Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A355EA60590211F0BC4216BEDAE4EC9C.roa
File: A355EA60590211F0BC4216BEDAE4EC9C.roa (raw, json)
Hash identifier: v9SvFcmDy4RHWhM2hVecSrvtRzukTnJztPR26yDg6Nk=
Subject key identifier: 67:9A:CE:11:E8:DB:42:3E:B6:B3:2E:CD:DD:3F:62:ED:34:C8:B4:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A98
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A355EA60590211F0BC4216BEDAE4EC9C.roa
Signing time: Fri 04 Jul 2025 18:13:52 +0000
ROA not before: Fri 04 Jul 2025 18:13:47 +0000
ROA not after: Thu 04 Sep 2025 18:13:47 +0000
asID: 398478
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 24 Jul 2025 00:29:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101016 (0x18a98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 18:13:47 2025 GMT
Not After : Sep 4 18:13:47 2025 GMT
Subject: CN=686819e0-957c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6d:67:1f:75:bd:11:72:9c:c0:47:e8:91:48:
c8:d3:3b:91:b8:3f:7e:7c:91:09:1b:03:9d:1a:0c:
af:d6:77:c5:88:37:32:b8:c2:14:48:15:02:f9:32:
c4:1c:5c:f4:55:e5:35:88:34:6c:b2:8c:95:2d:b9:
9c:0f:ff:6f:87:1a:5f:d8:6a:99:a5:90:d7:27:7f:
e3:72:c8:99:3f:dc:40:22:92:af:ae:a5:e7:7a:8e:
dc:61:98:57:04:ef:c4:c5:0a:86:0e:74:fd:e6:60:
5e:56:d8:97:99:44:70:e2:ec:ed:36:0c:48:c9:a5:
36:c0:c4:64:b8:e2:fb:e9:5d:e8:e2:67:f8:74:ed:
f6:6e:8a:b1:2c:6e:54:67:15:f2:de:c7:79:37:1f:
d8:da:e9:12:3c:ab:3c:8d:38:53:fd:4b:cd:3e:6d:
e5:7c:e3:77:0e:40:36:5b:21:44:a0:9e:e3:ec:c9:
0a:b0:79:24:a0:97:08:47:24:6e:6c:0d:0d:33:17:
59:e2:93:e8:8f:db:85:46:ff:a1:b0:99:d5:c1:cb:
e3:06:3e:1a:b9:1f:10:b3:4e:55:1b:63:94:dc:94:
de:12:5b:47:34:a7:d5:7c:33:a0:8e:53:e7:80:2d:
a3:4c:48:4c:29:d4:5f:89:9a:16:b1:ee:64:ba:87:
a1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9A:CE:11:E8:DB:42:3E:B6:B3:2E:CD:DD:3F:62:ED:34:C8:B4:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A355EA60590211F0BC4216BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
75:be:0d:21:ee:12:f9:f0:69:ee:9e:e4:8c:b9:6d:f4:f7:f2:
ec:0d:95:09:3e:87:35:75:50:03:27:9c:32:3c:3e:5d:1d:a4:
44:0f:0a:6f:82:9b:62:0d:24:cd:53:88:04:fb:6a:b9:a2:e4:
5c:81:db:9a:01:0a:f8:85:6a:7a:e5:c7:95:b5:bc:37:45:53:
8e:83:5d:36:89:9b:ef:0e:7d:b7:99:60:78:5d:64:ed:83:b9:
18:02:89:cc:71:2b:e7:23:10:35:85:4f:11:ea:09:3c:0f:e9:
c0:39:66:f6:7d:76:09:62:05:02:16:29:4c:8d:90:40:3d:ba:
d6:77:e5:5e:a1:28:5e:1d:5a:d8:10:2c:c2:4b:84:1f:f2:21:
b5:cc:b0:ec:99:53:d1:b6:8c:3e:1b:e1:1d:dc:9d:15:01:ab:
2f:77:ce:61:d6:c5:1e:71:94:23:08:3b:ff:b3:4f:f0:14:b0:
5a:ca:1e:63:59:c5:ec:8c:f9:55:50:3e:ad:63:05:1d:2a:ce:
e7:6e:4d:0a:83:02:37:25:e8:26:c7:15:af:84:cd:e8:b2:cb:
43:22:d2:91:78:00:07:a7:a1:f4:44:65:dc:70:f7:b8:e5:2b:
7a:56:d4:51:f8:95:67:42:96:0a:e4:28:8a:7b:8b:68:1e:38:
29:6d:64:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYqYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTgxMzQ3WhcNMjUwOTA0MTgxMzQ3WjAYMRYw
FAYDVQQDEw02ODY4MTllMC05NTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0G1nH3W9EXKcwEfokUjI0zuRuD9+fJEJGwOdGgyv1nfFiDcyuMIUSBUC
+TLEHFz0VeU1iDRssoyVLbmcD/9vhxpf2GqZpZDXJ3/jcsiZP9xAIpKvrqXneo7c
YZhXBO/ExQqGDnT95mBeVtiXmURw4uztNgxIyaU2wMRkuOL76V3o4mf4dO32boqx
LG5UZxXy3sd5Nx/Y2ukSPKs8jThT/UvNPm3lfON3DkA2WyFEoJ7j7MkKsHkkoJcI
RyRubA0NMxdZ4pPoj9uFRv+hsJnVwcvjBj4auR8Qs05VG2OU3JTeEltHNKfVfDOg
jlPngC2jTEhMKdRfiZoWse5kuoehjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGea
zhHo20I+trMuzd0/Yu00yLRjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzU1RUE2MDU5MDIxMUYwQkM0MjE2QkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQB1vg0h7hL58GnunuSMuW309/LsDZUJPoc1dVADJ5wyPD5dHaREDwpv
gptiDSTNU4gE+2q5ouRcgduaAQr4hWp65ceVtbw3RVOOg102iZvvDn23mWB4XWTt
g7kYAonMcSvnIxA1hU8R6gk8D+nAOWb2fXYJYgUCFilMjZBAPbrWd+VeoSheHVrY
ECzCS4Qf8iG1zLDsmVPRtow+G+Ed3J0VAasvd85h1sUecZQjCDv/s0/wFLBayh5j
WcXsjPlVUD6tYwUdKs7nbk0KgwI3JegmxxWvhM3osstDItKReAAHp6H0RGXccPe4
5St6VtRR+JVnQpYK5CiKe4toHjgpbWSx
-----END CERTIFICATE-----
Generated at Tue Jul 22 05:09:33 2025 by rpki-client