Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCA6E6B058E711F08310E294DAE4EC9C.roa
File: BCA6E6B058E711F08310E294DAE4EC9C.roa (raw, json)
Hash identifier: 3wOUVPJ7dbyQid1dmDOtND6fE9nCNkKaMx8fixpjpBc=
Subject key identifier: 74:17:D3:58:29:E1:DD:FC:1A:27:2B:55:7E:EB:44:91:EA:29:40:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018A6A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCA6E6B058E711F08310E294DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 15:01:18 +0000
ROA not before: Fri 04 Jul 2025 15:01:13 +0000
ROA not after: Fri 17 Jul 2026 15:01:13 +0000
asID: 8796
IP address blocks: 154.193.192.0/18 maxlen: 24
154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100970 (0x18a6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 4 15:01:13 2025 GMT
Not After : Jul 17 15:01:13 2026 GMT
Subject: CN=6867ecbe-abc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:2f:39:f5:f9:79:79:5a:da:ac:98:04:4d:
1f:a5:8f:fa:32:7b:de:cd:e9:0a:08:8c:3a:9e:d5:
2f:6a:81:03:f8:f9:c6:23:39:0f:fd:c8:cc:b2:40:
d7:6b:5a:35:98:20:e2:05:e9:c0:35:ab:2c:49:e1:
36:d6:5c:13:b5:41:d0:ed:e9:f9:7f:56:50:c0:81:
00:99:2b:96:a3:9f:ab:b6:59:d5:2d:72:ba:0e:67:
c9:1e:d0:b6:9a:9c:67:04:97:98:40:76:88:f4:5e:
70:7b:43:07:f0:6b:05:df:cc:b8:5d:3d:bf:3d:85:
86:58:ea:f2:2a:2f:35:19:0a:ee:fa:c4:cf:48:f9:
97:4b:14:1b:8c:42:4c:b2:95:04:60:2a:ff:08:de:
58:c9:eb:9f:cd:78:72:88:72:43:ee:08:05:4a:c3:
e7:4d:e9:55:6b:f2:9f:1a:66:02:4b:71:1d:1b:ca:
cf:9a:2d:9b:63:97:10:19:f9:2b:df:35:ca:9d:31:
9e:76:cb:ce:63:17:c0:e7:12:43:7e:04:9c:4b:cb:
0f:35:f5:1d:9f:67:eb:d9:89:2d:2f:cb:42:bb:47:
dd:8e:95:5e:17:29:a3:69:05:6d:3e:26:5c:72:5f:
06:ba:b9:73:01:6e:14:c5:56:fa:b3:83:86:a4:d1:
c6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:17:D3:58:29:E1:DD:FC:1A:27:2B:55:7E:EB:44:91:EA:29:40:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCA6E6B058E711F08310E294DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.192.0/18
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
63:92:4b:f9:1e:5a:ba:8e:94:12:82:78:05:83:80:69:4f:f0:
86:53:af:0c:fc:97:43:44:3f:84:03:0c:45:fa:df:d3:d1:37:
6a:23:57:47:99:25:ca:b6:91:83:15:e4:f7:e7:5c:8e:e0:d8:
36:0a:90:ce:ab:66:95:7e:6f:3b:b2:c9:00:d7:cb:5c:92:bb:
9d:ad:f4:9b:f7:40:dc:06:fd:4f:78:1d:f0:40:42:bd:38:a6:
4b:1c:6c:2d:6f:3c:15:2a:64:82:15:40:fe:a3:05:4c:6b:c6:
1c:c6:e5:f6:02:4e:d7:86:0f:b4:e6:25:61:24:c4:0e:cb:75:
0f:8c:cf:14:9f:65:61:0a:1b:ef:22:ed:36:23:4e:5f:82:70:
ab:f4:09:3f:5a:bc:d7:3f:b2:da:3c:b5:fd:05:28:61:95:01:
e3:d8:93:0f:21:42:ca:90:b5:d2:86:af:c4:d0:09:11:93:72:
2e:5c:cc:58:45:0c:8d:8d:6a:00:ea:67:ca:a5:28:cb:87:ca:
30:95:2f:20:0a:fd:80:d2:ae:11:d2:f6:a1:6b:8d:02:40:8f:
a1:aa:a3:1f:b6:7d:04:82:10:96:8f:cf:c0:bf:21:0e:a8:03:
fe:2c:d2:44:d3:d7:98:cc:b0:db:48:29:99:b1:09:27:62:81:
d6:24:91:d5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAYpqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA0MTUwMTEzWhcNMjYwNzE3MTUwMTEzWjAYMRYw
FAYDVQQDEw02ODY3ZWNiZS1hYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnJAvOfX5eXla2qyYBE0fpY/6MnvezekKCIw6ntUvaoED+PnGIzkP/cjM
skDXa1o1mCDiBenANassSeE21lwTtUHQ7en5f1ZQwIEAmSuWo5+rtlnVLXK6DmfJ
HtC2mpxnBJeYQHaI9F5we0MH8GsF38y4XT2/PYWGWOryKi81GQru+sTPSPmXSxQb
jEJMspUEYCr/CN5YyeufzXhyiHJD7ggFSsPnTelVa/KfGmYCS3EdG8rPmi2bY5cQ
Gfkr3zXKnTGedsvOYxfA5xJDfgScS8sPNfUdn2fr2YktL8tCu0fdjpVeFymjaQVt
PiZccl8GurlzAW4UxVb6s4OGpNHGZQIDAQABo4ICvjCCArowHQYDVR0OBBYEFHQX
01gp4d38GicrVX7rRJHqKUAuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0E2RTZCMDU4RTcxMUYwODMxMEUyOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQGmsHAAwQAmsp1AwQDmsp4
MAsDBAGa2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAY5JL+R5auo6UEoJ4BYOA
aU/whlOvDPyXQ0Q/hAMMRfrf09E3aiNXR5klyraRgxXk9+dcjuDYNgqQzqtmlX5v
O7LJANfLXJK7na30m/dA3Ab9T3gd8EBCvTimSxxsLW88FSpkghVA/qMFTGvGHMbl
9gJO14YPtOYlYSTEDst1D4zPFJ9lYQob7yLtNiNOX4Jwq/QJP1q81z+y2jy1/QUo
YZUB49iTDyFCypC10oavxNAJEZNyLlzMWEUMjY1qAOpnyqUoy4fKMJUvIAr9gNKu
EdL2oWuNAkCPoaqjH7Z9BIIQlo/PwL8hDqgD/izSRNPXmMyw20gpmbEJJ2KB1iSR
1Q==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:07 2025 by rpki-client