Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/923CF65E5CC411F0BE67B5BFDAE4EC9C.roa
File: 923CF65E5CC411F0BE67B5BFDAE4EC9C.roa (raw, json)
Hash identifier: n5P5zERcsOzDPRS2hbmGeLxx6yBBjD9XXDwFTx3uv2Q=
Subject key identifier: 9C:1E:B1:E6:95:F5:F3:2D:30:5A:B0:0B:4E:86:48:37:8D:B0:3F:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CC3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/923CF65E5CC411F0BE67B5BFDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 12:59:39 +0000
ROA not before: Wed 09 Jul 2025 12:59:34 +0000
ROA not after: Sun 10 Aug 2025 12:59:34 +0000
asID: 40779
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101571 (0x18cc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 12:59:34 2025 GMT
Not After : Aug 10 12:59:34 2025 GMT
Subject: CN=686e67bb-418d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:0e:ce:a0:72:76:3b:ad:23:7c:f2:bd:96:f8:
ac:57:81:d7:b1:ca:93:65:d6:21:5e:9c:bb:7c:72:
0e:7b:02:de:a9:49:a3:50:e9:16:25:ea:11:b5:d0:
66:75:63:1b:77:32:3c:fa:aa:4d:31:cd:d8:82:67:
32:ae:8e:42:b3:74:90:4a:03:34:00:15:86:d2:e1:
a7:30:99:8a:37:8d:5e:78:de:71:9e:ad:d2:ef:79:
96:e3:11:6d:54:02:a4:49:2d:dd:cb:c3:97:84:3f:
67:03:d2:cb:e6:a3:60:b7:5e:59:68:94:02:c7:c4:
1f:0e:1a:31:66:fe:e7:c2:23:4a:41:1d:e3:25:f0:
36:13:7c:a6:be:9b:fc:76:93:75:18:3d:3b:55:fc:
f4:8b:08:95:02:ef:34:bd:04:bd:bc:48:68:07:a8:
e3:b8:cf:ce:75:02:ac:6e:84:5c:cb:23:cb:0b:98:
4b:51:5a:98:74:3d:53:24:8e:1b:9f:9d:2f:12:27:
4e:88:16:4f:97:93:d7:e6:c3:f0:2c:26:98:2e:1c:
3f:71:fb:a0:d5:4a:94:ff:b1:39:af:34:9f:44:7b:
58:bf:5b:c9:9a:e8:7f:24:1f:01:b0:ca:6b:de:b5:
85:b7:5d:3c:67:23:73:99:61:08:88:8d:cb:e3:f1:
80:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1E:B1:E6:95:F5:F3:2D:30:5A:B0:0B:4E:86:48:37:8D:B0:3F:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/923CF65E5CC411F0BE67B5BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:fa:96:42:b8:30:59:9f:c5:c6:e1:65:bf:1c:45:10:04:19:
15:6e:79:81:86:94:92:2c:24:49:e9:74:a8:4b:7d:7f:1f:ef:
0e:3c:78:7c:7d:38:12:19:23:73:31:4e:0e:f8:8e:94:b6:e9:
a9:12:a3:bb:1c:d8:9b:67:cd:2e:68:c6:34:41:d5:2e:bd:6a:
ff:3b:53:c4:ba:12:59:43:70:00:ef:08:53:30:1a:a8:9c:8c:
9c:db:cc:2d:c0:60:c7:4d:43:a8:59:18:ea:4e:1d:3f:7b:fb:
3d:0f:22:32:f7:81:a0:25:cc:0f:e0:af:12:c2:d3:f8:2a:ce:
b9:67:9b:b2:30:2d:44:58:ad:b2:71:99:a4:83:61:0b:85:3b:
17:ea:e4:29:5f:8d:c7:d7:3c:c1:f6:a7:fe:9e:c3:3a:8a:19:
ec:cc:09:82:3e:da:43:b1:a2:21:5e:f8:e2:1f:94:52:2d:e4:
82:e2:48:1e:10:fa:ad:93:f6:26:76:83:7d:70:d1:e9:7e:00:
ff:8c:2c:51:31:db:56:b8:65:24:ee:d4:b7:1a:1a:51:e8:65:
d7:65:00:a1:be:bd:7e:e8:a1:19:60:80:c9:17:99:44:ce:92:
1e:e8:69:44:47:dd:e6:bb:64:7f:da:64:5a:da:2e:5e:2f:c0:
34:b0:7b:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYzDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTI1OTM0WhcNMjUwODEwMTI1OTM0WjAYMRYw
FAYDVQQDEw02ODZlNjdiYi00MThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8A7OoHJ2O60jfPK9lvisV4HXscqTZdYhXpy7fHIOewLeqUmjUOkWJeoR
tdBmdWMbdzI8+qpNMc3Ygmcyro5Cs3SQSgM0ABWG0uGnMJmKN41eeN5xnq3S73mW
4xFtVAKkSS3dy8OXhD9nA9LL5qNgt15ZaJQCx8QfDhoxZv7nwiNKQR3jJfA2E3ym
vpv8dpN1GD07Vfz0iwiVAu80vQS9vEhoB6jjuM/OdQKsboRcyyPLC5hLUVqYdD1T
JI4bn50vEidOiBZPl5PX5sPwLCaYLhw/cfug1UqU/7E5rzSfRHtYv1vJmuh/JB8B
sMpr3rWFt108ZyNzmWEIiI3L4/GAcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJwe
seaV9fMtMFqwC06GSDeNsD//MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MjNDRjY1RTVDQzQxMUYwQkU2N0I1QkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBt+pZCuDBZn8XG4WW/HEUQBBkVbnmBhpSSLCRJ6XSoS31/H+8OPHh8
fTgSGSNzMU4O+I6UtumpEqO7HNibZ80uaMY0QdUuvWr/O1PEuhJZQ3AA7whTMBqo
nIyc28wtwGDHTUOoWRjqTh0/e/s9DyIy94GgJcwP4K8SwtP4Ks65Z5uyMC1EWK2y
cZmkg2ELhTsX6uQpX43H1zzB9qf+nsM6ihnszAmCPtpDsaIhXvjiH5RSLeSC4kge
EPqtk/YmdoN9cNHpfgD/jCxRMdtWuGUk7tS3GhpR6GXXZQChvr1+6KEZYIDJF5lE
zpIe6GlER93mu2R/2mRa2i5eL8A0sHt2
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:55 2025 by rpki-client