Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B105527E58D811F099164BB2DAE4EC9C.roa
File: B105527E58D811F099164BB2DAE4EC9C.roa (raw, json)
Hash identifier: IKIsdArptOSuAAi/5+4cDV+27PqDhMGsudBvgIMgOZA=
Subject key identifier: 82:31:FC:53:CD:B5:6B:96:30:22:7C:FC:71:B1:6B:EF:8D:99:7D:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A5C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B105527E58D811F099164BB2DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 13:13:36 +0000
ROA not before: Fri 04 Jul 2025 13:13:31 +0000
ROA not after: Wed 13 Aug 2025 13:13:31 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100956 (0x18a5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 13:13:31 2025 GMT
Not After : Aug 13 13:13:31 2025 GMT
Subject: CN=6867d380-1e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:71:ef:2e:5d:25:b9:05:63:04:8e:e4:2c:
1c:e7:b6:b1:dc:6c:c1:42:aa:0a:37:cc:fc:69:17:
26:99:c3:36:fd:f7:43:5a:d0:cb:37:05:a7:65:fa:
e0:7b:53:3e:fb:78:7a:42:0b:1b:c5:bd:63:45:fc:
cf:4a:b4:a7:fb:0e:f6:b9:f0:e7:f5:20:cb:fb:ff:
70:12:89:fa:e8:23:39:80:52:2f:ca:19:b6:ef:c5:
95:c5:c6:dd:a9:e5:a5:19:25:9d:8f:be:b2:e7:97:
e7:e0:22:c9:d8:e3:21:fc:68:fa:bb:7a:f8:f0:45:
56:a9:07:c8:1e:c3:d7:87:fa:70:99:56:83:fa:85:
18:9a:aa:12:4e:1f:c7:eb:83:27:0c:6e:15:a8:e4:
28:2e:e0:8e:e3:6e:12:91:2e:50:6f:93:5a:70:78:
6d:fd:e3:a7:ac:1a:d6:ea:ca:c2:ce:d8:6b:66:65:
82:f3:73:d2:a4:28:cc:79:dd:56:92:79:96:01:78:
bc:55:56:8f:cc:6c:be:27:77:78:7e:ad:c7:3d:30:
9a:11:9b:06:84:33:dc:4b:be:db:d0:1e:a0:09:80:
35:7b:d6:44:cd:96:7b:11:77:f7:94:55:34:b6:41:
ae:63:34:1e:67:2d:90:cb:74:17:78:27:0d:dd:fe:
08:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:31:FC:53:CD:B5:6B:96:30:22:7C:FC:71:B1:6B:EF:8D:99:7D:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B105527E58D811F099164BB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:cc:0e:e0:d9:71:00:2c:3e:ed:d0:a1:24:a9:d4:1a:68:43:
a2:3c:32:63:30:6e:3c:c2:86:e2:37:e6:71:52:d5:bd:3d:02:
67:3e:de:f1:9e:b6:e9:e6:35:89:28:1f:f5:ae:94:2a:cf:32:
ea:e7:01:39:77:a5:d1:0a:6c:7e:dd:22:0d:d0:74:4f:b1:c7:
c5:10:cb:b2:5b:b0:18:46:31:81:fc:9e:17:b2:5b:91:ab:0f:
60:2b:d4:48:69:ef:27:23:79:ec:9e:17:c8:ab:39:05:2f:68:
04:eb:94:7e:38:31:fe:c6:f3:01:11:f6:0b:c9:2e:18:fd:ac:
b2:c2:6b:01:95:39:12:18:ef:cf:aa:7f:98:51:1a:7f:f9:fe:
12:77:85:86:27:d7:46:dd:2a:dd:a0:7f:90:ad:52:48:7e:3d:
b5:a5:f5:3b:44:89:9c:ac:bf:71:28:70:dc:96:6d:d3:65:55:
92:9c:94:71:1e:f5:d8:3c:68:76:5a:8a:fc:28:51:33:92:12:
04:75:4f:17:88:b5:7d:4b:e7:3e:e4:3f:96:02:a1:23:c7:ea:
7a:1b:8c:2a:e3:09:75:12:da:17:54:98:36:4d:c1:c7:77:81:
85:05:10:21:4e:f2:2a:cd:66:b7:e4:87:8b:01:bc:c5:e4:d6:
3e:ff:e1:45
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYpcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTMxMzMxWhcNMjUwODEzMTMxMzMxWjAYMRYw
FAYDVQQDEw02ODY3ZDM4MC0xZTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzmZx7y5dJbkFYwSO5Cwc57ax3GzBQqoKN8z8aRcmmcM2/fdDWtDLNwWn
Zfrge1M++3h6Qgsbxb1jRfzPSrSn+w72ufDn9SDL+/9wEon66CM5gFIvyhm278WV
xcbdqeWlGSWdj76y55fn4CLJ2OMh/Gj6u3r48EVWqQfIHsPXh/pwmVaD+oUYmqoS
Th/H64MnDG4VqOQoLuCO424SkS5Qb5NacHht/eOnrBrW6srCzthrZmWC83PSpCjM
ed1WknmWAXi8VVaPzGy+J3d4fq3HPTCaEZsGhDPcS77b0B6gCYA1e9ZEzZZ7EXf3
lFU0tkGuYzQeZy2Qy3QXeCcN3f4IzQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIIx
/FPNtWuWMCJ8/HGxa++NmX1JMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMTA1NTI3RTU4RDgxMUYwOTkxNjRCQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQBrzA7g2XEALD7t0KEkqdQaaEOiPDJjMG48wobiN+ZxUtW9
PQJnPt7xnrbp5jWJKB/1rpQqzzLq5wE5d6XRCmx+3SIN0HRPscfFEMuyW7AYRjGB
/J4XsluRqw9gK9RIae8nI3nsnhfIqzkFL2gE65R+ODH+xvMBEfYLyS4Y/ayywmsB
lTkSGO/Pqn+YURp/+f4Sd4WGJ9dG3SrdoH+QrVJIfj21pfU7RImcrL9xKHDclm3T
ZVWSnJRxHvXYPGh2Wor8KFEzkhIEdU8XiLV9S+c+5D+WAqEjx+p6G4wq4wl1EtoX
VJg2TcHHd4GFBRAhTvIqzWa35IeLAbzF5NY+/+FF
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:36:34 2025 by rpki-client