Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/674B35145B4811F0A1F8228EDAE4EC9C.roa
File: 674B35145B4811F0A1F8228EDAE4EC9C.roa (raw, json)
Hash identifier: TUxx5ssKTDlSSEBNnAV31O47o2lGi3dvguWyt8meE34=
Subject key identifier: BA:D8:E3:F7:8E:01:C8:91:AB:79:1E:70:A7:31:10:CA:C8:11:3B:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C26
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/674B35145B4811F0A1F8228EDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 15:38:18 +0000
ROA not before: Mon 07 Jul 2025 15:38:13 +0000
ROA not after: Fri 15 Aug 2025 15:38:13 +0000
asID: 23470
IP address blocks: 154.194.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101414 (0x18c26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 15:38:13 2025 GMT
Not After : Aug 15 15:38:13 2025 GMT
Subject: CN=686be9ea-ef99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:76:e7:eb:21:95:26:cd:bd:00:11:20:7c:aa:
38:1f:bc:e3:ee:d5:d9:c4:77:0c:f3:58:a0:9e:63:
6c:b8:4f:08:f6:fb:e5:8a:5c:a0:81:f1:f0:50:47:
8d:67:86:65:20:03:3c:39:37:31:2b:d7:6a:2d:1e:
d5:1e:1f:c6:09:8d:96:9c:d0:b8:e9:87:5d:16:1e:
b8:2c:20:7e:f3:1f:90:16:c0:86:ca:29:6a:a6:b8:
1f:c4:f2:9e:73:5a:1f:c4:95:3c:eb:95:cd:33:fe:
a6:65:05:ec:bb:36:7e:be:93:fd:c4:ab:bd:f5:9f:
8e:ae:3d:77:1f:03:63:e3:c4:5e:0c:32:cf:20:8e:
5c:cb:54:4e:28:b5:b4:3f:10:1c:ef:69:51:ad:4f:
71:05:22:53:b9:7b:8c:f4:c3:73:6a:d8:91:0e:50:
69:a4:ac:dd:39:be:eb:da:1e:2f:dc:65:9a:cf:28:
42:c5:3c:3d:73:e1:4a:bd:0f:c0:0e:35:a8:53:fb:
3e:e6:7d:14:5d:44:20:27:d0:08:64:54:72:e8:95:
a2:0b:fa:38:7d:0e:60:81:3a:bc:05:91:13:39:7a:
db:2f:92:0e:19:09:71:51:1f:50:56:f6:e6:72:ea:
41:ec:12:67:db:ec:a8:bb:f1:52:01:92:83:d6:a2:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D8:E3:F7:8E:01:C8:91:AB:79:1E:70:A7:31:10:CA:C8:11:3B:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/674B35145B4811F0A1F8228EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.57.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b0:70:de:37:c2:07:91:2e:5f:1e:e9:72:9f:4e:69:02:86:
b8:c3:30:38:6a:f3:24:41:06:ae:2e:2e:6e:fb:40:26:60:ea:
e7:8c:81:2f:26:3d:b6:41:f3:09:b5:65:19:c3:bf:e8:cb:5f:
7a:ce:93:e5:54:4b:06:53:64:93:85:64:77:a5:0d:49:a5:c1:
53:fa:17:02:c1:07:65:f1:04:1d:ae:a8:b3:fd:a2:b3:1c:8b:
a2:3e:26:2d:2a:d1:fb:a7:15:26:c5:4f:1a:b6:68:8d:ed:2d:
b9:a1:a4:a7:24:05:0e:ec:82:f3:fc:17:49:45:41:e4:44:c7:
7f:50:33:28:94:fb:39:9b:46:a8:ed:28:40:81:c9:95:52:73:
23:4d:de:b2:3d:0a:c4:fd:a8:9d:b1:45:78:b7:f2:00:52:03:
4b:63:05:96:54:48:61:d4:50:b1:bf:ef:0e:af:43:ce:83:13:
d3:fd:bf:ee:17:fd:58:b7:09:ce:a6:46:fe:24:85:5f:a2:66:
ce:2e:67:92:d1:47:b2:29:23:a0:48:b1:a9:63:f7:7a:19:d0:
4d:73:52:b4:e7:91:1f:bc:73:a3:aa:7c:71:8e:d7:81:c0:1c:
1d:fd:9a:3a:af:fe:0b:24:e6:cd:62:de:3c:39:c6:a7:f3:6b:
76:cb:8d:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTUzODEzWhcNMjUwODE1MTUzODEzWjAYMRYw
FAYDVQQDEw02ODZiZTllYS1lZjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwnbn6yGVJs29ABEgfKo4H7zj7tXZxHcM81ignmNsuE8I9vvlilyggfHw
UEeNZ4ZlIAM8OTcxK9dqLR7VHh/GCY2WnNC46YddFh64LCB+8x+QFsCGyilqprgf
xPKec1ofxJU865XNM/6mZQXsuzZ+vpP9xKu99Z+Orj13HwNj48ReDDLPII5cy1RO
KLW0PxAc72lRrU9xBSJTuXuM9MNzatiRDlBppKzdOb7r2h4v3GWazyhCxTw9c+FK
vQ/ADjWoU/s+5n0UXUQgJ9AIZFRy6JWiC/o4fQ5ggTq8BZETOXrbL5IOGQlxUR9Q
VvbmcupB7BJn2+you/FSAZKD1qLQxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLrY
4/eOAciRq3kecKcxEMrIETsXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzRCMzUxNDVCNDgxMUYwQTFGODIyOEVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI5MA0GCSqGSIb3DQEB
CwUAA4IBAQAXsHDeN8IHkS5fHulyn05pAoa4wzA4avMkQQauLi5u+0AmYOrnjIEv
Jj22QfMJtWUZw7/oy196zpPlVEsGU2SThWR3pQ1JpcFT+hcCwQdl8QQdrqiz/aKz
HIuiPiYtKtH7pxUmxU8atmiN7S25oaSnJAUO7ILz/BdJRUHkRMd/UDMolPs5m0ao
7ShAgcmVUnMjTd6yPQrE/aidsUV4t/IAUgNLYwWWVEhh1FCxv+8Or0POgxPT/b/u
F/1YtwnOpkb+JIVfombOLmeS0UeyKSOgSLGpY/d6GdBNc1K055EfvHOjqnxxjteB
wBwd/Zo6r/4LJObNYt48Ocan82t2y42E
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:15 2025 by rpki-client