Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661A89FE5E5111F087450AA5DAE4EC9C.roa
File: 661A89FE5E5111F087450AA5DAE4EC9C.roa (raw, json)
Hash identifier: 5RQen1DUMLrW/xfoGxUm1rlSY83EWsdv63K/Y0ITWqA=
Subject key identifier: FD:FC:A0:FC:BC:EB:EF:29:9B:5E:F4:C1:5C:42:5C:D2:BA:70:0C:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D6E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661A89FE5E5111F087450AA5DAE4EC9C.roa
Signing time: Fri 11 Jul 2025 12:20:15 +0000
ROA not before: Fri 11 Jul 2025 12:20:06 +0000
ROA not after: Thu 14 Aug 2025 12:20:06 +0000
asID: 139880
IP address blocks: 154.82.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101742 (0x18d6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 12:20:06 2025 GMT
Not After : Aug 14 12:20:06 2025 GMT
Subject: CN=6871017f-2775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:c7:2c:16:c6:b5:4f:a7:5c:16:6d:4d:e3:
33:5c:d2:2c:be:d1:2b:d7:9e:f2:08:08:b0:f0:17:
0a:90:49:17:22:f5:be:73:c4:46:55:87:ee:ce:fe:
24:9c:ff:ee:25:28:9a:3e:98:19:5f:44:27:80:37:
b3:c8:db:48:3d:50:db:b4:80:31:3b:96:a2:f3:8b:
c1:21:e6:90:2b:6b:26:1b:7e:50:d5:a4:bd:27:9a:
b8:96:29:0a:10:2f:fb:cc:78:99:ac:1c:6c:c9:af:
b7:8c:2a:b9:db:8d:86:5f:88:ee:ca:3b:72:fc:90:
d3:d4:c8:e5:5a:f2:ed:de:ac:e5:4b:e1:27:f5:52:
46:8b:1a:0e:c6:43:cf:95:d7:e5:b6:e4:7b:36:58:
b0:0a:2c:ea:c0:79:77:72:d7:2d:1a:38:43:4b:32:
2d:05:b3:50:9d:2a:9c:8c:ea:83:e2:3c:00:38:1c:
69:8c:cf:cf:ad:6a:31:d1:25:42:09:bb:f7:b7:af:
33:26:78:3e:aa:42:5d:97:83:ad:2f:cf:98:b3:57:
4a:95:f1:3d:df:3e:f9:e6:c0:b6:a8:d3:d8:5f:f8:
78:05:69:81:a7:2b:9f:c0:06:08:1d:e6:b1:3d:48:
6b:3f:7c:ca:44:ef:d3:58:53:d4:af:4f:26:32:07:
44:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FC:A0:FC:BC:EB:EF:29:9B:5E:F4:C1:5C:42:5C:D2:BA:70:0C:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661A89FE5E5111F087450AA5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:fa:f5:37:ed:39:a4:b3:96:e2:e5:84:76:48:ad:57:15:2e:
1c:6b:72:be:3e:44:1d:40:cb:eb:32:41:5c:a1:e7:75:3e:e2:
33:f7:dd:50:56:7b:64:f3:dd:47:00:4d:77:c9:df:fc:ff:03:
6a:26:b4:c2:27:e0:e9:0f:8f:21:d8:bf:d0:07:42:8d:7a:4f:
da:61:13:48:55:9d:af:1b:70:4d:53:4d:7b:b9:57:2a:99:f5:
52:7c:88:3b:76:50:73:c5:24:80:06:ee:46:05:ea:ce:c7:76:
b8:00:fb:ae:43:06:3b:c2:15:86:05:ac:1d:e0:24:72:a3:10:
c8:1f:3a:51:1f:bc:bc:c4:70:0b:da:55:5c:85:46:3f:fd:e6:
1b:48:ba:b3:e3:fc:da:d8:ff:b3:19:f4:1b:48:2b:55:e3:4c:
76:56:d9:f1:b1:71:b1:cb:8a:d4:7f:29:f6:c4:36:9f:01:6d:
93:94:2f:b5:ed:32:70:71:34:80:26:df:5a:ca:29:11:f3:68:
52:b9:11:a1:de:fa:f9:2a:72:29:d2:6e:bf:ab:ff:2e:10:16:
48:22:e2:b1:85:94:25:3c:89:39:09:3b:bc:77:20:74:85:a1:
e3:2f:6a:f0:40:24:dd:28:be:0e:d1:c2:7f:5e:55:a4:e1:78:
48:a3:39:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY1uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTIyMDA2WhcNMjUwODE0MTIyMDA2WjAYMRYw
FAYDVQQDEw02ODcxMDE3Zi0yNzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApFzHLBbGtU+nXBZtTeMzXNIsvtEr157yCAiw8BcKkEkXIvW+c8RGVYfu
zv4knP/uJSiaPpgZX0QngDezyNtIPVDbtIAxO5ai84vBIeaQK2smG35Q1aS9J5q4
likKEC/7zHiZrBxsya+3jCq5242GX4juyjty/JDT1MjlWvLt3qzlS+En9VJGixoO
xkPPldfltuR7NliwCizqwHl3ctctGjhDSzItBbNQnSqcjOqD4jwAOBxpjM/PrWox
0SVCCbv3t68zJng+qkJdl4OtL8+Ys1dKlfE93z755sC2qNPYX/h4BWmBpyufwAYI
HeaxPUhrP3zKRO/TWFPUr08mMgdEdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP38
oPy86+8pm170wVxCXNK6cAzCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjFBODlGRTVFNTExMUYwODc0NTBBQTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlIgMA0GCSqGSIb3DQEB
CwUAA4IBAQCy+vU37Tmks5bi5YR2SK1XFS4ca3K+PkQdQMvrMkFcoed1PuIz991Q
Vntk891HAE13yd/8/wNqJrTCJ+DpD48h2L/QB0KNek/aYRNIVZ2vG3BNU017uVcq
mfVSfIg7dlBzxSSABu5GBerOx3a4APuuQwY7whWGBawd4CRyoxDIHzpRH7y8xHAL
2lVchUY//eYbSLqz4/za2P+zGfQbSCtV40x2VtnxsXGxy4rUfyn2xDafAW2TlC+1
7TJwcTSAJt9ayikR82hSuRGh3vr5KnIp0m6/q/8uEBZIIuKxhZQlPIk5CTu8dyB0
haHjL2rwQCTdKL4O0cJ/XlWk4XhIoznD
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:49 2025 by rpki-client