Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BFE4D945CD011F0A639798DDAE4EC9C.roa
File: 9BFE4D945CD011F0A639798DDAE4EC9C.roa (raw, json)
Hash identifier: jx4U5uspj94XmgiGbxfCKSNosRdKuXPPxLjAp0eRLRo=
Subject key identifier: 61:94:37:4F:DF:11:33:D8:25:62:29:E6:9F:E2:6E:13:A4:3F:F1:5E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CE4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BFE4D945CD011F0A639798DDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 14:25:49 +0000
ROA not before: Wed 09 Jul 2025 14:25:44 +0000
ROA not after: Mon 11 Aug 2025 14:25:44 +0000
asID: 401664
IP address blocks: 154.81.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101604 (0x18ce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 14:25:44 2025 GMT
Not After : Aug 11 14:25:44 2025 GMT
Subject: CN=686e7bed-a695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:62:14:43:e4:d9:73:8d:34:2b:1a:42:7b:c7:
41:91:68:12:78:2f:f2:b5:69:30:0f:e2:c3:a5:6a:
38:27:58:9a:c0:03:a2:75:a4:5b:a6:96:55:27:72:
17:cd:a9:9e:c9:cf:cc:5b:59:74:32:bc:55:ed:b9:
b5:d3:f6:62:72:f3:c2:f0:38:40:48:c7:cd:5f:a6:
7b:47:0a:ed:8a:96:18:16:dc:53:4b:0e:99:5e:7b:
f9:d4:28:6b:81:4b:ad:3d:e6:19:e4:51:04:57:96:
0b:61:5f:76:6b:c2:f6:0e:5a:ee:8e:71:9d:b7:80:
45:70:c5:bd:df:f7:f0:66:3a:ae:95:c7:39:74:c3:
ba:9b:f0:f8:5d:25:23:1f:dd:ae:d2:41:1b:03:3e:
a8:c3:2e:9b:d6:cc:d9:af:5d:16:36:44:2f:45:35:
a5:49:ae:f1:b5:63:6b:b6:7e:85:b4:7c:17:a0:bc:
62:2e:59:6c:bc:07:37:d1:fd:e7:24:f3:79:fb:33:
89:c0:4e:95:1c:6e:6e:d0:12:f4:fa:ed:8b:8b:b0:
88:0d:0a:e8:43:59:35:15:e0:b6:2e:fd:34:6b:c5:
cf:49:3e:8b:0c:93:6c:0d:56:d0:93:e7:e6:c7:a9:
71:03:3c:ec:1b:d4:60:3f:9a:8e:92:08:ef:b8:c2:
7e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:94:37:4F:DF:11:33:D8:25:62:29:E6:9F:E2:6E:13:A4:3F:F1:5E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BFE4D945CD011F0A639798DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.8.0/23
Signature Algorithm: sha256WithRSAEncryption
99:47:3e:a8:4b:34:cc:27:2f:46:2e:9d:60:71:31:58:1c:56:
9e:26:82:53:87:c3:77:bb:37:47:2d:24:3f:66:90:ee:19:d8:
ce:6b:71:87:aa:a9:ba:c5:70:3e:f8:75:11:24:b1:48:5c:79:
b7:d5:50:53:75:fd:db:d0:79:af:f9:a6:2f:dd:46:43:ca:d7:
1c:93:aa:79:d6:f2:c6:08:77:e8:b3:bf:1e:9d:5f:c5:eb:cf:
a4:18:e5:e0:0a:65:60:d1:07:79:97:4b:14:36:84:37:83:ce:
7a:7f:1b:6e:c8:d1:48:b9:3a:29:62:9d:2a:63:cd:64:a2:0a:
72:b8:12:99:c2:59:3b:bf:fc:1c:63:6e:e9:32:3e:8b:f8:df:
c5:53:9a:06:f4:0a:82:0e:ff:e5:36:69:9a:6c:7d:b4:8e:24:
2b:3d:02:95:16:21:a1:f0:90:7e:9f:be:d4:be:e9:70:4c:23:
c3:58:87:92:ec:90:fe:70:83:ac:90:89:b0:56:be:82:2f:bd:
eb:a0:36:6f:12:13:23:1e:f4:14:d8:55:0c:7a:ee:d4:31:3a:
ab:0f:b8:4b:26:a4:57:9d:f0:78:33:24:e4:8c:0a:b6:2f:ce:
de:a5:d7:41:60:27:b7:c2:f9:f2:fd:6a:b3:46:de:30:0b:01:
92:eb:21:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYzkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTQyNTQ0WhcNMjUwODExMTQyNTQ0WjAYMRYw
FAYDVQQDEw02ODZlN2JlZC1hNjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzmIUQ+TZc400KxpCe8dBkWgSeC/ytWkwD+LDpWo4J1iawAOidaRbppZV
J3IXzameyc/MW1l0MrxV7bm10/ZicvPC8DhASMfNX6Z7RwrtipYYFtxTSw6ZXnv5
1ChrgUutPeYZ5FEEV5YLYV92a8L2DlrujnGdt4BFcMW93/fwZjqulcc5dMO6m/D4
XSUjH92u0kEbAz6owy6b1szZr10WNkQvRTWlSa7xtWNrtn6FtHwXoLxiLllsvAc3
0f3nJPN5+zOJwE6VHG5u0BL0+u2Li7CIDQroQ1k1FeC2Lv00a8XPST6LDJNsDVbQ
k+fmx6lxAzzsG9RgP5qOkgjvuMJ+/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGGU
N0/fETPYJWIp5p/ibhOkP/FeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QkZFNEQ5NDVDRDAxMUYwQTYzOTc5OEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlEIMA0GCSqGSIb3DQEB
CwUAA4IBAQCZRz6oSzTMJy9GLp1gcTFYHFaeJoJTh8N3uzdHLSQ/ZpDuGdjOa3GH
qqm6xXA++HURJLFIXHm31VBTdf3b0Hmv+aYv3UZDytcck6p51vLGCHfos78enV/F
68+kGOXgCmVg0Qd5l0sUNoQ3g856fxtuyNFIuTopYp0qY81kogpyuBKZwlk7v/wc
Y27pMj6L+N/FU5oG9AqCDv/lNmmabH20jiQrPQKVFiGh8JB+n77UvulwTCPDWIeS
7JD+cIOskImwVr6CL73roDZvEhMjHvQU2FUMeu7UMTqrD7hLJqRXnfB4MyTkjAq2
L87epddBYCe3wvny/WqzRt4wCwGS6yGM
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:11 2025 by rpki-client