Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE2665AC5CDD11F0887C38E1DAE4EC9C.roa
File: BE2665AC5CDD11F0887C38E1DAE4EC9C.roa (raw, json)
Hash identifier: XlVDW3HqBL72KiKF74L5DtbUDRe+f/SeCBE9DTp4Oa8=
Subject key identifier: 67:29:8E:EA:A1:DA:51:6B:A6:A3:7C:BF:2C:E3:54:AB:DD:C3:03:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CE8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE2665AC5CDD11F0887C38E1DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 15:59:50 +0000
ROA not before: Wed 09 Jul 2025 15:59:45 +0000
ROA not after: Wed 13 Aug 2025 15:59:45 +0000
asID: 20457
IP address blocks: 154.198.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101608 (0x18ce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 15:59:45 2025 GMT
Not After : Aug 13 15:59:45 2025 GMT
Subject: CN=686e91f6-a05b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f7:a2:7e:09:24:0a:d9:a9:12:fd:68:7e:d7:
bb:ff:c4:4c:05:2d:bb:a6:90:fa:90:7c:e6:6f:c7:
a9:35:0b:36:4b:f1:d6:9e:0d:4d:cb:e1:50:24:ea:
d7:f4:5e:8e:74:c2:ab:9f:e8:85:ff:10:5c:87:ec:
79:70:4c:d7:03:f4:95:87:8d:e5:cb:6a:fb:d2:17:
80:d6:b3:97:86:f7:80:5d:3e:90:da:ab:28:9a:b9:
39:16:bc:e4:48:f8:c3:03:5a:a5:39:f3:ec:a9:10:
ea:6b:9d:29:ce:97:3d:d3:e0:19:12:39:2e:a6:1a:
11:4b:7b:75:e7:27:e7:dd:fc:08:3d:ca:e1:bf:9f:
4b:80:a8:26:01:bd:2a:85:ba:65:ad:3c:c9:03:c3:
99:3f:c2:5d:9b:1c:c5:0e:b4:52:b4:c5:4e:e9:46:
1e:18:fc:05:39:ae:24:3c:34:bb:e0:d1:bc:4c:b9:
bf:21:6c:47:60:b8:6c:50:36:28:6b:c0:05:49:8e:
a0:75:f5:cc:e6:5f:b9:31:69:36:df:f9:00:78:b3:
d2:e4:cc:48:28:10:f4:4d:56:69:e9:b0:4c:c8:74:
66:9e:6c:8a:fa:bf:c6:60:a2:d6:78:73:26:7a:d5:
c6:cf:73:58:db:76:66:cf:11:d3:ce:7a:3c:8a:f0:
c8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:29:8E:EA:A1:DA:51:6B:A6:A3:7C:BF:2C:E3:54:AB:DD:C3:03:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE2665AC5CDD11F0887C38E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.11.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:e4:8f:1d:70:a1:ae:1d:03:50:29:0b:06:91:14:f1:23:0a:
f5:78:0a:c7:02:9b:17:b6:88:81:b8:fa:d1:f7:4c:e9:4a:96:
36:5c:61:d8:9f:9e:07:f8:23:ca:da:93:8f:b1:c3:ab:7d:13:
03:34:7a:59:8d:76:21:c1:c7:ab:3b:01:9c:7b:b0:40:62:b2:
90:81:b6:62:a0:a7:28:42:78:74:47:7a:90:a1:65:c9:8c:3f:
ec:65:35:e4:81:14:65:04:db:6b:72:8b:6b:e2:18:6e:d8:ce:
39:a4:e0:c5:41:b3:8c:31:ab:77:27:d4:3b:31:dc:dc:4d:9d:
3c:98:e4:d7:9d:9d:9c:45:8c:86:1c:39:73:65:7b:95:aa:40:
5a:78:5e:d1:e0:f8:2d:a7:b1:de:76:b1:94:cc:58:7a:99:a6:
9b:da:82:61:fb:39:42:cf:3e:fd:5a:33:15:39:fb:23:80:3c:
9c:81:f5:fb:da:58:5c:6f:98:9f:01:f2:3d:b5:29:fb:14:b9:
1e:1b:53:16:dc:0b:33:9f:66:22:77:11:75:86:cc:c5:39:ce:
54:90:24:80:2a:da:9b:7c:84:31:1e:84:9c:71:69:70:25:ce:
1e:58:f0:a6:cd:29:89:26:0e:97:73:b4:e5:25:13:1a:b4:e4:
8f:24:8a:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYzoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTU1OTQ1WhcNMjUwODEzMTU1OTQ1WjAYMRYw
FAYDVQQDEw02ODZlOTFmNi1hMDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1feifgkkCtmpEv1ofte7/8RMBS27ppD6kHzmb8epNQs2S/HWng1Ny+FQ
JOrX9F6OdMKrn+iF/xBch+x5cEzXA/SVh43ly2r70heA1rOXhveAXT6Q2qsomrk5
FrzkSPjDA1qlOfPsqRDqa50pzpc90+AZEjkuphoRS3t15yfn3fwIPcrhv59LgKgm
Ab0qhbplrTzJA8OZP8JdmxzFDrRStMVO6UYeGPwFOa4kPDS74NG8TLm/IWxHYLhs
UDYoa8AFSY6gdfXM5l+5MWk23/kAeLPS5MxIKBD0TVZp6bBMyHRmnmyK+r/GYKLW
eHMmetXGz3NY23ZmzxHTzno8ivDINwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGcp
juqh2lFrpqN8vyzjVKvdwwM8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTI2NjVBQzVDREQxMUYwODg3QzM4RTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYLMA0GCSqGSIb3DQEB
CwUAA4IBAQDX5I8dcKGuHQNQKQsGkRTxIwr1eArHApsXtoiBuPrR90zpSpY2XGHY
n54H+CPK2pOPscOrfRMDNHpZjXYhwcerOwGce7BAYrKQgbZioKcoQnh0R3qQoWXJ
jD/sZTXkgRRlBNtrcotr4hhu2M45pODFQbOMMat3J9Q7MdzcTZ08mOTXnZ2cRYyG
HDlzZXuVqkBaeF7R4Pgtp7HedrGUzFh6maab2oJh+zlCzz79WjMVOfsjgDycgfX7
2lhcb5ifAfI9tSn7FLkeG1MW3Aszn2YidxF1hszFOc5UkCSAKtqbfIQxHoSccWlw
Jc4eWPCmzSmJJg6Xc7TlJRMatOSPJIoy
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:43 2025 by rpki-client