Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/77E2DF5E5D0411F0B6EFDAD7DAE4EC9C.roa
File: 77E2DF5E5D0411F0B6EFDAD7DAE4EC9C.roa (raw, json)
Hash identifier: w34nb+6zmPSPApZ/+E66vs1U27aDsnJfqJnCd2g2QFw=
Subject key identifier: 2D:48:41:E2:69:6F:7B:6C:67:55:C1:69:F7:64:B2:DE:BB:86:76:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D12
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/77E2DF5E5D0411F0B6EFDAD7DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 20:37:03 +0000
ROA not before: Wed 09 Jul 2025 20:36:57 +0000
ROA not after: Sun 24 Aug 2025 20:36:57 +0000
asID: 8796
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101650 (0x18d12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 20:36:57 2025 GMT
Not After : Aug 24 20:36:57 2025 GMT
Subject: CN=686ed2ee-5f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a1:79:7c:51:bf:02:04:44:3a:da:00:da:8b:
fd:5b:e5:01:c0:25:b4:76:6d:04:86:5d:0b:21:31:
98:05:75:20:f7:61:bd:f4:a0:9d:e2:6a:e8:12:0b:
99:f0:2e:9b:68:2a:10:6c:bf:fd:82:b0:31:72:95:
ef:ea:47:92:da:f6:9e:63:76:4d:1b:63:42:83:5f:
d3:28:d3:42:e3:d7:1b:d5:f5:35:fc:55:65:5c:50:
9b:f9:74:4c:c0:9e:7d:92:7f:22:7a:6c:ea:4e:69:
bf:26:2c:29:7d:b4:c6:89:94:f9:0b:bd:a9:6a:33:
7b:c8:01:14:39:5c:21:93:1a:0f:82:78:2a:94:0e:
22:81:91:de:43:53:e5:9b:98:11:b3:0d:3f:d3:85:
23:b0:18:e9:d0:0d:12:ad:a7:6e:0e:0d:bf:03:3b:
5b:66:e9:cf:b0:a9:88:9a:5a:80:9d:ce:30:88:a1:
7c:d1:f9:86:d6:dc:fe:63:c7:23:54:3f:53:1c:f6:
2f:f7:81:35:31:de:1f:c9:bb:ae:e6:14:61:84:76:
0c:98:77:6e:ba:84:ad:e2:e1:0b:e7:2f:8b:ed:88:
c1:48:d1:d8:f4:16:29:31:0c:5b:45:5f:9e:5c:de:
79:21:eb:86:50:a0:2b:63:f8:65:c5:d8:3c:dc:b2:
c5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:48:41:E2:69:6F:7B:6C:67:55:C1:69:F7:64:B2:DE:BB:86:76:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/77E2DF5E5D0411F0B6EFDAD7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0a:db:48:e0:19:ac:bd:96:93:53:81:e2:f7:60:10:e8:75:
62:81:0c:ab:a8:e1:b6:da:0d:80:f0:34:f5:46:30:92:cc:cf:
4b:8b:9b:de:db:69:45:b0:13:fc:22:5b:a5:d4:fa:bd:22:e8:
09:1f:4c:4a:70:b3:d0:2f:b9:1b:5a:95:0c:2a:95:e7:e9:30:
16:6d:a4:71:dc:85:da:ca:7c:0b:84:25:13:33:11:54:29:59:
1a:54:2b:d7:fc:4e:d9:a9:cc:31:e5:80:18:bf:4e:35:cd:2b:
83:a0:c0:8c:b1:33:fa:c5:4a:68:85:4f:5c:31:73:0e:e7:c9:
bb:fc:4a:2d:05:76:bc:1e:88:44:78:ef:36:fa:91:0b:df:e9:
39:dd:96:cb:c4:3a:70:6a:9f:a2:9a:ae:8c:53:40:6c:d0:c5:
dc:8b:8a:ab:59:a2:3a:85:4d:03:23:4a:b5:ce:28:52:ca:54:
a8:24:1b:b7:56:1e:a3:49:e9:8a:e0:11:18:70:b5:05:d8:0e:
83:19:71:bb:76:a9:48:3a:88:42:c8:bb:90:ad:20:c4:b3:f8:
ac:24:66:81:3a:c1:15:49:e2:23:33:56:e8:4b:9e:6b:11:ce:
1e:42:f0:e8:0e:56:d3:e6:ee:f0:d1:24:ee:35:6f:4a:d4:b8:
7c:f7:4b:84
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAY0SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MjAzNjU3WhcNMjUwODI0MjAzNjU3WjAYMRYw
FAYDVQQDEw02ODZlZDJlZS01Zjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn6F5fFG/AgREOtoA2ov9W+UBwCW0dm0Ehl0LITGYBXUg92G99KCd4mro
EguZ8C6baCoQbL/9grAxcpXv6keS2vaeY3ZNG2NCg1/TKNNC49cb1fU1/FVlXFCb
+XRMwJ59kn8iemzqTmm/JiwpfbTGiZT5C72pajN7yAEUOVwhkxoPgngqlA4igZHe
Q1Plm5gRsw0/04UjsBjp0A0SraduDg2/AztbZunPsKmImlqAnc4wiKF80fmG1tz+
Y8cjVD9THPYv94E1Md4fybuu5hRhhHYMmHduuoSt4uEL5y+L7YjBSNHY9BYpMQxb
RV+eXN55IeuGUKArY/hlxdg83LLFfQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFC1I
QeJpb3tsZ1XBafdkst67hnaXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83N0UyREY1RTVEMDQxMUYwQjZFRkRBRDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAH0K20jgGay9lpNTgeL3YBDodWKBDKuo4bba
DYDwNPVGMJLMz0uLm97baUWwE/wiW6XU+r0i6AkfTEpws9AvuRtalQwqlefpMBZt
pHHchdrKfAuEJRMzEVQpWRpUK9f8TtmpzDHlgBi/TjXNK4OgwIyxM/rFSmiFT1wx
cw7nybv8Si0FdrweiER47zb6kQvf6TndlsvEOnBqn6KaroxTQGzQxdyLiqtZojqF
TQMjSrXOKFLKVKgkG7dWHqNJ6YrgERhwtQXYDoMZcbt2qUg6iELIu5CtIMSz+Kwk
ZoE6wRVJ4iMzVuhLnmsRzh5C8OgOVtPm7vDRJO41b0rUuHz3S4Q=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:48 2025 by rpki-client