Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6670E8E0591411F0B2D65BB0DAE4EC9C.roa
File: 6670E8E0591411F0B2D65BB0DAE4EC9C.roa (raw, json)
Hash identifier: iHBzmIEEVfMG1twi6N458tXXLD1Nyg+CW0DxtgloH/U=
Subject key identifier: 68:01:D8:7B:A5:1E:9D:9C:E1:0B:8F:59:F4:3B:EA:AD:38:F1:A3:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AB0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6670E8E0591411F0B2D65BB0DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 20:21:00 +0000
ROA not before: Fri 04 Jul 2025 20:20:55 +0000
ROA not after: Fri 17 Jul 2026 20:20:55 +0000
asID: 214432
IP address blocks: 154.193.208.0/24 maxlen: 24
154.193.209.0/24 maxlen: 24
154.193.210.0/24 maxlen: 24
154.193.211.0/24 maxlen: 24
154.193.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101040 (0x18ab0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 20:20:55 2025 GMT
Not After : Jul 17 20:20:55 2026 GMT
Subject: CN=686837ac-dbca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9a:64:33:f5:eb:0e:30:9b:83:8c:b3:cc:41:
12:19:94:89:e3:c8:7c:f2:1c:d7:f2:6d:6e:33:ce:
9b:15:ae:0a:db:21:76:0f:b6:c3:4c:22:8b:4d:15:
78:2b:9d:db:64:25:f9:bc:73:dc:82:ec:6d:8e:79:
98:8c:71:2b:e0:78:e3:fd:0a:e0:47:a4:f1:2e:89:
46:2f:24:d2:02:49:86:43:c9:3c:df:e1:dc:c0:de:
82:71:44:3c:8f:a6:47:ef:65:2c:5d:b0:28:40:66:
ef:77:14:43:c8:5a:8d:21:90:76:e2:0e:9b:36:f8:
b9:6e:5d:b2:91:be:d0:9e:5a:40:41:7e:d5:c6:55:
a0:00:5a:1f:29:4b:5f:c6:8b:81:ea:2b:4b:98:bf:
49:6d:95:06:1a:a4:10:9a:d3:40:d6:23:9e:4d:e3:
d6:3a:49:ef:6e:f6:0a:ec:66:50:3a:d7:ce:67:69:
f1:f4:7c:d8:4d:71:08:03:d0:7b:56:6d:b6:70:65:
1f:e4:51:ad:55:15:b8:db:4f:6d:a1:35:9a:a6:ba:
88:57:3b:00:b0:bc:2b:39:2c:42:80:09:40:2b:f9:
5d:de:9e:92:c2:87:18:4c:6d:19:37:f9:bb:32:f7:
da:42:9c:5d:32:b3:34:9c:15:3e:3d:20:b1:d3:9b:
74:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:01:D8:7B:A5:1E:9D:9C:E1:0B:8F:59:F4:3B:EA:AD:38:F1:A3:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6670E8E0591411F0B2D65BB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.208.0/22
154.193.247.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:20:c8:7c:50:56:c6:ac:85:f8:91:dc:6e:cd:11:53:99:bc:
2c:4d:6f:b8:6e:6b:b0:db:ca:74:ef:ba:3f:b0:07:73:18:6b:
42:bf:32:e9:9f:0a:8c:ad:83:b5:bd:6d:8a:4b:f4:45:61:5b:
af:49:20:4d:0e:b6:fb:5a:4a:cd:6d:0e:6f:61:09:a3:3d:6a:
17:72:dd:40:60:8e:82:70:b4:52:1f:e2:95:d2:12:7d:9c:1b:
43:92:57:f2:8b:b1:f3:90:57:92:75:23:fa:37:e6:b6:97:fe:
ef:98:b7:57:27:73:c3:6d:fa:12:53:4c:da:64:34:c7:64:de:
a8:09:fd:ce:4a:33:58:21:9d:68:83:2e:bb:cd:4f:25:03:86:
32:14:53:b3:25:96:3a:c9:1f:9a:66:5b:ce:75:35:90:4f:01:
df:b5:f5:bc:91:80:32:c4:a2:b7:13:81:01:97:95:0c:f5:fb:
20:6f:cf:75:4f:cd:66:44:d4:41:08:b3:9a:ed:aa:e8:18:c1:
e7:3c:c3:00:e9:1c:cc:24:d3:a2:72:c5:8d:04:a5:c0:70:89:
c9:6e:1a:01:a4:f7:f0:f5:06:e1:0b:a4:f9:80:dc:bd:35:54:
b2:6b:bb:78:9d:f9:17:8e:c9:0f:ad:9f:7d:db:a9:3e:b1:05:
49:bd:e8:bd
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYqwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MjAyMDU1WhcNMjYwNzE3MjAyMDU1WjAYMRYw
FAYDVQQDEw02ODY4MzdhYy1kYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr5pkM/XrDjCbg4yzzEESGZSJ48h88hzX8m1uM86bFa4K2yF2D7bDTCKL
TRV4K53bZCX5vHPcguxtjnmYjHEr4Hjj/QrgR6TxLolGLyTSAkmGQ8k83+HcwN6C
cUQ8j6ZH72UsXbAoQGbvdxRDyFqNIZB24g6bNvi5bl2ykb7QnlpAQX7VxlWgAFof
KUtfxouB6itLmL9JbZUGGqQQmtNA1iOeTePWOknvbvYK7GZQOtfOZ2nx9HzYTXEI
A9B7Vm22cGUf5FGtVRW4209toTWaprqIVzsAsLwrOSxCgAlAK/ld3p6SwocYTG0Z
N/m7MvfaQpxdMrM0nBU+PSCx05t0WwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGgB
2HulHp2c4QuPWfQ76q048aMNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjcwRThFMDU5MTQxMUYwQjJENjVCQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsHQAwQAmsH3MA0GCSqG
SIb3DQEBCwUAA4IBAQCbIMh8UFbGrIX4kdxuzRFTmbwsTW+4bmuw28p077o/sAdz
GGtCvzLpnwqMrYO1vW2KS/RFYVuvSSBNDrb7WkrNbQ5vYQmjPWoXct1AYI6CcLRS
H+KV0hJ9nBtDklfyi7HzkFeSdSP6N+a2l/7vmLdXJ3PDbfoSU0zaZDTHZN6oCf3O
SjNYIZ1ogy67zU8lA4YyFFOzJZY6yR+aZlvOdTWQTwHftfW8kYAyxKK3E4EBl5UM
9fsgb891T81mRNRBCLOa7aroGMHnPMMA6RzMJNOicsWNBKXAcInJbhoBpPfw9Qbh
C6T5gNy9NVSya7t4nfkXjskPrZ9926k+sQVJvei9
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:37:24 2025 by rpki-client