Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5440B96A5AA011F09295E9C1DAE4EC9C.roa
File: 5440B96A5AA011F09295E9C1DAE4EC9C.roa (raw, json)
Hash identifier: RsujDvnZno2VZOeiDgKYy/RvLVHIDVaAFO5ZjBomoPc=
Subject key identifier: 1F:7B:B8:9D:F3:68:6C:2E:61:7A:E6:CF:0B:9F:41:38:A7:32:6D:AA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BAA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5440B96A5AA011F09295E9C1DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 19:35:11 +0000
ROA not before: Sun 06 Jul 2025 19:35:06 +0000
ROA not after: Sun 24 Aug 2025 19:35:06 +0000
asID: 40065
IP address blocks: 154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101290 (0x18baa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 19:35:06 2025 GMT
Not After : Aug 24 19:35:06 2025 GMT
Subject: CN=686acfef-a38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:18:36:07:3a:35:5e:cd:c1:9d:e6:4b:29:37:
4d:f8:6e:e3:dd:10:e1:9d:5d:6d:32:7d:3e:c5:1f:
71:13:cb:d4:ed:9d:e5:2e:25:62:04:0a:05:da:8e:
78:92:2b:0d:25:c8:e4:64:f0:2a:c0:37:44:41:4a:
2c:4b:0b:64:63:c8:b7:b4:cc:15:ad:22:ba:4d:76:
1a:cf:12:ef:05:e2:50:be:9a:ed:4f:36:c6:7e:7d:
74:23:04:f7:90:d8:26:39:1b:bc:a2:c6:6b:c4:69:
dc:b6:fc:c0:86:ba:8c:fd:f7:00:41:1a:6a:f4:5d:
34:a6:03:43:e2:99:2c:12:ae:ac:2c:5f:8b:28:13:
d6:9b:b4:d0:d3:ac:cd:08:2a:59:a4:d6:e0:0c:7f:
67:11:cc:f7:18:fa:7e:74:46:1b:24:bb:e1:0b:74:
c3:f3:69:34:96:36:7d:65:23:cb:0b:17:11:5b:32:
50:b8:6e:98:23:03:26:e5:72:22:c5:a1:d0:d9:2b:
e1:a2:f5:67:c9:98:ae:bb:35:6b:37:cd:65:5b:2f:
99:e4:99:77:22:af:2e:57:1b:67:32:31:62:6f:ab:
17:e9:3d:ce:5f:b7:ca:2a:87:0b:19:00:3e:80:66:
8f:bb:ed:55:bb:d1:1c:4f:7f:7e:f7:c0:8c:4e:20:
f1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7B:B8:9D:F3:68:6C:2E:61:7A:E6:CF:0B:9F:41:38:A7:32:6D:AA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5440B96A5AA011F09295E9C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/20
Signature Algorithm: sha256WithRSAEncryption
54:8e:fb:1c:ca:d2:5a:d5:7c:66:fc:f2:48:cd:54:61:5e:63:
5b:ee:f6:a0:a9:56:31:eb:86:01:20:8d:59:1e:99:74:5d:02:
94:72:94:68:a1:5d:c0:38:bf:31:48:22:68:dd:47:93:c8:dd:
26:ba:3b:d0:c8:0b:e7:3a:32:9a:f9:14:60:8d:c5:0f:f7:c5:
ab:f3:d2:d8:95:14:32:81:6f:14:a0:a7:ce:73:95:72:e1:4d:
a8:cd:ef:ac:86:03:d8:4b:c8:96:f6:5e:b4:98:35:1b:43:26:
7a:d2:22:3a:39:59:7f:95:50:8e:7d:4d:5e:e9:a2:54:78:04:
39:c0:6e:92:69:85:9c:35:66:ee:21:6b:1c:da:e1:9c:0c:47:
49:5a:8e:98:06:7c:49:78:fc:91:a8:66:65:a0:e4:c2:80:51:
4e:7b:c6:14:5e:eb:7f:01:42:c1:68:07:02:f6:8b:4d:80:56:
9a:07:b3:db:8c:08:5c:07:68:80:84:ac:71:d3:cc:c4:00:22:
ae:6e:57:4e:c1:7a:74:34:41:8c:60:68:6c:e2:47:2e:52:c8:
c6:0d:d9:cf:a2:46:96:97:4a:19:a9:be:05:5c:73:b7:b6:e4:
1b:fd:ef:b1:95:0b:85:ee:23:c7:50:29:cc:42:86:9b:31:5b:
73:6e:b3:d0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYuqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MTkzNTA2WhcNMjUwODI0MTkzNTA2WjAYMRYw
FAYDVQQDEw02ODZhY2ZlZi1hMzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuxg2Bzo1Xs3BneZLKTdN+G7j3RDhnV1tMn0+xR9xE8vU7Z3lLiViBAoF
2o54kisNJcjkZPAqwDdEQUosSwtkY8i3tMwVrSK6TXYazxLvBeJQvprtTzbGfn10
IwT3kNgmORu8osZrxGnctvzAhrqM/fcAQRpq9F00pgND4pksEq6sLF+LKBPWm7TQ
06zNCCpZpNbgDH9nEcz3GPp+dEYbJLvhC3TD82k0ljZ9ZSPLCxcRWzJQuG6YIwMm
5XIixaHQ2SvhovVnyZiuuzVrN81lWy+Z5Jl3Iq8uVxtnMjFib6sX6T3OX7fKKocL
GQA+gGaPu+1Vu9EcT39+98CMTiDxCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB97
uJ3zaGwuYXrmzwufQTinMm2qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NDQwQjk2QTVBQTAxMUYwOTI5NUU5QzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQBUjvscytJa1Xxm/PJIzVRhXmNb7vagqVYx64YBII1ZHpl0XQKUcpRo
oV3AOL8xSCJo3UeTyN0mujvQyAvnOjKa+RRgjcUP98Wr89LYlRQygW8UoKfOc5Vy
4U2oze+shgPYS8iW9l60mDUbQyZ60iI6OVl/lVCOfU1e6aJUeAQ5wG6SaYWcNWbu
IWsc2uGcDEdJWo6YBnxJePyRqGZloOTCgFFOe8YUXut/AULBaAcC9otNgFaaB7Pb
jAhcB2iAhKxx08zEACKubldOwXp0NEGMYGhs4kcuUsjGDdnPokaWl0oZqb4FXHO3
tuQb/e+xlQuF7iPHUCnMQoabMVtzbrPQ
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:34:24 2025 by rpki-client