Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/819D5A705B4B11F082E990A3DAE4EC9C.roa
File: 819D5A705B4B11F082E990A3DAE4EC9C.roa (raw, json)
Hash identifier: CopA38mPouHzQc7AEiSOoyjUKyZ70TiYlY0RIi67Gpk=
Subject key identifier: 00:8E:BC:0B:A7:00:66:A0:8C:8C:02:8A:7B:C6:6B:40:F2:65:C6:CF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/819D5A705B4B11F082E990A3DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 16:00:31 +0000
ROA not before: Mon 07 Jul 2025 16:00:26 +0000
ROA not after: Sat 16 Aug 2025 16:00:26 +0000
asID: 401696
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101420 (0x18c2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 16:00:26 2025 GMT
Not After : Aug 16 16:00:26 2025 GMT
Subject: CN=686bef1f-3797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:10:cc:d2:63:77:4a:6c:be:fc:b8:f1:b5:
7d:17:95:82:95:4b:9a:13:ce:7a:c3:c0:81:d1:7d:
0f:e0:d7:9a:d4:39:3a:45:8e:ec:e2:70:7b:61:44:
44:33:27:73:9e:1f:91:53:92:6c:02:fa:2c:9e:7d:
f6:86:3e:e9:12:e9:a2:85:1f:51:4d:0c:ea:65:3b:
54:5c:0e:4b:f5:99:f6:ef:7b:1c:71:94:72:ca:d0:
64:95:17:20:b5:6b:17:76:6e:be:f0:39:bc:82:3d:
c3:ea:d7:ab:2a:af:0f:30:c8:19:f5:5f:7d:6f:ac:
08:5c:66:1c:b6:9d:86:32:f0:56:60:03:6f:54:cc:
a9:24:bc:f7:e9:c8:c2:9c:9c:19:d7:38:cf:36:c7:
f7:1c:f7:73:c2:a0:da:ad:f7:8c:1c:bc:75:31:2f:
85:ce:ee:f4:4e:20:fd:e0:da:f4:3c:9b:2a:8f:30:
51:da:fc:a5:a7:c1:60:02:9d:45:35:4a:35:25:d3:
6d:7d:8b:90:89:cc:1c:e3:ae:c7:f0:37:ae:72:14:
c7:70:f0:97:c3:b4:2c:b4:39:68:dc:7e:86:9c:30:
94:e4:20:20:c5:6f:36:1b:b4:cd:f0:e7:c3:91:e7:
93:53:2b:ac:8f:bd:70:9a:44:74:be:08:4c:34:e4:
78:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8E:BC:0B:A7:00:66:A0:8C:8C:02:8A:7B:C6:6B:40:F2:65:C6:CF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/819D5A705B4B11F082E990A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3b:41:b4:e5:4d:2d:6b:c0:70:fb:6d:99:8c:16:3a:98:78:da:
f1:77:37:37:36:7a:23:d1:31:17:7f:9c:6c:72:8c:d2:97:04:
18:a3:21:01:d6:2f:a9:49:40:57:8f:9c:da:98:af:0a:35:02:
80:56:6f:63:9b:4b:e3:52:d4:d8:97:50:bf:66:f8:8c:b1:a2:
98:e7:5a:5a:2f:84:3c:cb:4a:64:ec:1c:25:32:7f:82:2a:e1:
4c:6f:9f:9e:c2:26:4e:9a:75:84:ae:78:53:66:47:42:40:97:
17:a4:c3:8f:9d:96:5e:fb:47:2d:7f:84:f3:f6:fd:53:fe:3b:
ec:69:85:5a:3b:aa:fc:70:46:74:cd:1a:10:07:a0:f8:6c:15:
4e:39:d8:0f:aa:71:ff:2a:6d:a9:54:58:69:bc:78:22:54:7d:
61:9b:ba:05:3f:a7:3f:ac:36:20:70:e7:a1:75:06:1a:16:8c:
b2:32:82:04:28:58:f9:31:85:94:12:57:7c:64:9e:f7:af:46:
ae:4a:69:94:bd:75:7e:dc:0b:74:c4:45:5f:b6:8e:f5:54:0e:
e6:1d:2a:bd:2d:e1:aa:46:bb:01:6a:e5:5c:5c:3b:ac:03:89:
6e:f1:66:9f:12:1c:fb:f6:84:36:76:a3:af:eb:aa:81:64:ef:
7f:ed:99:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTYwMDI2WhcNMjUwODE2MTYwMDI2WjAYMRYw
FAYDVQQDEw02ODZiZWYxZi0zNzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo00QzNJjd0psvvy48bV9F5WClUuaE856w8CB0X0P4Nea1Dk6RY7s4nB7
YUREMydznh+RU5JsAvosnn32hj7pEumihR9RTQzqZTtUXA5L9Zn273sccZRyytBk
lRcgtWsXdm6+8Dm8gj3D6terKq8PMMgZ9V99b6wIXGYctp2GMvBWYANvVMypJLz3
6cjCnJwZ1zjPNsf3HPdzwqDarfeMHLx1MS+Fzu70TiD94Nr0PJsqjzBR2vylp8Fg
Ap1FNUo1JdNtfYuQicwc467H8DeuchTHcPCXw7QstDlo3H6GnDCU5CAgxW82G7TN
8OfDkeeTUyusj71wmkR0vghMNOR4qwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFACO
vAunAGagjIwCinvGa0DyZcbPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MTlENUE3MDVCNEIxMUYwODJFOTkwQTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQA7QbTlTS1rwHD7bZmMFjqYeNrxdzc3Nnoj0TEXf5xscozSlwQYoyEB
1i+pSUBXj5zamK8KNQKAVm9jm0vjUtTYl1C/ZviMsaKY51paL4Q8y0pk7BwlMn+C
KuFMb5+ewiZOmnWErnhTZkdCQJcXpMOPnZZe+0ctf4Tz9v1T/jvsaYVaO6r8cEZ0
zRoQB6D4bBVOOdgPqnH/Km2pVFhpvHgiVH1hm7oFP6c/rDYgcOehdQYaFoyyMoIE
KFj5MYWUEld8ZJ73r0auSmmUvXV+3At0xEVfto71VA7mHSq9LeGqRrsBauVcXDus
A4lu8WafEhz79oQ2dqOv66qBZO9/7ZnZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:48:08 2025 by rpki-client