Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C53E2520647911F095F107D4DAE4EC9C.roa
File: C53E2520647911F095F107D4DAE4EC9C.roa (raw, json)
Hash identifier: XYow9z6SENAUVA3skyUMtOJ7zsoC2z+krlXRaCvXUQE=
Subject key identifier: AB:01:67:57:D7:C6:ED:C3:E0:96:82:D5:F1:66:A2:A1:E2:F4:82:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E67
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C53E2520647911F095F107D4DAE4EC9C.roa
Signing time: Sat 19 Jul 2025 08:24:21 +0000
ROA not before: Sat 19 Jul 2025 08:24:16 +0000
ROA not after: Mon 18 Aug 2025 08:24:16 +0000
asID: 21859
IP address blocks: 154.193.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101991 (0x18e67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 19 08:24:16 2025 GMT
Not After : Aug 18 08:24:16 2025 GMT
Subject: CN=687b5635-f9f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:19:15:e9:e5:af:29:5c:d7:53:0c:0c:f1:92:
d5:44:8d:28:33:4c:36:ea:71:03:c6:3a:80:38:27:
eb:9b:bc:72:68:a4:25:a1:fe:7f:80:ca:a9:58:4d:
f6:90:6f:d4:cb:6f:5d:12:5c:c1:88:ba:b2:ce:60:
e5:73:e8:3b:a6:a0:46:88:65:43:9f:bd:1d:cd:70:
34:e3:95:2c:48:b0:6b:53:ed:5c:8a:97:3f:de:f9:
8e:ac:f7:d9:d0:c8:ea:8e:80:7d:00:69:0a:a1:66:
90:88:0c:eb:05:23:23:2b:8c:28:3e:ec:02:65:c2:
e4:78:3c:65:5a:14:c2:67:41:ad:3d:79:d5:a5:6a:
9c:ff:03:01:62:6c:0e:64:58:65:e9:eb:61:e6:7f:
b8:41:de:4e:e3:5d:dd:7b:4f:76:df:20:1b:aa:54:
79:08:1f:42:47:66:77:89:53:8b:30:13:bb:c0:fa:
29:d4:d0:5c:4c:ec:1a:cb:cc:35:b4:6f:27:18:12:
c5:68:2a:50:c4:2a:3b:88:06:d9:7a:64:df:f6:6e:
72:f6:52:81:a5:54:9e:53:d6:54:bf:17:62:24:54:
d4:24:27:37:b1:45:ff:12:e7:d5:54:b9:c1:1e:32:
46:4e:3f:04:39:f4:aa:db:fe:c7:ae:28:cf:4b:90:
cd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:01:67:57:D7:C6:ED:C3:E0:96:82:D5:F1:66:A2:A1:E2:F4:82:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C53E2520647911F095F107D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.129.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3f:8d:a6:df:71:b5:25:d1:b1:ad:6d:7d:36:e7:a5:59:4a:
7c:7e:00:8f:01:1f:51:1f:64:bf:9a:8a:87:0d:3f:fe:96:49:
13:40:f1:f4:2d:f7:8e:16:de:34:b2:d7:c6:16:bf:26:03:f3:
a0:d6:86:1f:2c:b4:bf:15:96:c5:78:f6:d4:d2:06:bf:32:9d:
a5:9e:7e:56:49:3d:a0:cf:7b:c2:2a:75:26:98:54:60:ba:7a:
56:b4:b4:bc:82:28:e4:89:8f:5b:cf:e5:73:4d:2a:bf:c4:71:
dc:02:0d:6e:e2:31:71:21:df:f5:19:21:88:66:f3:6a:81:f4:
c5:28:70:5d:2e:19:19:03:75:cc:cd:41:bb:c5:30:8e:87:61:
5a:bd:8b:1f:77:e7:d6:b5:ed:49:2c:d5:48:52:83:24:d6:96:
a6:62:74:a5:15:ae:17:ea:d8:b9:ed:cf:e6:f7:1d:bc:cb:b6:
d3:42:ab:9f:44:c1:20:b6:e3:0d:68:2a:1a:65:66:4c:fb:12:
c9:04:7d:6f:a5:d4:1e:df:cb:b4:24:b9:ee:e0:b1:28:2e:f8:
06:ba:eb:ef:15:32:f2:86:eb:e7:a7:00:0e:b9:8a:d1:d9:2d:
d8:2c:ca:a3:dc:80:d2:24:cb:51:3d:11:a7:c8:8d:1f:9a:57:
a0:54:f6:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY5nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE5MDgyNDE2WhcNMjUwODE4MDgyNDE2WjAYMRYw
FAYDVQQDEw02ODdiNTYzNS1mOWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7xkV6eWvKVzXUwwM8ZLVRI0oM0w26nEDxjqAOCfrm7xyaKQlof5/gMqp
WE32kG/Uy29dElzBiLqyzmDlc+g7pqBGiGVDn70dzXA045UsSLBrU+1cipc/3vmO
rPfZ0MjqjoB9AGkKoWaQiAzrBSMjK4woPuwCZcLkeDxlWhTCZ0GtPXnVpWqc/wMB
YmwOZFhl6eth5n+4Qd5O413de0923yAbqlR5CB9CR2Z3iVOLMBO7wPop1NBcTOwa
y8w1tG8nGBLFaCpQxCo7iAbZemTf9m5y9lKBpVSeU9ZUvxdiJFTUJCc3sUX/EufV
VLnBHjJGTj8EOfSq2/7HrijPS5DNZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKsB
Z1fXxu3D4JaC1fFmoqHi9IJNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTNFMjUyMDY0NzkxMUYwOTVGMTA3RDREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGBMA0GCSqGSIb3DQEB
CwUAA4IBAQABP42m33G1JdGxrW19NuelWUp8fgCPAR9RH2S/moqHDT/+lkkTQPH0
LfeOFt40stfGFr8mA/Og1oYfLLS/FZbFePbU0ga/Mp2lnn5WST2gz3vCKnUmmFRg
unpWtLS8gijkiY9bz+VzTSq/xHHcAg1u4jFxId/1GSGIZvNqgfTFKHBdLhkZA3XM
zUG7xTCOh2FavYsfd+fWte1JLNVIUoMk1pamYnSlFa4X6ti57c/m9x28y7bTQquf
RMEgtuMNaCoaZWZM+xLJBH1vpdQe38u0JLnu4LEoLvgGuuvvFTLyhuvnpwAOuYrR
2S3YLMqj3IDSJMtRPRGnyI0fmlegVPbX
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:40 2025 by rpki-client