F098C7D8A1DAE4EC9C.roa
File: 47DCFD34599A11F098C7D8A1DAE4EC9C.roa (raw, json)
Hash identifier: W5VCOFNxfdMaMViM3sTmWENwirfSHEIC6/Q1kaqh4Aw=
Subject key identifier: 5E:5F:AF:A9:4A:9C:93:C3:A7:90:45:62:F6:05:D0:1B:34:C6:1D:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AF2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47DCFD34599A11F098C7D8A1DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 12:19:22 +0000
ROA not before: Sat 05 Jul 2025 12:19:17 +0000
ROA not after: Sun 17 Aug 2025 12:19:17 +0000
asID: 203020
IP address blocks: 154.203.44.0/22 maxlen: 24
154.203.48.0/23 maxlen: 24
154.204.96.0/19 maxlen: 24
154.220.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101106 (0x18af2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 12:19:17 2025 GMT
Not After : Aug 17 12:19:17 2025 GMT
Subject: CN=6869184a-7cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:ff:d5:fe:58:39:4b:d4:f3:87:23:7d:d1:
d4:6b:39:a5:ad:1b:a3:07:f6:79:3f:6f:1b:a1:ee:
61:82:bb:3a:f8:19:01:2a:d6:ed:af:32:06:52:fe:
c7:8a:5a:5a:a3:73:06:10:d3:61:d1:2e:b5:5f:28:
e0:a5:07:63:0b:f1:8c:71:72:99:31:60:64:68:61:
c5:db:e3:a9:1f:8d:0e:f2:bb:a6:be:d7:65:a6:64:
d6:79:54:44:e0:26:14:e6:d8:b1:8a:9d:03:1c:05:
9a:3c:a0:4d:00:d3:20:2c:54:5e:6b:ad:46:29:49:
70:49:78:db:83:fe:ec:75:7a:5a:95:a1:a9:b3:3c:
6b:77:a6:3d:14:d5:f6:07:b2:8f:40:b6:55:78:7a:
6c:da:29:5b:75:ea:c0:80:92:79:a2:32:be:42:d9:
97:2e:16:3a:0e:4e:5d:6e:8a:f1:46:29:ae:0c:db:
e3:a2:e2:7b:b9:71:ce:ff:73:a2:7b:af:3c:a6:c1:
c9:78:01:10:33:59:20:52:0e:ca:1e:9b:0d:d1:7b:
86:77:f3:3b:c4:ed:92:64:d0:cf:1c:f9:2e:a8:0c:
eb:da:6c:0c:ec:dc:47:8b:ef:98:8c:fc:fc:1b:ed:
bf:c7:8d:77:02:f5:8d:97:fd:95:75:19:d5:cf:11:
6a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5F:AF:A9:4A:9C:93:C3:A7:90:45:62:F6:05:D0:1B:34:C6:1D:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47DCFD34599A11F098C7D8A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.44.0-154.203.49.255
154.204.96.0/19
154.220.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b2:dc:23:4b:27:88:9c:82:f3:1d:3b:97:f9:f0:af:e1:88:03:
f5:9a:f7:40:24:5a:6e:07:c1:15:4b:d0:b9:9d:9e:16:46:06:
18:9c:71:e4:df:76:e5:0c:dd:40:7f:08:a7:ee:ff:97:88:e8:
4f:2a:d0:09:e0:2c:3c:b3:e1:0f:95:ec:d8:c0:49:1b:00:d8:
65:bf:86:f0:e3:ef:13:87:04:d5:4e:0f:95:f6:00:bd:45:f3:
7d:b2:ee:02:dc:8f:92:44:61:07:66:29:76:89:d3:c5:3d:9e:
d0:7c:cc:f6:61:78:18:09:72:54:35:7e:4d:a3:eb:99:f6:bd:
46:cf:f3:43:dd:eb:2f:55:82:b3:04:d3:8f:f2:cc:96:eb:48:
2b:4d:dc:32:1e:44:a0:ca:93:b7:0e:66:93:30:7c:09:a9:a8:
28:b8:be:3d:fc:d0:17:49:db:05:01:fa:26:1c:65:1f:b9:83:
a2:e6:65:65:40:55:d9:be:f3:db:7e:70:1e:34:de:64:65:d7:
3c:51:2c:b5:3e:54:1e:89:89:dd:ad:58:3a:01:ff:2e:fc:67:
75:15:d4:73:41:9c:33:3a:7e:25:ca:d6:ff:12:a3:22:08:b8:
31:32:87:29:4e:fe:f4:ea:1f:26:f2:e9:81:d7:c2:38:e0:aa:
17:71:29:d0
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYryMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTIxOTE3WhcNMjUwODE3MTIxOTE3WjAYMRYw
FAYDVQQDEw02ODY5MTg0YS03Y2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvG//1f5YOUvU84cjfdHUazmlrRujB/Z5P28boe5hgrs6+BkBKtbtrzIG
Uv7Hilpao3MGENNh0S61XyjgpQdjC/GMcXKZMWBkaGHF2+OpH40O8rumvtdlpmTW
eVRE4CYU5tixip0DHAWaPKBNANMgLFRea61GKUlwSXjbg/7sdXpalaGpszxrd6Y9
FNX2B7KPQLZVeHps2ilbderAgJJ5ojK+QtmXLhY6Dk5dborxRimuDNvjouJ7uXHO
/3Oie688psHJeAEQM1kgUg7KHpsN0XuGd/M7xO2SZNDPHPkuqAzr2mwM7NxHi++Y
jPz8G+2/x413AvWNl/2VdRnVzxFqfwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFF5f
r6lKnJPDp5BFYvYF0Bs0xh0OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80N0RDRkQzNDU5OUExMUYwOThDN0Q4QTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKayywDBAGayzADBAWa
zGADBAaa3IAwDQYJKoZIhvcNAQELBQADggEBALLcI0sniJyC8x07l/nwr+GIA/Wa
90AkWm4HwRVL0LmdnhZGBhicceTfduUM3UB/CKfu/5eI6E8q0AngLDyz4Q+V7NjA
SRsA2GW/hvDj7xOHBNVOD5X2AL1F832y7gLcj5JEYQdmKXaJ08U9ntB8zPZheBgJ
clQ1fk2j65n2vUbP80Pd6y9VgrME04/yzJbrSCtN3DIeRKDKk7cOZpMwfAmpqCi4
vj380BdJ2wUB+iYcZR+5g6LmZWVAVdm+89t+cB403mRl1zxRLLU+VB6Jid2tWDoB
/y78Z3UV1HNBnDM6fiXK1v8SoyIIuDEyhylO/vTqHyby6YHXwjjgqhdxKdA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:51 2025 by rpki-client