Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE195DCA5E5511F08A135DBFDAE4EC9C.roa
File: BE195DCA5E5511F08A135DBFDAE4EC9C.roa (raw, json)
Hash identifier: O5wkL1OLD5shOM4N+SwudqiM2jjpBIQ6s09td/PUO+E=
Subject key identifier: 67:2B:DC:16:8D:79:58:8D:DF:62:08:A2:7B:72:35:A2:E9:55:DC:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D7C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE195DCA5E5511F08A135DBFDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 12:51:21 +0000
ROA not before: Fri 11 Jul 2025 12:51:16 +0000
ROA not after: Sat 16 Aug 2025 12:51:16 +0000
asID: 22773
IP address blocks: 154.90.18.0/24 maxlen: 24
154.90.19.0/24 maxlen: 24
154.90.20.0/24 maxlen: 24
154.90.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101756 (0x18d7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 12:51:16 2025 GMT
Not After : Aug 16 12:51:16 2025 GMT
Subject: CN=687108c9-ed6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:20:b8:e9:77:9c:99:9a:1a:ec:d7:f0:5f:cb:
12:c1:6e:94:33:ad:8c:a1:dc:a3:31:95:ae:1b:e9:
76:57:a0:3f:58:0e:26:8b:8c:ec:fb:c4:b8:d1:c3:
aa:41:34:b8:bc:86:db:62:ad:98:ff:e7:a6:3c:6f:
94:fd:8f:38:63:9c:88:62:97:fd:09:7f:38:7a:ef:
77:a6:01:bb:f8:5c:4a:7b:8d:dd:74:14:6c:db:d6:
ea:55:c2:5b:25:6b:9f:f9:bf:c6:26:3b:b1:4a:d1:
97:7c:ad:71:42:d8:db:e2:a2:ac:14:e2:0d:73:fa:
25:c3:db:ef:6d:e0:03:01:df:60:8a:a9:bb:a2:88:
de:d4:89:97:65:cc:66:2e:ab:40:e1:0d:22:69:78:
97:bd:e5:a9:8b:19:ed:3c:57:e6:33:95:a7:9c:d4:
f2:6f:0a:f1:b9:42:87:1b:48:d3:46:70:21:d1:14:
4d:c4:5e:54:df:8c:72:bb:de:bb:ce:fd:a1:c0:95:
61:a8:1d:47:0c:76:a5:7e:d5:88:41:52:e1:21:b9:
68:9b:12:33:80:af:d9:85:fc:18:78:d2:b9:30:a5:
a5:04:7f:fb:16:bf:f8:97:97:69:ad:1e:f2:ce:84:
f8:12:fb:cc:0c:b3:79:cb:84:94:d5:d1:e3:53:a8:
07:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2B:DC:16:8D:79:58:8D:DF:62:08:A2:7B:72:35:A2:E9:55:DC:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE195DCA5E5511F08A135DBFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.18.0-154.90.21.255
Signature Algorithm: sha256WithRSAEncryption
ad:b6:2b:e8:f3:69:bc:a5:6f:51:79:da:2d:1c:1e:21:83:a5:
99:65:34:9f:a1:a2:cb:f9:42:66:2f:77:ac:b0:63:d3:78:ed:
c7:8d:bf:76:45:29:96:b0:35:ac:c1:4a:c2:be:4c:40:8f:7a:
24:db:95:92:c9:c3:1d:2c:23:41:7e:5d:a8:5a:8f:fc:da:e7:
02:8b:64:ac:fd:b3:ff:93:7c:4d:bb:17:20:aa:12:fd:00:a7:
af:2a:29:72:01:51:49:63:04:a0:5c:8a:8d:25:c0:be:d1:f7:
3e:3e:ad:ed:cf:35:75:9f:60:93:6e:98:50:9d:f3:10:e2:40:
5a:85:8b:88:77:36:ae:19:93:2d:98:c8:e3:88:48:b1:a9:40:
72:4a:b6:c8:15:1b:01:72:ba:33:5f:7b:6c:62:ad:92:71:27:
95:b2:d9:21:fd:7f:b7:32:f3:1f:77:78:cb:29:cc:77:7b:37:
01:14:71:20:14:4d:9a:29:21:18:c2:f8:34:77:55:c6:bc:35:
e9:ea:c0:95:b5:01:92:ae:9e:f1:76:9d:4f:1a:fe:1c:b5:5d:
85:bc:1c:1b:99:c0:4f:33:b2:3d:16:b5:58:03:d0:98:9c:39:
9d:d6:3c:eb:eb:8a:24:32:23:d8:fd:1e:0e:b0:f1:bb:db:a9:
22:ff:27:60
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAY18MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTI1MTE2WhcNMjUwODE2MTI1MTE2WjAYMRYw
FAYDVQQDEw02ODcxMDhjOS1lZDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6CC46XecmZoa7NfwX8sSwW6UM62ModyjMZWuG+l2V6A/WA4mi4zs+8S4
0cOqQTS4vIbbYq2Y/+emPG+U/Y84Y5yIYpf9CX84eu93pgG7+FxKe43ddBRs29bq
VcJbJWuf+b/GJjuxStGXfK1xQtjb4qKsFOINc/olw9vvbeADAd9giqm7ooje1ImX
ZcxmLqtA4Q0iaXiXveWpixntPFfmM5WnnNTybwrxuUKHG0jTRnAh0RRNxF5U34xy
u967zv2hwJVhqB1HDHalftWIQVLhIblomxIzgK/ZhfwYeNK5MKWlBH/7Fr/4l5dp
rR7yzoT4EvvMDLN5y4SU1dHjU6gHnwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGcr
3BaNeViN32IIontyNaLpVdzxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTE5NURDQTVFNTUxMUYwOEExMzVEQkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaWhIDBAGaWhQwDQYJ
KoZIhvcNAQELBQADggEBAK22K+jzabylb1F52i0cHiGDpZllNJ+hosv5QmYvd6yw
Y9N47ceNv3ZFKZawNazBSsK+TECPeiTblZLJwx0sI0F+Xahaj/za5wKLZKz9s/+T
fE27FyCqEv0Ap68qKXIBUUljBKBcio0lwL7R9z4+re3PNXWfYJNumFCd8xDiQFqF
i4h3Nq4Zky2YyOOISLGpQHJKtsgVGwFyujNfe2xirZJxJ5Wy2SH9f7cy8x93eMsp
zHd7NwEUcSAUTZopIRjC+DR3Vca8NenqwJW1AZKunvF2nU8a/hy1XYW8HBuZwE8z
sj0WtVgD0JicOZ3WPOvriiQyI9j9Hg6w8bvbqSL/J2A=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:08 2025 by rpki-client