Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/536B0BB25BE511F0A78CB493DAE4EC9C.roa
File: 536B0BB25BE511F0A78CB493DAE4EC9C.roa (raw, json)
Hash identifier: zq3xys95iQYN0nUeAZWiZ7u76Pv7X+qygKfy3Nee7s8=
Subject key identifier: B9:A8:47:04:1C:91:4A:AA:6A:DA:3D:56:8D:A4:31:91:11:D6:C1:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C8F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/536B0BB25BE511F0A78CB493DAE4EC9C.roa
Signing time: Tue 08 Jul 2025 10:21:36 +0000
ROA not before: Tue 08 Jul 2025 10:21:31 +0000
ROA not after: Wed 03 Sep 2025 10:21:31 +0000
asID: 135377
IP address blocks: 154.83.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101519 (0x18c8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 8 10:21:31 2025 GMT
Not After : Sep 3 10:21:31 2025 GMT
Subject: CN=686cf130-c1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:72:15:7a:69:f3:42:a0:2b:b5:02:eb:af:27:
a9:28:55:58:b6:17:06:b4:07:f6:83:94:a5:5c:7e:
17:6b:11:8d:f6:20:77:e8:11:61:cb:ad:ee:8e:a2:
2f:a0:d5:9f:1e:4b:dd:ae:fb:52:32:ad:6f:63:7c:
a0:c5:92:b6:f5:11:5f:ca:c6:64:e5:b6:bf:1c:a7:
3c:d7:88:a2:00:18:dc:9e:a1:e8:75:b5:02:be:05:
ee:5a:1d:fa:af:f7:43:53:50:5c:ee:c2:f1:41:8c:
e3:e1:99:e3:18:f3:24:e5:9b:99:44:23:df:87:0c:
6d:da:57:35:d2:09:50:95:a1:fa:f2:73:fe:13:5c:
56:3c:67:cd:15:90:2e:5f:c5:a4:64:3a:02:bc:31:
1d:4e:03:c5:8b:cd:71:81:ca:e8:17:22:1a:4f:6f:
d8:d1:b5:91:cf:61:d5:c6:44:ce:f5:9e:45:7b:06:
e4:ba:69:c4:eb:5c:6a:a8:f6:52:f5:19:77:63:33:
ef:66:6f:06:95:f0:5e:97:39:ee:ad:43:ef:5e:ed:
96:a5:a7:c0:e4:c6:35:6f:e2:b0:65:55:99:5e:1a:
78:bd:8f:93:d5:7c:e2:71:6b:58:e7:7d:1c:b0:56:
9b:4b:78:66:01:b3:4a:68:61:c4:9f:c9:0d:6f:18:
73:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A8:47:04:1C:91:4A:AA:6A:DA:3D:56:8D:A4:31:91:11:D6:C1:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/536B0BB25BE511F0A78CB493DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.198.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:4d:66:42:04:5c:0c:d9:a5:96:23:1f:dc:60:62:87:ac:e9:
79:8c:e2:33:9d:d2:9c:6f:92:c2:81:bb:8d:f3:21:eb:65:99:
62:db:6e:37:bc:d2:e9:41:53:5e:0b:bc:8d:38:6a:69:cf:f0:
a9:39:3e:01:63:18:20:6c:d2:49:17:b0:76:46:61:0d:1d:5c:
a7:90:28:34:e3:dd:cb:ff:08:37:3f:e7:ed:8c:28:78:04:52:
4d:93:2a:74:a9:c6:56:ed:91:de:ba:b8:c3:da:93:ba:d9:d4:
5f:e0:a5:ca:11:e6:64:32:bb:7f:98:91:37:df:02:2b:f4:50:
a1:5e:7b:6d:92:64:09:78:32:e3:a9:d7:6e:f5:fc:fe:78:f6:
70:e7:1a:37:eb:45:b0:39:aa:23:f8:1b:fe:7a:48:eb:da:cb:
98:1a:02:15:ff:41:38:8e:c3:ff:42:64:d0:53:69:4f:da:f2:
79:ce:32:bc:e4:da:ac:e8:3c:40:69:43:8e:9a:a1:60:3b:e8:
5e:7c:da:89:78:a3:6c:72:7c:65:4c:94:41:cd:43:18:3e:f7:
ca:15:b6:fb:52:a1:a3:73:56:36:91:13:f6:8b:03:06:93:ea:
6b:d8:7d:fa:e4:16:22:b2:2c:a8:26:d8:77:79:6d:7e:03:96:
22:3d:18:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYyPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA4MTAyMTMxWhcNMjUwOTAzMTAyMTMxWjAYMRYw
FAYDVQQDEw02ODZjZjEzMC1jMWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnIVemnzQqArtQLrryepKFVYthcGtAf2g5SlXH4XaxGN9iB36BFhy63u
jqIvoNWfHkvdrvtSMq1vY3ygxZK29RFfysZk5ba/HKc814iiABjcnqHodbUCvgXu
Wh36r/dDU1Bc7sLxQYzj4ZnjGPMk5ZuZRCPfhwxt2lc10glQlaH68nP+E1xWPGfN
FZAuX8WkZDoCvDEdTgPFi81xgcroFyIaT2/Y0bWRz2HVxkTO9Z5FewbkumnE61xq
qPZS9Rl3YzPvZm8GlfBelznurUPvXu2WpafA5MY1b+KwZVWZXhp4vY+T1XzicWtY
530csFabS3hmAbNKaGHEn8kNbxhzHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLmo
RwQckUqqato9Vo2kMZER1sHSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzZCMEJCMjVCRTUxMUYwQTc4Q0I0OTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlPGMA0GCSqGSIb3DQEB
CwUAA4IBAQCtTWZCBFwM2aWWIx/cYGKHrOl5jOIzndKcb5LCgbuN8yHrZZli2243
vNLpQVNeC7yNOGppz/CpOT4BYxggbNJJF7B2RmENHVynkCg0493L/wg3P+ftjCh4
BFJNkyp0qcZW7ZHeurjD2pO62dRf4KXKEeZkMrt/mJE33wIr9FChXnttkmQJeDLj
qddu9fz+ePZw5xo360WwOaoj+Bv+ekjr2suYGgIV/0E4jsP/QmTQU2lP2vJ5zjK8
5Nqs6DxAaUOOmqFgO+hefNqJeKNscnxlTJRBzUMYPvfKFbb7UqGjc1Y2kRP2iwMG
k+pr2H365BYisiyoJth3eW1+A5YiPRig
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:25 2025 by rpki-client