Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FA9CB085D0A11F0AE436B80DAE4EC9C.roa
File: 6FA9CB085D0A11F0AE436B80DAE4EC9C.roa (raw, json)
Hash identifier: KDgcB8EadAYqYPK1uqqGRqlZmavas1RlzyVsr3FT4vI=
Subject key identifier: 77:7A:D3:95:33:3A:BE:BF:6D:53:55:D1:F8:8A:8A:BF:83:3B:E6:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FA9CB085D0A11F0AE436B80DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 21:19:46 +0000
ROA not before: Wed 09 Jul 2025 21:19:41 +0000
ROA not after: Sun 24 Aug 2025 21:19:41 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
154.89.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101662 (0x18d1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 21:19:41 2025 GMT
Not After : Aug 24 21:19:41 2025 GMT
Subject: CN=686edcf2-5d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a6:96:70:e4:54:0b:cb:98:94:53:90:39:35:
e3:89:49:db:ee:4f:b0:7e:24:5f:db:29:c0:a5:10:
a9:70:9f:9e:d8:60:10:43:39:68:de:c4:d3:11:fa:
d9:80:83:f1:7f:be:ce:2f:90:20:0b:2e:33:4f:e6:
fc:71:88:0f:68:f0:67:c3:2e:3b:bb:d5:66:9d:4f:
1b:9b:9b:7d:cf:3b:cd:53:98:b7:ed:ff:c6:f7:b5:
03:74:aa:7c:14:b4:38:38:d4:83:c0:b4:75:44:80:
a7:65:9e:38:c9:b1:f9:2b:1b:5b:00:27:8b:45:28:
ef:55:f9:74:88:81:3e:ba:8d:77:a8:c3:fa:f6:ea:
92:eb:d8:f9:4c:57:11:fc:c3:6c:ae:63:49:0b:94:
09:68:7e:fd:53:97:14:26:d9:98:94:5f:ab:84:88:
92:b4:90:c8:6f:f9:df:07:48:c0:9a:2f:82:76:e2:
05:83:af:f9:a8:45:bb:4b:ef:ec:b3:f3:ba:12:04:
3c:fc:0f:36:6b:77:16:10:4e:23:24:26:c3:cd:ba:
b0:ff:4b:84:cc:7d:66:d8:56:13:5f:97:1a:e1:05:
41:96:a4:12:48:ca:59:0f:c6:39:91:bf:2c:b8:b2:
90:1f:df:9d:c8:75:94:be:2d:e2:d9:89:fa:eb:3e:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7A:D3:95:33:3A:BE:BF:6D:53:55:D1:F8:8A:8A:BF:83:3B:E6:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6FA9CB085D0A11F0AE436B80DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
154.89.200.0/21
Signature Algorithm: sha256WithRSAEncryption
c7:4a:2d:f5:7b:c1:aa:ef:38:15:bf:d7:2a:3e:26:4f:48:c0:
66:96:35:4a:fb:5a:23:f1:f9:38:b0:09:6d:f2:f2:c3:52:d1:
bc:f3:97:96:38:df:9c:16:09:67:69:6e:8d:ba:04:3f:01:29:
34:9d:dd:eb:3d:89:66:de:55:bb:4b:bb:24:f1:01:77:8a:13:
64:26:94:74:a6:56:d9:f9:b4:12:67:42:9f:23:76:4a:63:86:
01:c3:a5:16:13:5f:5c:fd:a3:a7:98:91:84:75:e3:56:a3:93:
19:c1:d3:83:46:b9:3c:18:e4:66:f2:95:0f:a5:5a:a2:0c:4d:
9c:90:eb:59:b5:97:c9:e7:cf:ff:46:75:d2:a1:c1:ae:b4:cb:
18:c5:9d:aa:49:cc:e7:54:da:6f:e2:64:09:de:d9:84:75:42:
8e:5c:9b:d5:06:b3:99:1d:0b:38:17:42:1b:a9:da:bb:ab:36:
6d:31:95:9c:b8:9c:a9:5e:3e:12:36:79:78:1e:da:e9:44:d2:
e5:a6:ec:ba:13:c3:cf:4c:05:d7:c7:28:0d:94:93:d3:98:83:
af:2b:8d:13:a6:de:52:2e:e9:05:63:f6:80:c9:d5:0c:13:4c:
01:7f:d8:c3:8e:89:47:6f:c8:4e:88:70:b5:f5:37:a1:5c:b9:
a0:8a:62:fa
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAY0eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MjExOTQxWhcNMjUwODI0MjExOTQxWjAYMRYw
FAYDVQQDEw02ODZlZGNmMi01ZDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4KaWcORUC8uYlFOQOTXjiUnb7k+wfiRf2ynApRCpcJ+e2GAQQzlo3sTT
EfrZgIPxf77OL5AgCy4zT+b8cYgPaPBnwy47u9VmnU8bm5t9zzvNU5i37f/G97UD
dKp8FLQ4ONSDwLR1RICnZZ44ybH5KxtbACeLRSjvVfl0iIE+uo13qMP69uqS69j5
TFcR/MNsrmNJC5QJaH79U5cUJtmYlF+rhIiStJDIb/nfB0jAmi+CduIFg6/5qEW7
S+/ss/O6EgQ8/A82a3cWEE4jJCbDzbqw/0uEzH1m2FYTX5ca4QVBlqQSSMpZD8Y5
kb8suLKQH9+dyHWUvi3i2Yn66z7EqwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHd6
05UzOr6/bVNV0fiKir+DO+aSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RkE5Q0IwODVEMEExMUYwQUU0MzZCODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmlmgAwQDmlnIMA0GCSqG
SIb3DQEBCwUAA4IBAQDHSi31e8Gq7zgVv9cqPiZPSMBmljVK+1oj8fk4sAlt8vLD
UtG885eWON+cFglnaW6NugQ/ASk0nd3rPYlm3lW7S7sk8QF3ihNkJpR0plbZ+bQS
Z0KfI3ZKY4YBw6UWE19c/aOnmJGEdeNWo5MZwdODRrk8GORm8pUPpVqiDE2ckOtZ
tZfJ58//RnXSocGutMsYxZ2qScznVNpv4mQJ3tmEdUKOXJvVBrOZHQs4F0Ibqdq7
qzZtMZWcuJypXj4SNnl4HtrpRNLlpuy6E8PPTAXXxygNlJPTmIOvK40Tpt5SLukF
Y/aAydUME0wBf9jDjolHb8hOiHC19TehXLmgimL6
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:46 2025 by rpki-client