Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B8EE2884DE511F0B5B07D7BDAE4EC9C.roa
File: 8B8EE2884DE511F0B5B07D7BDAE4EC9C.roa (raw, json)
Hash identifier: 3IA0+tavjppncNFJGkrOvUDquCRyiHWf4Zz2PMVmKiQ=
Subject key identifier: 35:43:DF:90:10:3F:B2:87:E7:B6:E1:C7:DA:A3:85:14:EE:22:5B:31
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018799
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B8EE2884DE511F0B5B07D7BDAE4EC9C.roa
Signing time: Fri 20 Jun 2025 14:47:54 +0000
ROA not before: Fri 20 Jun 2025 14:47:48 +0000
ROA not after: Mon 29 Sep 2025 14:47:48 +0000
asID: 29802
IP address blocks: 154.202.100.0/24 maxlen: 24
154.223.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Jul 2025 00:06:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100249 (0x18799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 20 14:47:48 2025 GMT
Not After : Sep 29 14:47:48 2025 GMT
Subject: CN=68557499-58ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1b:6b:be:a8:c0:f7:3d:8d:db:c7:0e:a2:fb:
4c:4f:1a:c0:4e:2d:de:b1:df:71:a5:7b:97:7c:47:
7f:6f:98:62:aa:a8:4c:8b:54:be:22:8d:f9:db:b8:
f5:48:ad:ea:99:11:dc:3b:6e:6e:ec:d3:03:7b:0c:
c2:6d:4d:e6:dd:09:21:57:fe:79:a5:a3:3f:df:39:
10:d2:4a:36:ec:20:dc:99:81:88:61:e8:27:b5:51:
4d:09:7a:f1:1e:8f:11:2c:c3:27:99:28:06:02:f6:
aa:75:d5:19:72:97:7e:dd:25:ac:ec:ae:30:31:e6:
f6:d9:d1:2c:80:12:98:93:cb:c5:26:73:ed:22:9d:
a2:78:80:23:03:5d:61:b0:44:0d:90:92:dd:2e:bc:
37:66:8c:69:8d:99:c3:d3:17:84:12:c3:c3:92:b4:
1f:b2:e2:bc:54:d7:13:30:7c:a4:e1:aa:8b:c9:b7:
9f:34:40:dd:e2:99:c9:65:1f:d2:35:1f:68:0e:ab:
89:19:ef:b1:36:0c:ca:51:5f:bb:fa:35:b5:53:bc:
0e:a4:2f:71:99:37:04:02:0c:26:d7:7a:c3:0b:76:
7e:84:ac:be:a4:3b:48:e8:d8:b9:c7:43:01:02:44:
50:02:ab:cf:aa:ad:e9:e9:5e:9f:b2:91:1f:29:e9:
aa:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:43:DF:90:10:3F:B2:87:E7:B6:E1:C7:DA:A3:85:14:EE:22:5B:31
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B8EE2884DE511F0B5B07D7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.100.0/24
154.223.90.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:5e:33:2e:47:0e:54:d8:c7:27:8c:6f:7a:73:3d:c4:9d:41:
3d:80:5b:3e:6e:57:7d:e3:7a:10:eb:3b:4d:e2:39:e5:99:c3:
b4:f8:18:74:20:9b:ee:86:ae:a0:25:93:4b:41:05:3a:75:3a:
5f:c0:71:01:b4:f8:d1:28:d3:ae:6b:57:32:4a:3c:2f:e8:f5:
f2:7a:4a:34:b1:09:79:81:c7:f1:3d:dd:4a:90:68:c3:67:0c:
a8:2c:b3:1f:60:fa:be:48:bb:ad:3f:64:19:55:60:1e:6f:16:
06:ef:6b:54:c7:0d:5e:79:4e:44:b5:71:7c:5b:53:3a:06:e9:
26:39:b5:0e:0f:eb:42:14:e9:41:32:ad:d5:74:50:cb:2b:30:
51:f9:14:4f:0a:f4:f6:a7:ee:b2:d4:12:cf:81:a3:b2:88:45:
ff:f9:d2:64:7f:70:c4:30:2e:27:1b:0c:fb:aa:36:6b:11:d9:
e6:df:9c:f9:6f:2a:b1:1c:5f:8d:6b:ad:89:0a:27:84:74:e6:
8b:c4:77:17:29:7b:a4:e1:f1:d0:aa:40:88:1d:25:8c:99:c9:
03:9f:ae:29:38:e2:25:20:12:79:21:76:99:11:d8:04:92:61:
8d:e0:b9:f3:32:e8:5b:00:e7:fc:e6:47:22:e1:26:89:bb:b6:
3a:31:50:f3
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYeZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIwMTQ0NzQ4WhcNMjUwOTI5MTQ0NzQ4WjAYMRYw
FAYDVQQDEw02ODU1NzQ5OS01OGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAohtrvqjA9z2N28cOovtMTxrATi3esd9xpXuXfEd/b5hiqqhMi1S+Io35
27j1SK3qmRHcO25u7NMDewzCbU3m3QkhV/55paM/3zkQ0ko27CDcmYGIYegntVFN
CXrxHo8RLMMnmSgGAvaqddUZcpd+3SWs7K4wMeb22dEsgBKYk8vFJnPtIp2ieIAj
A11hsEQNkJLdLrw3ZoxpjZnD0xeEEsPDkrQfsuK8VNcTMHyk4aqLybefNEDd4pnJ
ZR/SNR9oDquJGe+xNgzKUV+7+jW1U7wOpC9xmTcEAgwm13rDC3Z+hKy+pDtI6Ni5
x0MBAkRQAqvPqq3p6V6fspEfKemqSwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDVD
35AQP7KH57bhx9qjhRTuIlsxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjhFRTI4ODRERTUxMUYwQjVCMDdEN0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmspkAwQAmt9aMA0GCSqG
SIb3DQEBCwUAA4IBAQBOXjMuRw5U2McnjG96cz3EnUE9gFs+bld943oQ6ztN4jnl
mcO0+Bh0IJvuhq6gJZNLQQU6dTpfwHEBtPjRKNOua1cySjwv6PXyeko0sQl5gcfx
Pd1KkGjDZwyoLLMfYPq+SLutP2QZVWAebxYG72tUxw1eeU5EtXF8W1M6BukmObUO
D+tCFOlBMq3VdFDLKzBR+RRPCvT2p+6y1BLPgaOyiEX/+dJkf3DEMC4nGwz7qjZr
Ednm35z5byqxHF+Na62JCieEdOaLxHcXKXuk4fHQqkCIHSWMmckDn64pOOIlIBJ5
IXaZEdgEkmGN4LnzMuhbAOf85kci4SaJu7Y6MVDz
-----END CERTIFICATE-----
Generated at Mon Jul 7 04:33:42 2025 by rpki-client