Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52CDC290623D11F08CD95FB1DAE4EC9C.roa
File: 52CDC290623D11F08CD95FB1DAE4EC9C.roa (raw, json)
Hash identifier: YyHF5+pvaj54f7DS1fIFzIGhkZgPpu+SzmaxlY8FdPI=
Subject key identifier: DE:98:51:BF:99:F9:24:51:69:A2:3E:2C:3D:4B:1F:BF:05:2B:6A:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DFD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52CDC290623D11F08CD95FB1DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 12:06:37 +0000
ROA not before: Wed 16 Jul 2025 12:06:32 +0000
ROA not after: Tue 22 Jul 2025 12:06:32 +0000
asID: 9009
IP address blocks: 154.194.8.0/23 maxlen: 24
154.194.10.0/24 maxlen: 24
154.194.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101885 (0x18dfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 16 12:06:32 2025 GMT
Not After : Jul 22 12:06:32 2025 GMT
Subject: CN=687795cd-1b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:32:c8:50:c9:4e:90:45:f4:b6:30:ff:5e:8f:
5f:d6:18:12:60:34:2f:dc:c0:db:b6:74:ef:55:54:
12:31:6b:f4:4b:43:a0:0c:73:5f:8e:f6:09:0f:89:
65:0b:e9:1b:20:7a:a6:c5:28:ad:31:1c:59:9c:5e:
fc:08:15:7b:d6:0f:51:64:70:1d:d2:48:3a:35:f7:
d7:1c:54:a1:11:e0:fa:e5:25:51:df:de:68:9a:70:
19:bf:f7:32:41:80:27:7f:3a:2e:e3:9c:aa:55:34:
c0:72:78:f7:69:30:4b:fd:fc:d5:89:71:36:46:76:
21:12:3b:2c:60:b8:b3:ef:c5:36:69:dc:38:04:bd:
e5:17:8b:05:58:31:c1:37:fd:22:b2:6a:c6:ac:e2:
92:18:d3:aa:4a:77:11:08:e5:20:9d:f8:55:7f:93:
86:03:fe:e4:36:76:13:f1:de:de:ab:67:dd:d6:77:
12:41:39:cd:7e:fb:2a:06:e8:43:bd:23:f2:e8:c3:
b6:4e:18:ce:bb:b6:f5:da:f3:e3:59:1b:f2:67:bb:
28:d6:05:d5:cf:a2:f3:7d:3e:71:73:9b:b0:53:72:
d5:90:e4:72:af:5e:cc:45:43:56:cc:63:38:63:4a:
bd:ba:20:1f:5a:a0:f2:83:3c:6a:1a:d0:99:f6:74:
0f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:98:51:BF:99:F9:24:51:69:A2:3E:2C:3D:4B:1F:BF:05:2B:6A:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52CDC290623D11F08CD95FB1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.8.0/22
Signature Algorithm: sha256WithRSAEncryption
79:fe:21:67:78:3b:85:82:32:03:cc:90:06:37:2e:5b:3d:32:
5f:32:71:ad:78:9a:c4:e9:55:04:9c:ed:cb:5c:7f:5c:98:d2:
a8:28:87:8b:09:89:00:f8:8c:42:29:32:b8:87:05:89:ec:f4:
9b:78:c2:46:d6:4d:93:28:11:c1:02:9e:f4:07:a7:94:97:5d:
51:6a:e9:9c:5d:4a:f3:4f:34:83:62:66:89:eb:7c:1b:e3:12:
4f:b0:e5:55:ed:1d:4e:69:af:cd:79:25:89:5f:6e:e7:28:82:
d2:b0:90:b6:17:58:f9:3b:dc:70:11:6b:88:63:3f:d9:c2:7a:
d8:a8:fa:c4:28:1c:00:b8:97:29:51:3e:55:8d:43:5d:1f:c5:
39:83:ba:a2:f3:9c:1e:28:ed:61:fd:50:38:3f:51:70:4c:87:
04:ce:3e:72:54:83:fe:61:29:7e:a0:6e:a7:79:71:02:42:ad:
33:17:8c:c0:8d:bf:64:37:a2:46:76:ca:25:ce:d6:e2:79:97:
85:f5:96:00:c0:00:05:9f:33:07:f3:c0:44:f2:13:8d:30:47:
57:4c:9b:72:97:a6:fe:3e:87:53:7a:2d:cd:95:0d:84:c7:5c:
ab:a7:01:68:44:c3:83:82:51:5a:56:5e:6a:fb:42:2f:27:f0:
a6:7c:57:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY39MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE2MTIwNjMyWhcNMjUwNzIyMTIwNjMyWjAYMRYw
FAYDVQQDEw02ODc3OTVjZC0xYjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5DLIUMlOkEX0tjD/Xo9f1hgSYDQv3MDbtnTvVVQSMWv0S0OgDHNfjvYJ
D4llC+kbIHqmxSitMRxZnF78CBV71g9RZHAd0kg6NffXHFShEeD65SVR395omnAZ
v/cyQYAnfzou45yqVTTAcnj3aTBL/fzViXE2RnYhEjssYLiz78U2adw4BL3lF4sF
WDHBN/0ismrGrOKSGNOqSncRCOUgnfhVf5OGA/7kNnYT8d7eq2fd1ncSQTnNfvsq
BuhDvSPy6MO2ThjOu7b12vPjWRvyZ7so1gXVz6LzfT5xc5uwU3LVkORyr17MRUNW
zGM4Y0q9uiAfWqDygzxqGtCZ9nQP2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN6Y
Ub+Z+SRRaaI+LD1LH78FK2pQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MkNEQzI5MDYyM0QxMUYwOENEOTVGQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsIIMA0GCSqGSIb3DQEB
CwUAA4IBAQB5/iFneDuFgjIDzJAGNy5bPTJfMnGteJrE6VUEnO3LXH9cmNKoKIeL
CYkA+IxCKTK4hwWJ7PSbeMJG1k2TKBHBAp70B6eUl11RaumcXUrzTzSDYmaJ63wb
4xJPsOVV7R1Oaa/NeSWJX27nKILSsJC2F1j5O9xwEWuIYz/ZwnrYqPrEKBwAuJcp
UT5VjUNdH8U5g7qi85weKO1h/VA4P1FwTIcEzj5yVIP+YSl+oG6neXECQq0zF4zA
jb9kN6JGdsolztbieZeF9ZYAwAAFnzMH88BE8hONMEdXTJtyl6b+PodTei3NlQ2E
x1yrpwFoRMODglFaVl5q+0IvJ/CmfFcA
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:15:42 2025 by rpki-client