Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8416F5A460A011F0AE6B3DB1DAE4EC9C.roa
File: 8416F5A460A011F0AE6B3DB1DAE4EC9C.roa (raw, json)
Hash identifier: YRCy++A/Ar+O//cC2HNzJAs7Xebex5AQnVzfAO70ovg=
Subject key identifier: D5:51:ED:63:68:ED:E3:88:2A:C1:3C:D4:01:64:96:C9:69:6E:74:E3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DBB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8416F5A460A011F0AE6B3DB1DAE4EC9C.roa
Signing time: Mon 14 Jul 2025 10:51:38 +0000
ROA not before: Mon 14 Jul 2025 10:51:33 +0000
ROA not after: Mon 25 Aug 2025 10:51:33 +0000
asID: 401434
IP address blocks: 154.85.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101819 (0x18dbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 14 10:51:33 2025 GMT
Not After : Aug 25 10:51:33 2025 GMT
Subject: CN=6874e13a-0814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:81:55:9e:54:6f:0e:d2:84:4a:77:09:6f:
27:8d:da:e2:e0:65:e2:c2:0e:e4:8e:3d:ab:6f:6e:
79:85:23:08:70:0e:bb:3a:80:cf:87:17:50:65:1c:
e5:a9:b6:14:9e:be:d2:23:e0:6d:6f:9b:4d:f6:d4:
af:ba:18:1c:91:3b:db:50:e5:2f:af:99:51:17:84:
c9:a5:bd:82:82:e3:85:88:44:c5:30:5b:f4:04:31:
fe:61:34:98:92:f6:26:2a:14:05:19:37:ea:2a:e7:
4f:16:e2:40:b4:df:58:bd:e0:a2:ba:79:c0:45:18:
fc:bd:ba:4b:de:30:c6:49:d1:a8:54:40:b1:c5:57:
c9:74:80:cb:22:2d:a0:d3:86:36:ac:f2:97:54:f8:
57:fc:3c:46:cd:9f:c6:fc:60:4d:5f:e5:96:eb:0d:
0e:e2:dc:e2:1c:8d:57:f6:9a:df:d9:21:5b:d2:ed:
42:86:65:9b:3d:57:24:a6:c6:6a:c1:29:c1:e5:c2:
e8:3b:f3:1a:5d:a1:30:cf:b5:dd:0e:55:30:a6:12:
36:4c:04:fd:85:f3:3d:88:0c:7b:a4:01:64:75:80:
58:69:e7:ee:55:0f:74:8c:8c:d4:76:be:1a:c9:54:
62:c0:f9:9f:9e:4f:62:da:90:b8:17:d5:23:55:3b:
d4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:51:ED:63:68:ED:E3:88:2A:C1:3C:D4:01:64:96:C9:69:6E:74:E3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8416F5A460A011F0AE6B3DB1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.16.0/23
Signature Algorithm: sha256WithRSAEncryption
d7:9e:63:c2:19:e8:2c:b5:e9:e1:1b:7f:04:f8:79:14:fb:22:
5c:31:e2:e7:93:2a:c1:85:8e:05:be:a9:a1:b0:76:e5:65:2d:
f9:f3:7e:5a:bb:2b:e6:f3:e3:a4:d5:da:54:4d:34:22:d4:91:
2a:eb:53:30:aa:cb:98:92:26:4a:2d:4e:88:49:36:4a:be:78:
f6:3d:75:c1:9e:e4:cf:79:f5:01:a5:60:e6:1f:18:35:2a:64:
b5:78:10:6a:17:bb:45:11:11:03:db:37:39:17:82:c2:d3:b6:
d2:48:a2:ef:6e:d4:c9:93:8b:f1:80:c5:c4:4e:ec:99:87:c3:
c1:f3:ea:99:45:fa:b1:63:9e:8c:3f:77:4b:7d:16:d1:81:51:
2e:64:cf:59:9a:63:60:f8:2e:53:30:ca:49:fd:e1:25:af:49:
98:1f:ac:f3:ed:ae:1f:84:97:3b:e3:1e:d8:65:8c:57:18:29:
58:75:3f:bd:60:36:c8:a5:af:fc:1f:87:f6:b6:e5:51:1f:db:
2e:f2:a0:8d:d7:da:25:14:8e:a5:7b:fb:28:19:8b:46:92:fc:
5b:27:90:37:b6:e9:24:83:de:fd:1e:e8:6e:12:a7:ce:69:69:
51:4e:cb:82:17:af:a6:74:53:36:09:d2:0d:f7:be:ba:29:f9:
f3:29:0f:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY27MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE0MTA1MTMzWhcNMjUwODI1MTA1MTMzWjAYMRYw
FAYDVQQDEw02ODc0ZTEzYS0wODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsSqBVZ5Ubw7ShEp3CW8njdri4GXiwg7kjj2rb255hSMIcA67OoDPhxdQ
ZRzlqbYUnr7SI+Btb5tN9tSvuhgckTvbUOUvr5lRF4TJpb2CguOFiETFMFv0BDH+
YTSYkvYmKhQFGTfqKudPFuJAtN9YveCiunnARRj8vbpL3jDGSdGoVECxxVfJdIDL
Ii2g04Y2rPKXVPhX/DxGzZ/G/GBNX+WW6w0O4tziHI1X9prf2SFb0u1ChmWbPVck
psZqwSnB5cLoO/MaXaEwz7XdDlUwphI2TAT9hfM9iAx7pAFkdYBYaefuVQ90jIzU
dr4ayVRiwPmfnk9i2pC4F9UjVTvUmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNVR
7WNo7eOIKsE81AFklslpbnTjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NDE2RjVBNDYwQTAxMUYwQUU2QjNEQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlUQMA0GCSqGSIb3DQEB
CwUAA4IBAQDXnmPCGegstenhG38E+HkU+yJcMeLnkyrBhY4FvqmhsHblZS35835a
uyvm8+Ok1dpUTTQi1JEq61MwqsuYkiZKLU6ISTZKvnj2PXXBnuTPefUBpWDmHxg1
KmS1eBBqF7tFERED2zc5F4LC07bSSKLvbtTJk4vxgMXETuyZh8PB8+qZRfqxY56M
P3dLfRbRgVEuZM9ZmmNg+C5TMMpJ/eElr0mYH6zz7a4fhJc74x7YZYxXGClYdT+9
YDbIpa/8H4f2tuVRH9su8qCN19olFI6le/soGYtGkvxbJ5A3tukkg979HuhuEqfO
aWlRTsuCF6+mdFM2CdIN9766KfnzKQ/1
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:17 2025 by rpki-client