Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/917FFE205CC711F0BEDCEAD2DAE4EC9C.roa
File: 917FFE205CC711F0BEDCEAD2DAE4EC9C.roa (raw, json)
Hash identifier: P1vgTpaBqJuMDsMTdOI9qpyu1jCRPUEGseGITQWrle4=
Subject key identifier: CD:9C:4E:8B:9B:98:7D:4B:28:C1:81:75:15:43:84:9F:E1:63:AF:C5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CCD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/917FFE205CC711F0BEDCEAD2DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 13:21:06 +0000
ROA not before: Wed 09 Jul 2025 13:21:01 +0000
ROA not after: Sun 10 Aug 2025 13:21:01 +0000
asID: 142032
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101581 (0x18ccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 13:21:01 2025 GMT
Not After : Aug 10 13:21:01 2025 GMT
Subject: CN=686e6cc2-df72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ae:b3:c9:07:c1:8e:f8:26:ca:e2:fa:3a:5b:
6c:fb:87:9b:11:cf:92:84:b9:b6:a9:80:b2:c3:ef:
4e:d9:85:76:f3:ae:e2:9d:37:61:97:7e:c7:61:78:
57:12:00:68:f7:26:00:a9:9c:11:be:10:7d:a7:2b:
57:2a:97:f7:0e:07:14:ce:8a:bb:ba:f9:06:50:82:
89:b9:bd:af:54:a6:17:a7:0f:6d:85:f3:08:dc:cc:
4c:b1:a5:19:e4:43:2c:14:1a:37:f4:45:63:d0:08:
75:ba:ff:8a:b6:b8:18:6e:7b:07:e8:58:56:45:5f:
f8:a8:09:ea:e7:ac:45:1c:28:5f:e8:05:3e:39:db:
0b:f8:9a:33:e2:92:0f:09:40:eb:74:8c:bc:2f:2b:
4f:b7:b2:8f:ee:fb:7f:9e:9b:f4:8d:60:28:38:5c:
4c:9e:96:c0:6c:75:b8:10:61:b3:9b:f0:55:29:5d:
98:62:6f:35:8b:22:53:09:6f:cb:c0:6a:31:b6:72:
5b:ea:a7:3f:10:cb:aa:98:d0:e2:8a:3c:18:28:46:
2d:c6:14:a1:8c:8f:e6:d0:49:50:6b:eb:43:f7:c7:
7f:29:4f:be:57:16:90:bb:9b:ef:30:fa:e1:3a:26:
b3:eb:61:b5:fe:43:9d:15:3f:90:c7:0e:9a:0d:fc:
b5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9C:4E:8B:9B:98:7D:4B:28:C1:81:75:15:43:84:9F:E1:63:AF:C5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/917FFE205CC711F0BEDCEAD2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
43:35:f2:67:22:b5:3e:37:2a:b7:6a:73:be:49:4c:80:06:35:
99:b0:b2:68:77:51:b7:ce:43:b6:64:7c:51:c4:90:c3:ed:34:
9c:23:69:20:05:b8:8c:1e:0d:1c:b2:af:0d:66:af:ef:9b:37:
7c:87:13:e0:e1:6f:7b:cb:42:aa:b2:ea:88:45:a1:75:af:3c:
f4:12:85:46:b0:a1:a0:cd:63:52:34:e8:1f:d6:8d:51:d9:2d:
22:1e:c4:bb:20:9a:97:d2:6a:96:bd:fa:6b:5b:c2:8b:ea:9b:
80:93:0c:0b:2f:56:cc:0f:f7:8e:72:81:ec:1d:cf:0b:4c:37:
26:77:45:f6:64:1e:20:b9:67:d8:c2:1d:10:50:28:8f:71:b7:
d6:9e:97:03:bc:6f:e1:53:e1:e5:41:81:64:04:81:1d:7c:a0:
0c:03:81:b5:a1:66:49:9b:43:3f:38:2d:3f:38:38:4f:c9:99:
35:5d:b5:c7:01:40:e3:97:71:f4:36:82:ed:a9:ea:7f:fa:2a:
fc:0e:d1:ce:25:76:6b:5d:ba:69:c9:7e:0a:03:d1:2a:24:dc:
6d:02:7d:79:4a:f5:34:c3:0e:d0:6e:94:66:da:35:26:f2:a9:
a2:67:41:0b:9c:58:55:b7:5c:21:e3:4f:92:1d:b2:df:54:92:
7a:60:8f:1e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYzNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTMyMTAxWhcNMjUwODEwMTMyMTAxWjAYMRYw
FAYDVQQDEw02ODZlNmNjMi1kZjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9K6zyQfBjvgmyuL6Olts+4ebEc+ShLm2qYCyw+9O2YV2867inTdhl37H
YXhXEgBo9yYAqZwRvhB9pytXKpf3DgcUzoq7uvkGUIKJub2vVKYXpw9thfMI3MxM
saUZ5EMsFBo39EVj0Ah1uv+KtrgYbnsH6FhWRV/4qAnq56xFHChf6AU+OdsL+Joz
4pIPCUDrdIy8LytPt7KP7vt/npv0jWAoOFxMnpbAbHW4EGGzm/BVKV2YYm81iyJT
CW/LwGoxtnJb6qc/EMuqmNDiijwYKEYtxhShjI/m0ElQa+tD98d/KU++VxaQu5vv
MPrhOiaz62G1/kOdFT+Qxw6aDfy1awIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM2c
ToubmH1LKMGBdRVDhJ/hY6/FMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTdGRkUyMDVDQzcxMUYwQkVEQ0VBRDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBDNfJnIrU+Nyq3anO+SUyABjWZsLJod1G3zkO2ZHxRxJDD7TScI2kg
BbiMHg0csq8NZq/vmzd8hxPg4W97y0KqsuqIRaF1rzz0EoVGsKGgzWNSNOgf1o1R
2S0iHsS7IJqX0mqWvfprW8KL6puAkwwLL1bMD/eOcoHsHc8LTDcmd0X2ZB4guWfY
wh0QUCiPcbfWnpcDvG/hU+HlQYFkBIEdfKAMA4G1oWZJm0M/OC0/ODhPyZk1XbXH
AUDjl3H0NoLtqep/+ir8DtHOJXZrXbppyX4KA9EqJNxtAn15SvU0ww7QbpRm2jUm
8qmiZ0ELnFhVt1wh40+SHbLfVJJ6YI8e
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:41 2025 by rpki-client