Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63425E465CAD11F0BFFD1AACDAE4EC9C.roa
File: 63425E465CAD11F0BFFD1AACDAE4EC9C.roa (raw, json)
Hash identifier: XsSqqyjYXmFeupSpG4dYiPPiN3uXQ43fU+QuXZ33iek=
Subject key identifier: 68:03:FC:DB:79:04:87:5F:13:DC:A1:77:13:68:1F:9E:BF:DF:F6:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CAB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63425E465CAD11F0BFFD1AACDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 10:13:42 +0000
ROA not before: Wed 09 Jul 2025 10:13:37 +0000
ROA not after: Tue 12 Aug 2025 10:13:37 +0000
asID: 147176
IP address blocks: 154.84.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101547 (0x18cab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 10:13:37 2025 GMT
Not After : Aug 12 10:13:37 2025 GMT
Subject: CN=686e40d6-6f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:2f:94:eb:cf:42:5a:d9:d5:65:54:21:0a:
6c:43:c5:e3:67:77:87:c1:ee:2d:15:9c:2b:1e:22:
cb:a4:a1:cd:51:24:61:ce:f9:de:ee:3e:ef:7d:33:
21:5e:0b:7f:4a:fb:46:9a:52:d0:d7:b7:87:41:5e:
d8:e8:e7:98:e3:67:e3:76:16:29:6c:ee:25:23:36:
77:9b:23:4e:a4:b1:f1:8c:6e:ff:9e:c0:b2:60:e2:
8c:67:08:75:5a:f1:6c:5d:fe:f6:1d:6b:b1:6d:32:
ae:0c:5e:fa:45:c2:3c:e4:90:44:5c:c4:31:b4:eb:
32:1f:d0:3e:98:ee:20:b9:b0:f4:3f:e4:9a:68:dc:
a6:3d:e4:af:d3:16:13:8c:95:19:d7:8d:4d:3b:0b:
f9:94:d5:bb:de:ac:fe:ab:f3:30:8d:8b:30:2d:84:
ec:13:ac:77:95:95:d2:b3:69:87:43:13:0a:2d:1b:
fe:1c:f5:66:68:72:f9:4d:bf:4b:cc:1c:65:80:53:
d9:ec:f5:4b:71:1b:2a:fb:76:08:ed:0f:6f:23:b7:
02:66:38:60:69:46:0f:69:70:f0:7c:f3:ec:dc:27:
d3:32:53:b0:52:cb:54:ce:49:e9:51:21:d3:6e:24:
82:67:0e:cf:c4:ea:71:fa:4c:5c:87:eb:2e:c2:d3:
bf:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:03:FC:DB:79:04:87:5F:13:DC:A1:77:13:68:1F:9E:BF:DF:F6:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63425E465CAD11F0BFFD1AACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:13:32:68:19:a9:12:eb:17:3d:49:dd:49:3b:96:5c:36:66:
b6:74:82:df:0e:44:1b:0b:8e:a8:5c:ee:4c:d8:1f:dc:d2:bc:
59:5a:c4:09:46:17:9d:11:ce:54:7d:ef:39:70:66:0d:57:ad:
ad:35:04:f2:52:81:3a:a7:d4:09:2d:82:b0:ea:e7:af:87:7b:
2e:b4:8c:ce:ea:62:16:98:07:57:b8:81:9b:62:a6:d8:37:8c:
66:78:ae:8b:81:52:d3:ef:03:a8:61:9e:53:ae:33:d8:0d:1d:
94:32:69:0b:2d:a3:4f:f7:64:f2:a4:a6:1b:33:06:74:92:f7:
84:98:6c:04:f8:34:cc:9e:38:29:ea:c1:d4:91:a5:3d:da:06:
85:e6:92:28:86:6c:f7:13:88:b0:c8:85:74:de:f9:ae:fe:ab:
31:07:55:aa:a4:13:cd:ad:b2:39:db:e8:20:f3:25:ed:8c:92:
b4:7e:f5:12:17:5e:fb:e2:f9:49:4a:dd:fa:89:7f:43:bf:04:
bd:69:f6:ea:df:07:1a:52:a5:10:3a:51:2d:b9:50:27:15:03:
ca:8a:8a:ab:d8:a3:99:42:6b:2a:92:6c:ca:47:71:3c:30:d7:
9e:17:e2:7a:4f:31:43:31:5f:0c:43:34:de:70:d2:3b:a8:8b:
40:e0:b3:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYyrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTAxMzM3WhcNMjUwODEyMTAxMzM3WjAYMRYw
FAYDVQQDEw02ODZlNDBkNi02ZjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApQovlOvPQlrZ1WVUIQpsQ8XjZ3eHwe4tFZwrHiLLpKHNUSRhzvne7j7v
fTMhXgt/SvtGmlLQ17eHQV7Y6OeY42fjdhYpbO4lIzZ3myNOpLHxjG7/nsCyYOKM
Zwh1WvFsXf72HWuxbTKuDF76RcI85JBEXMQxtOsyH9A+mO4gubD0P+SaaNymPeSv
0xYTjJUZ141NOwv5lNW73qz+q/MwjYswLYTsE6x3lZXSs2mHQxMKLRv+HPVmaHL5
Tb9LzBxlgFPZ7PVLcRsq+3YI7Q9vI7cCZjhgaUYPaXDwfPPs3CfTMlOwUstUzknp
USHTbiSCZw7PxOpx+kxch+suwtO/rwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGgD
/Nt5BIdfE9yhdxNoH56/3/a0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MzQyNUU0NjVDQUQxMUYwQkZGRDFBQUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSZMA0GCSqGSIb3DQEB
CwUAA4IBAQCxEzJoGakS6xc9Sd1JO5ZcNma2dILfDkQbC46oXO5M2B/c0rxZWsQJ
RhedEc5Ufe85cGYNV62tNQTyUoE6p9QJLYKw6uevh3sutIzO6mIWmAdXuIGbYqbY
N4xmeK6LgVLT7wOoYZ5TrjPYDR2UMmkLLaNP92TypKYbMwZ0kveEmGwE+DTMnjgp
6sHUkaU92gaF5pIohmz3E4iwyIV03vmu/qsxB1WqpBPNrbI52+gg8yXtjJK0fvUS
F1774vlJSt36iX9DvwS9afbq3wcaUqUQOlEtuVAnFQPKioqr2KOZQmsqkmzKR3E8
MNeeF+J6TzFDMV8MQzTecNI7qItA4LO1
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:33:13 2025 by rpki-client