Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8239CE0624811F0972A477ADAE4EC9C.roa
File: B8239CE0624811F0972A477ADAE4EC9C.roa (raw, json)
Hash identifier: xLCgRTeAQyz/DgsbFUARwKuiQnyMcOORHCL8tNJYB/0=
Subject key identifier: 38:CC:B9:F7:8D:B9:1A:7D:EE:0A:21:ED:BC:DC:44:63:9E:73:F2:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E01
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8239CE0624811F0972A477ADAE4EC9C.roa
Signing time: Wed 16 Jul 2025 13:28:12 +0000
ROA not before: Wed 16 Jul 2025 13:28:07 +0000
ROA not after: Fri 25 Jul 2025 13:28:07 +0000
asID: 5650
IP address blocks: 154.194.20.0/22 maxlen: 24
154.205.176.0/22 maxlen: 24
154.205.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101889 (0x18e01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 16 13:28:07 2025 GMT
Not After : Jul 25 13:28:07 2025 GMT
Subject: CN=6877a8ec-f4e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d6:80:46:1e:4f:97:88:72:92:53:34:d5:1a:
44:f4:eb:6c:86:dc:74:9d:ad:73:c3:d1:54:63:57:
59:45:a1:99:06:82:1c:2f:74:fc:87:58:c8:29:2b:
79:f2:9d:90:93:b2:63:4c:25:5d:0a:c7:21:4c:90:
39:d2:45:bb:cb:5d:b9:8e:d1:13:da:9d:f0:e9:91:
4f:4e:40:57:3b:62:4c:3a:2b:f0:ae:5d:43:99:dc:
2f:9c:f9:33:60:3a:56:ed:c7:30:ac:86:ca:46:b1:
e2:2c:1d:4d:95:ea:61:86:f7:b6:51:ac:b1:28:f5:
d1:52:2d:7a:42:9c:8c:10:db:9a:96:d2:f2:dc:f4:
1a:4a:18:00:81:55:27:f6:fc:06:5c:88:a2:93:a1:
27:7c:06:6e:b1:65:b9:d7:c4:a9:64:23:42:80:df:
9a:ed:db:07:83:81:01:6f:74:60:87:f3:c8:15:88:
55:b4:92:56:44:c9:b2:30:f9:40:f7:cd:e4:85:be:
dc:38:3e:a6:ef:bf:39:ae:7a:aa:9b:21:3b:da:f0:
e4:90:39:f1:d3:a3:8b:e6:90:72:93:7f:5d:e2:43:
4e:bc:a0:93:73:46:33:a4:39:3a:3f:1f:ed:b1:ac:
eb:52:5b:cc:04:74:84:99:44:dc:f9:7d:c3:ce:4b:
5b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CC:B9:F7:8D:B9:1A:7D:EE:0A:21:ED:BC:DC:44:63:9E:73:F2:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8239CE0624811F0972A477ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.20.0/22
154.205.176.0/21
Signature Algorithm: sha256WithRSAEncryption
14:5e:1a:10:ad:a2:81:2f:61:92:a0:ab:f9:f6:52:82:ef:07:
54:4a:d6:88:3d:98:6c:cc:e8:1d:e5:13:49:f1:10:4d:0b:db:
7e:33:45:62:52:b2:4c:13:bf:07:da:c3:98:07:86:94:e2:1e:
95:50:2a:88:70:d3:9d:cd:56:f1:05:3e:d8:b7:bc:da:29:cb:
ed:e4:63:ca:67:5f:2e:55:83:9f:46:48:74:33:5b:27:10:c9:
32:91:6a:12:4d:7f:37:76:39:60:0b:55:13:cb:ca:11:9c:3a:
a9:ef:61:14:37:1d:41:f6:d5:64:aa:21:78:ce:c7:be:e8:f2:
1f:7a:5e:a7:5f:1e:ec:75:e3:ee:27:a8:ea:0a:1f:ab:47:e7:
b3:78:9d:4e:c7:fa:e3:86:d1:8a:99:e9:62:bc:a4:3c:87:bf:
30:4f:b9:16:7b:98:68:80:d9:71:0e:41:65:7a:9f:7d:63:40:
96:8b:e7:da:50:3c:f5:58:4c:57:32:ba:38:0c:1f:54:2d:7c:
da:b1:b3:62:55:5d:99:bc:22:88:a1:be:ae:63:fb:f4:04:18:
f7:f9:0f:f2:2b:25:0b:bf:4d:b8:d0:68:67:6b:3c:d6:e3:a0:
f5:a3:7b:e5:27:f2:99:cc:14:cf:8b:c0:4f:a9:8c:ff:d6:59:
86:20:17:aa
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAY4BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE2MTMyODA3WhcNMjUwNzI1MTMyODA3WjAYMRYw
FAYDVQQDEw02ODc3YThlYy1mNGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAztaARh5Pl4hyklM01RpE9Otshtx0na1zw9FUY1dZRaGZBoIcL3T8h1jI
KSt58p2Qk7JjTCVdCschTJA50kW7y125jtET2p3w6ZFPTkBXO2JMOivwrl1Dmdwv
nPkzYDpW7ccwrIbKRrHiLB1Nlephhve2UayxKPXRUi16QpyMENualtLy3PQaShgA
gVUn9vwGXIiik6EnfAZusWW518SpZCNCgN+a7dsHg4EBb3Rgh/PIFYhVtJJWRMmy
MPlA983khb7cOD6m7785rnqqmyE72vDkkDnx06OL5pByk39d4kNOvKCTc0YzpDk6
Px/tsazrUlvMBHSEmUTc+X3DzktbOQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDjM
ufeNuRp97goh7bzcRGOec/JtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CODIzOUNFMDYyNDgxMUYwOTcyQTQ3N0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIUAwQDms2wMA0GCSqG
SIb3DQEBCwUAA4IBAQAUXhoQraKBL2GSoKv59lKC7wdUStaIPZhszOgd5RNJ8RBN
C9t+M0ViUrJME78H2sOYB4aU4h6VUCqIcNOdzVbxBT7Yt7zaKcvt5GPKZ18uVYOf
Rkh0M1snEMkykWoSTX83djlgC1UTy8oRnDqp72EUNx1B9tVkqiF4zse+6PIfel6n
Xx7sdePuJ6jqCh+rR+ezeJ1Ox/rjhtGKmelivKQ8h78wT7kWe5hogNlxDkFlep99
Y0CWi+faUDz1WExXMro4DB9ULXzasbNiVV2ZvCKIob6uY/v0BBj3+Q/yKyULv024
0GhnazzW46D1o3vlJ/KZzBTPi8BPqYz/1lmGIBeq
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:50 2025 by rpki-client