Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D9BB9685E5011F090A654A0DAE4EC9C.roa
File: 8D9BB9685E5011F090A654A0DAE4EC9C.roa (raw, json)
Hash identifier: ZU3KWcfZ80qgkmuHUvuPy6vJsZNnMEEAyHqvJEXpdPQ=
Subject key identifier: 2C:CD:C7:89:57:A3:DB:DE:D8:2F:10:47:7F:F5:9A:20:D2:AC:C5:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D6C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D9BB9685E5011F090A654A0DAE4EC9C.roa
Signing time: Fri 11 Jul 2025 12:14:12 +0000
ROA not before: Fri 11 Jul 2025 12:14:07 +0000
ROA not after: Thu 14 Aug 2025 12:14:07 +0000
asID: 133180
IP address blocks: 154.194.128.0/18 maxlen: 24
154.209.160.0/19 maxlen: 24
154.214.64.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101740 (0x18d6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 12:14:07 2025 GMT
Not After : Aug 14 12:14:07 2025 GMT
Subject: CN=68710014-366f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5f:9a:a0:74:65:2e:cd:6f:7f:06:68:3f:30:
58:19:f4:65:37:fe:4e:31:a6:7f:33:9f:ae:8b:b8:
09:bb:ac:a9:65:e0:bf:b7:48:3b:d7:11:63:f7:66:
cc:9f:11:09:ba:f8:84:f5:fe:48:d3:14:b6:9e:fc:
59:72:84:57:4b:b9:63:d6:40:0b:16:9d:98:38:ce:
ff:04:02:01:67:cd:d7:1c:ad:8a:eb:5b:a0:04:f1:
f6:85:9e:91:56:b3:e0:ad:ec:eb:84:63:97:e6:ea:
09:8a:3d:c3:27:28:37:24:2f:b7:2e:0d:36:a7:0c:
9b:b8:a4:0c:2e:a9:8e:e8:f7:70:c7:ef:c5:73:22:
b7:eb:a6:4c:67:84:9e:29:05:38:5d:78:6e:c5:39:
e1:18:79:75:16:1f:8b:42:d7:db:af:62:5b:86:83:
f5:0b:31:21:ad:c2:77:46:84:4e:40:3f:b0:47:08:
1f:44:27:6c:8d:53:3a:6d:87:e7:d8:0e:42:fe:ba:
fe:94:5a:36:7d:c8:10:13:99:2b:8e:70:84:ac:87:
5a:15:17:e6:be:7f:27:3e:29:25:2a:6b:c3:cf:84:
57:60:76:f1:da:af:49:f6:20:16:67:44:7c:94:a0:
77:1b:63:c7:27:60:4b:b7:73:c3:d4:c8:1a:2d:1f:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CD:C7:89:57:A3:DB:DE:D8:2F:10:47:7F:F5:9A:20:D2:AC:C5:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D9BB9685E5011F090A654A0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
154.209.160.0/19
154.214.64.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
02:de:87:d5:bd:c2:27:f7:71:9e:37:4c:14:4d:8b:25:b7:b6:
5d:c3:1c:4d:41:ce:d0:bc:0d:04:aa:bb:70:0e:c9:6b:e4:87:
7c:1f:57:f7:8a:ad:fe:9b:67:78:96:b9:8b:c2:b3:a9:9d:a7:
41:16:bd:9d:4f:d3:6a:5b:62:5a:1e:95:99:0e:cf:91:2a:4a:
88:48:28:eb:a9:01:87:62:3b:25:27:8a:05:54:dc:eb:ae:36:
aa:3c:5c:36:4e:d6:41:43:ce:44:a3:f0:64:ad:d7:50:83:83:
18:e6:16:53:43:8c:95:09:39:f4:e0:7f:2d:30:6c:63:51:e5:
58:59:b3:ad:1d:d2:c7:dc:1d:2d:f2:13:9e:55:4c:d1:09:4a:
92:ae:de:46:ee:02:57:c2:63:e7:c4:51:cf:2d:46:21:17:83:
3e:93:a8:9a:4a:e1:c9:fa:d4:7c:15:3b:56:cc:05:46:0a:1c:
91:f0:11:fa:65:40:14:80:a3:2c:6c:ca:2c:67:a8:21:40:b4:
3c:82:33:7e:6b:8f:b7:a5:b7:9b:08:9f:13:df:06:c5:e6:a4:
c1:2f:2b:21:42:b7:7a:3c:bb:e0:63:02:0f:ca:14:01:57:0b:
05:dc:5b:a3:1c:bb:6c:a7:ca:e9:b6:47:59:00:af:71:7b:d7:
1a:42:3f:aa
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAY1sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTIxNDA3WhcNMjUwODE0MTIxNDA3WjAYMRYw
FAYDVQQDEw02ODcxMDAxNC0zNjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx1+aoHRlLs1vfwZoPzBYGfRlN/5OMaZ/M5+ui7gJu6ypZeC/t0g71xFj
92bMnxEJuviE9f5I0xS2nvxZcoRXS7lj1kALFp2YOM7/BAIBZ83XHK2K61ugBPH2
hZ6RVrPgrezrhGOX5uoJij3DJyg3JC+3Lg02pwybuKQMLqmO6Pdwx+/FcyK366ZM
Z4SeKQU4XXhuxTnhGHl1Fh+LQtfbr2JbhoP1CzEhrcJ3RoROQD+wRwgfRCdsjVM6
bYfn2A5C/rr+lFo2fcgQE5krjnCErIdaFRfmvn8nPiklKmvDz4RXYHbx2q9J9iAW
Z0R8lKB3G2PHJ2BLt3PD1MgaLR/wMwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFCzN
x4lXo9ve2C8QR3/1miDSrMWMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RDlCQjk2ODVFNTAxMUYwOTBBNjU0QTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGmsKAAwQFmtGgAwQGmtZA
AwQGmtdAMA0GCSqGSIb3DQEBCwUAA4IBAQAC3ofVvcIn93GeN0wUTYslt7ZdwxxN
Qc7QvA0EqrtwDslr5Id8H1f3iq3+m2d4lrmLwrOpnadBFr2dT9NqW2JaHpWZDs+R
KkqISCjrqQGHYjslJ4oFVNzrrjaqPFw2TtZBQ85Eo/BkrddQg4MY5hZTQ4yVCTn0
4H8tMGxjUeVYWbOtHdLH3B0t8hOeVUzRCUqSrt5G7gJXwmPnxFHPLUYhF4M+k6ia
SuHJ+tR8FTtWzAVGChyR8BH6ZUAUgKMsbMosZ6ghQLQ8gjN+a4+3pbebCJ8T3wbF
5qTBLyshQrd6PLvgYwIPyhQBVwsF3FujHLtsp8rptkdZAK9xe9caQj+q
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:15 2025 by rpki-client