Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A463B0E58EE11F0975B9DBCDAE4EC9C.roa
File: 5A463B0E58EE11F0975B9DBCDAE4EC9C.roa (raw, json)
Hash identifier: GiGhMaAgNdv7mO2HtCwqhIfXXjLbELagAD4tUADYnXQ=
Subject key identifier: A1:E3:42:26:5F:60:AB:34:93:2F:18:EF:48:96:E6:65:82:93:17:E3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A463B0E58EE11F0975B9DBCDAE4EC9C.roa
Signing time: Fri 04 Jul 2025 15:48:39 +0000
ROA not before: Fri 04 Jul 2025 15:48:34 +0000
ROA not after: Sun 24 Aug 2025 15:48:34 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
154.89.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100984 (0x18a78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 15:48:34 2025 GMT
Not After : Aug 24 15:48:34 2025 GMT
Subject: CN=6867f7d7-2aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:22:e9:90:6b:d6:0b:45:c6:be:4d:36:92:
5c:54:12:bf:b2:9c:6c:a6:d3:35:dc:f9:72:a6:28:
25:ee:65:e9:ec:16:80:94:ce:d3:89:34:23:7b:06:
85:52:32:c8:0b:94:c7:89:6f:1a:5d:7f:9c:5c:98:
14:2c:f0:bf:b0:ab:ef:0a:e0:52:6c:d3:12:70:40:
93:5c:51:77:1a:46:ce:d9:3a:68:cb:ae:1a:a5:11:
0b:f6:77:bb:70:80:a4:62:a5:2f:c2:08:32:68:6b:
f2:ba:d1:48:7c:06:2d:7b:84:de:ba:81:00:c9:12:
63:06:b7:06:dd:77:fd:11:b1:69:39:8b:47:ef:2c:
6b:b5:ee:bc:d9:dd:d8:60:6b:0c:6d:42:f1:7a:99:
0b:3d:b2:75:02:16:5e:ea:b9:05:0f:c3:01:b4:22:
eb:79:eb:a5:5c:3e:b5:6c:77:14:c2:bf:f0:7a:80:
f7:f2:ab:6f:6d:30:e6:cc:ee:5b:1e:a3:46:ea:40:
47:b8:d1:b7:e1:79:68:9f:57:84:bc:47:d3:d3:27:
b0:7e:a5:90:9e:ac:a1:41:53:1c:a8:7b:78:43:c8:
a9:02:1a:34:61:5c:b9:92:3e:bc:e2:be:ec:72:8b:
8d:73:7c:e6:e3:d2:ea:9a:12:ed:18:95:4d:c4:13:
a7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E3:42:26:5F:60:AB:34:93:2F:18:EF:48:96:E6:65:82:93:17:E3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5A463B0E58EE11F0975B9DBCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
154.89.200.0/21
Signature Algorithm: sha256WithRSAEncryption
60:52:7e:d9:25:e6:b0:07:da:cc:4d:7a:9b:f0:fb:6f:e7:2d:
62:74:80:90:7e:4c:c7:0f:52:fc:10:3b:1d:d7:01:9f:7d:14:
68:c1:68:d4:7f:78:55:98:11:2f:9c:e4:6c:63:61:d6:7a:86:
7e:5a:ad:69:54:cb:60:22:e4:6b:53:57:2d:ce:76:f0:f9:02:
b4:cd:fe:7f:fe:73:1a:96:88:57:f0:b8:77:0e:dd:64:9c:2b:
c2:9d:2a:28:1c:50:36:6c:0f:11:ab:df:a0:ff:8e:f8:24:ac:
fb:4a:f2:5a:2c:0e:68:5a:89:7c:fc:27:0e:d9:4e:0a:e0:99:
4f:bf:d1:a8:86:8f:d6:12:b9:c4:84:13:52:e2:96:b9:1f:d3:
75:42:69:28:32:ca:11:77:d9:46:a4:e8:d7:9e:59:3c:dd:8f:
73:ad:f4:21:17:a1:51:92:d2:3a:72:1b:10:a7:6f:26:87:84:
9e:48:50:43:46:a4:3a:da:93:89:11:76:63:07:62:c9:57:b4:
0d:18:c3:67:8a:94:e0:c1:a6:95:e6:a4:85:35:ba:a0:21:94:
44:f8:5d:27:00:5a:2c:ed:65:33:1d:cb:c0:e7:94:46:98:a6:
2d:37:bb:b4:91:0e:f3:28:d8:52:4b:73:eb:96:b8:7b:22:07:
57:3a:4b:5f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYp4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTU0ODM0WhcNMjUwODI0MTU0ODM0WjAYMRYw
FAYDVQQDEw02ODY3ZjdkNy0yYWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr5Mi6ZBr1gtFxr5NNpJcVBK/spxsptM13Plypigl7mXp7BaAlM7TiTQj
ewaFUjLIC5THiW8aXX+cXJgULPC/sKvvCuBSbNMScECTXFF3GkbO2Tpoy64apREL
9ne7cICkYqUvwggyaGvyutFIfAYte4TeuoEAyRJjBrcG3Xf9EbFpOYtH7yxrte68
2d3YYGsMbULxepkLPbJ1AhZe6rkFD8MBtCLreeulXD61bHcUwr/weoD38qtvbTDm
zO5bHqNG6kBHuNG34Xlon1eEvEfT0yewfqWQnqyhQVMcqHt4Q8ipAho0YVy5kj68
4r7scouNc3zm49LqmhLtGJVNxBOnzQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKHj
QiZfYKs0ky8Y70iW5mWCkxfjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QTQ2M0IwRTU4RUUxMUYwOTc1QjlEQkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmlmgAwQDmlnIMA0GCSqG
SIb3DQEBCwUAA4IBAQBgUn7ZJeawB9rMTXqb8Ptv5y1idICQfkzHD1L8EDsd1wGf
fRRowWjUf3hVmBEvnORsY2HWeoZ+Wq1pVMtgIuRrU1ctznbw+QK0zf5//nMalohX
8Lh3Dt1knCvCnSooHFA2bA8Rq9+g/474JKz7SvJaLA5oWol8/CcO2U4K4JlPv9Go
ho/WErnEhBNS4pa5H9N1QmkoMsoRd9lGpOjXnlk83Y9zrfQhF6FRktI6chsQp28m
h4SeSFBDRqQ62pOJEXZjB2LJV7QNGMNnipTgwaaV5qSFNbqgIZRE+F0nAFos7WUz
HcvA55RGmKYtN7u0kQ7zKNhSS3Prlrh7IgdXOktf
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:53 2025 by rpki-client