Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1226A4C5B4711F09A9ABD89DAE4EC9C.roa
File: A1226A4C5B4711F09A9ABD89DAE4EC9C.roa (raw, json)
Hash identifier: U+PhVkwK9ODwzSiZlis5E8yuA9H7fKnUFXgwFvrsvUM=
Subject key identifier: 2F:EF:28:61:24:48:E7:2F:0A:A5:83:B4:54:51:84:FF:39:23:DF:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C24
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1226A4C5B4711F09A9ABD89DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 15:32:46 +0000
ROA not before: Mon 07 Jul 2025 15:32:40 +0000
ROA not after: Sun 17 Aug 2025 15:32:40 +0000
asID: 203020
IP address blocks: 154.203.44.0/22 maxlen: 24
154.203.48.0/23 maxlen: 24
154.204.96.0/19 maxlen: 24
154.220.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101412 (0x18c24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 15:32:40 2025 GMT
Not After : Aug 17 15:32:40 2025 GMT
Subject: CN=686be89e-1cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:17:cf:42:d2:80:f7:05:32:02:60:1d:95:bd:
59:53:a8:ee:a9:6b:d3:3f:6e:9b:6b:e5:22:4c:51:
a1:71:e1:42:8b:f8:c8:aa:e4:d3:6c:a1:cd:3d:38:
f2:1c:93:39:7b:53:70:02:9f:81:bd:45:42:01:55:
96:52:0f:17:3c:fd:be:65:6c:d2:51:da:58:09:c7:
28:e0:53:a2:00:56:f5:ff:99:ea:3e:6f:02:7f:9f:
be:b1:79:19:e6:26:a5:a0:11:b5:c7:61:1d:90:9c:
ea:ad:0f:c2:53:0c:2b:bc:7a:6b:ec:ca:a3:01:c0:
f0:b9:dc:27:2a:37:e7:58:30:95:cd:aa:42:56:1a:
36:d1:6a:ab:31:89:14:a0:52:fb:b7:4a:9c:78:d8:
82:d2:c6:0a:74:c5:64:81:be:f3:ab:1e:29:fa:88:
38:7d:56:1b:86:70:c0:88:be:47:f6:7d:06:18:64:
98:1c:60:2f:4e:82:0d:35:0a:eb:16:d8:f0:fc:1c:
e5:41:c6:27:da:0c:4f:a0:7a:c2:b1:49:fd:da:31:
9c:3f:cf:e4:9c:95:f6:16:cb:e3:75:82:a5:b7:7f:
e4:04:d7:88:53:d5:26:87:b7:23:7b:cf:f7:cc:f4:
c2:15:0c:c5:d4:2e:fb:bf:ba:ec:3a:be:fd:f7:d2:
7b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EF:28:61:24:48:E7:2F:0A:A5:83:B4:54:51:84:FF:39:23:DF:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1226A4C5B4711F09A9ABD89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.44.0-154.203.49.255
154.204.96.0/19
154.220.128.0/18
Signature Algorithm: sha256WithRSAEncryption
af:4d:ad:ad:3d:43:58:ae:dd:40:47:31:bb:34:99:81:7b:42:
08:4d:9a:6d:4b:3e:d7:19:61:70:31:97:e6:2e:ed:27:85:48:
9a:3c:81:e7:24:07:f1:99:0b:9e:78:21:4e:c1:f7:3b:65:48:
fa:f8:07:be:80:e4:3a:7c:c8:57:53:da:5a:a2:1f:3b:02:74:
c0:37:07:ff:f9:68:03:0d:4c:89:13:19:c8:de:39:e2:e2:7f:
c6:a2:1a:16:04:da:2c:c1:00:7e:59:4f:96:21:e1:e3:bb:77:
2e:e9:81:3c:79:d9:6c:aa:5c:eb:1f:4b:e3:a5:95:ba:73:bd:
5f:cc:6e:f3:a0:3e:29:94:24:1f:e4:5e:a5:d3:3b:f3:64:35:
d4:d4:48:a4:7d:50:1a:46:b0:8b:43:3a:b5:83:e1:b2:0f:99:
b2:96:ce:e2:aa:7e:13:87:fe:fe:ab:23:c5:19:85:84:de:7a:
9f:5f:d5:0a:e8:68:a5:23:29:61:56:32:1f:d7:7d:fe:39:be:
e5:cb:03:52:33:89:b0:03:a0:cf:23:9f:3c:ec:38:9f:79:01:
97:d0:8a:40:69:62:ea:af:a5:a1:b7:89:26:c0:19:05:b2:0b:
10:f0:4f:c9:66:da:56:1e:cc:5a:50:ee:37:21:f5:5f:cc:f6:
53:c3:23:1e
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYwkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTUzMjQwWhcNMjUwODE3MTUzMjQwWjAYMRYw
FAYDVQQDEw02ODZiZTg5ZS0xY2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1RfPQtKA9wUyAmAdlb1ZU6juqWvTP26ba+UiTFGhceFCi/jIquTTbKHN
PTjyHJM5e1NwAp+BvUVCAVWWUg8XPP2+ZWzSUdpYCcco4FOiAFb1/5nqPm8Cf5++
sXkZ5ialoBG1x2EdkJzqrQ/CUwwrvHpr7MqjAcDwudwnKjfnWDCVzapCVho20Wqr
MYkUoFL7t0qceNiC0sYKdMVkgb7zqx4p+og4fVYbhnDAiL5H9n0GGGSYHGAvToIN
NQrrFtjw/BzlQcYn2gxPoHrCsUn92jGcP8/knJX2FsvjdYKlt3/kBNeIU9Umh7cj
e8/3zPTCFQzF1C77v7rsOr7999J7BQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFC/v
KGEkSOcvCqWDtFRRhP85I9/XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMTIyNkE0QzVCNDcxMUYwOUE5QUJEODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKayywDBAGayzADBAWa
zGADBAaa3IAwDQYJKoZIhvcNAQELBQADggEBAK9Nra09Q1iu3UBHMbs0mYF7QghN
mm1LPtcZYXAxl+Yu7SeFSJo8geckB/GZC554IU7B9ztlSPr4B76A5Dp8yFdT2lqi
HzsCdMA3B//5aAMNTIkTGcjeOeLif8aiGhYE2izBAH5ZT5Yh4eO7dy7pgTx52Wyq
XOsfS+OllbpzvV/MbvOgPimUJB/kXqXTO/NkNdTUSKR9UBpGsItDOrWD4bIPmbKW
zuKqfhOH/v6rI8UZhYTeep9f1QroaKUjKWFWMh/Xff45vuXLA1IzibADoM8jnzzs
OJ95AZfQikBpYuqvpaG3iSbAGQWyCxDwT8lm2lYezFpQ7jch9V/M9lPDIx4=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:31:20 2025 by rpki-client