Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67B8C6045B0E11F0B3A4EE9ADAE4EC9C.roa
File: 67B8C6045B0E11F0B3A4EE9ADAE4EC9C.roa (raw, json)
Hash identifier: Ni3MgZVb207SzrBB6ow6vaGZPz05MVTDhEk/UP3/dKI=
Subject key identifier: 78:8A:27:BB:1D:22:CE:67:A9:54:57:BD:BD:6D:93:70:29:41:54:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BFE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67B8C6045B0E11F0B3A4EE9ADAE4EC9C.roa
Signing time: Mon 07 Jul 2025 08:43:08 +0000
ROA not before: Mon 07 Jul 2025 08:43:03 +0000
ROA not after: Fri 08 Aug 2025 08:43:03 +0000
asID: 14315
IP address blocks: 154.196.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101374 (0x18bfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 08:43:03 2025 GMT
Not After : Aug 8 08:43:03 2025 GMT
Subject: CN=686b889c-2fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4a:01:87:82:7c:58:99:0e:a1:08:c3:0b:a7:
4c:a6:23:57:8e:06:ba:7c:e5:fb:c6:33:e1:ec:19:
da:17:a6:1b:84:58:77:31:df:e3:68:83:65:22:7b:
89:7a:91:01:8d:a8:a0:79:b0:b1:a1:fd:ba:55:a6:
cf:08:ae:a8:64:df:41:e0:5a:31:9c:02:02:0c:3e:
5e:05:6b:ca:b8:c8:d2:8e:a7:25:26:73:c7:0d:19:
5e:42:cf:ea:05:ae:21:94:c9:0c:9f:27:9c:0b:1d:
f8:ca:9d:77:6f:92:f3:a1:74:b8:0c:d5:f7:ce:5e:
06:2e:d4:e1:30:79:0c:df:56:1a:2c:1a:17:58:d3:
5b:cd:41:7a:94:fe:c9:ee:39:96:91:0f:b4:df:b6:
49:21:5a:c8:57:25:30:14:5e:4a:b5:e5:c4:34:a7:
43:16:cd:16:09:20:50:a0:1b:da:6d:60:fd:23:80:
51:5b:50:6d:7e:ca:f7:b4:4a:f1:51:ad:22:c6:1f:
05:e3:e0:36:d2:56:74:99:f4:84:86:ae:1a:70:93:
12:34:70:8a:32:a4:91:ae:71:e3:43:a2:16:c1:7e:
b8:44:2d:4f:af:87:b2:6f:9b:2a:8f:cb:a7:cf:6e:
7a:71:a0:a4:c5:fa:f0:28:43:4e:06:0d:0e:07:b4:
a5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8A:27:BB:1D:22:CE:67:A9:54:57:BD:BD:6D:93:70:29:41:54:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/67B8C6045B0E11F0B3A4EE9ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:63:61:6a:91:6e:e1:8c:ad:64:3e:83:24:ee:c0:3a:be:3d:
cd:54:14:a2:82:9c:90:e2:ca:20:75:b7:66:70:9a:cb:2f:b5:
e0:eb:4b:e1:c9:6d:65:57:99:ac:7d:95:90:aa:5a:0d:5b:8b:
df:ff:fb:2d:30:36:c6:7c:ca:e4:30:96:27:07:35:1c:da:17:
25:ef:79:af:64:e0:2a:c2:d5:18:7b:1c:7c:9e:a4:29:7d:c2:
7c:51:a2:31:48:08:5f:2e:b9:97:d1:30:1e:93:fd:3b:50:38:
b3:eb:37:49:d6:20:2e:d9:e8:f5:2c:12:f1:7e:74:af:52:89:
36:98:4a:72:b7:6a:3a:56:98:16:3a:de:f2:23:ca:fe:05:b6:
26:dd:48:ca:34:ec:59:d8:9d:66:7d:bb:20:7d:f4:54:30:c4:
9d:dd:bc:60:c9:0e:9a:c8:6d:4c:57:d1:d4:8e:dd:8a:6f:5e:
ba:02:d8:de:66:87:f0:90:ed:cd:dc:c4:a7:5c:3d:e0:e1:e8:
b5:85:3a:be:90:14:1e:cc:23:ce:6d:e9:b5:17:15:f2:c5:a4:
3a:94:b1:7f:ba:e0:3f:ac:2a:45:ff:d1:c1:d6:c8:3e:71:be:
b5:dc:61:4c:2f:9c:e0:be:99:4a:4b:77:b3:18:8d:98:bb:40:
04:9b:dd:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYv+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MDg0MzAzWhcNMjUwODA4MDg0MzAzWjAYMRYw
FAYDVQQDEw02ODZiODg5Yy0yZmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0UoBh4J8WJkOoQjDC6dMpiNXjga6fOX7xjPh7BnaF6YbhFh3Md/jaINl
InuJepEBjaigebCxof26VabPCK6oZN9B4FoxnAICDD5eBWvKuMjSjqclJnPHDRle
Qs/qBa4hlMkMnyecCx34yp13b5LzoXS4DNX3zl4GLtThMHkM31YaLBoXWNNbzUF6
lP7J7jmWkQ+037ZJIVrIVyUwFF5KteXENKdDFs0WCSBQoBvabWD9I4BRW1Btfsr3
tErxUa0ixh8F4+A20lZ0mfSEhq4acJMSNHCKMqSRrnHjQ6IWwX64RC1Pr4eyb5sq
j8unz256caCkxfrwKENOBg0OB7SlZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHiK
J7sdIs5nqVRXvb1tk3ApQVQnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82N0I4QzYwNDVCMEUxMUYwQjNBNEVFOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsQIMA0GCSqGSIb3DQEB
CwUAA4IBAQC0Y2FqkW7hjK1kPoMk7sA6vj3NVBSigpyQ4sogdbdmcJrLL7Xg60vh
yW1lV5msfZWQqloNW4vf//stMDbGfMrkMJYnBzUc2hcl73mvZOAqwtUYexx8nqQp
fcJ8UaIxSAhfLrmX0TAek/07UDiz6zdJ1iAu2ej1LBLxfnSvUok2mEpyt2o6VpgW
Ot7yI8r+BbYm3UjKNOxZ2J1mfbsgffRUMMSd3bxgyQ6ayG1MV9HUjt2Kb166Atje
ZofwkO3N3MSnXD3g4ei1hTq+kBQezCPObem1FxXyxaQ6lLF/uuA/rCpF/9HB1sg+
cb613GFML5zgvplKS3ezGI2Yu0AEm91i
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:21 2025 by rpki-client