Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C75855CC5AA311F0910485D8DAE4EC9C.roa
File: C75855CC5AA311F0910485D8DAE4EC9C.roa (raw, json)
Hash identifier: xJik7vePdczPB2UzO30jVby7PFxgKB4DuR4xBlXbHuE=
Subject key identifier: AF:4D:5C:DB:26:E8:7D:71:7A:D3:9A:93:DB:E4:40:7A:54:A0:54:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BB0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C75855CC5AA311F0910485D8DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 19:59:52 +0000
ROA not before: Sun 06 Jul 2025 19:59:47 +0000
ROA not after: Sun 24 Aug 2025 19:59:47 +0000
asID: 8796
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101296 (0x18bb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 19:59:47 2025 GMT
Not After : Aug 24 19:59:47 2025 GMT
Subject: CN=686ad5b8-a2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d3:b6:ca:76:a7:6e:15:cb:80:10:a2:5d:5b:
6f:fb:a8:27:20:39:bb:1d:0c:c1:f9:82:65:32:e9:
f9:de:ad:17:99:cf:4d:67:30:df:bf:5f:13:8e:9c:
65:32:9b:48:1f:de:b0:61:71:82:06:fe:56:8e:cd:
46:31:34:ef:ce:79:d1:8a:06:ea:67:c8:59:55:3e:
1b:8f:fc:6d:4b:28:13:a0:50:fe:ac:d3:d6:c4:47:
60:c8:ba:c3:14:35:90:98:91:f2:1c:06:ef:4e:f3:
39:a3:44:89:15:e9:60:db:d3:57:05:08:39:f6:e1:
e2:2e:87:e7:f4:c5:cb:f7:bc:d8:82:9b:87:dc:f1:
14:38:b3:10:98:21:14:4d:c2:25:83:49:be:82:75:
51:42:e3:fe:2a:07:20:0c:24:0f:35:9f:06:e5:9e:
d7:5a:09:0d:bc:ba:b0:72:c6:44:81:93:07:72:ec:
2d:b5:7c:83:ef:30:c6:da:f7:db:6f:95:1f:57:50:
61:32:6d:4a:22:dc:55:e8:c7:22:a8:dc:74:47:9b:
32:13:22:29:db:42:bc:3e:02:32:a1:7c:6d:c1:3e:
34:2d:07:66:c7:e5:20:22:49:00:45:75:41:cc:83:
60:6c:34:59:04:58:5c:0c:97:6c:64:9d:de:58:02:
b0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4D:5C:DB:26:E8:7D:71:7A:D3:9A:93:DB:E4:40:7A:54:A0:54:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C75855CC5AA311F0910485D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8d:44:04:0b:98:d9:c5:29:14:48:60:59:6c:5d:ba:c2:76:
dd:29:fb:ba:86:4d:77:b0:12:a0:a8:50:fd:61:0e:1c:ff:54:
20:a0:1b:29:88:96:0e:2b:ca:56:01:62:76:f5:32:f2:1b:8d:
6c:5c:87:28:eb:2f:1c:a5:30:59:67:a9:67:64:a3:8a:e9:f1:
84:d7:da:29:35:5a:78:bd:87:4e:0e:fa:7e:56:13:91:f2:90:
44:62:20:f7:28:ce:55:ce:1d:2e:a4:47:71:e2:ea:c3:c2:89:
c7:2e:e6:15:85:d5:48:ce:06:4e:6e:cb:fd:f0:a1:e0:e8:ba:
8f:4b:2d:af:b4:eb:9e:eb:73:f8:a1:5e:43:2e:f7:ba:96:f0:
a6:f3:49:9a:62:1c:ae:ee:e6:e0:67:ca:30:fe:9e:10:98:29:
8b:9a:b8:ca:d2:e8:c5:31:b9:9f:70:e9:60:76:fe:28:89:d2:
4f:00:d0:d7:a4:83:a5:9b:45:f0:90:94:35:15:95:03:5f:5b:
3d:2d:4c:d9:3c:a4:63:68:07:63:a3:48:f9:41:b5:2b:d2:46:
b3:6b:2d:ec:20:78:02:c7:57:53:32:3a:93:95:16:90:ce:89:
f6:95:ff:fe:f4:1f:7a:8a:32:ac:36:b9:f2:29:47:83:63:22:
73:6e:21:37
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYuwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MTk1OTQ3WhcNMjUwODI0MTk1OTQ3WjAYMRYw
FAYDVQQDEw02ODZhZDViOC1hMmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqdO2ynanbhXLgBCiXVtv+6gnIDm7HQzB+YJlMun53q0Xmc9NZzDfv18T
jpxlMptIH96wYXGCBv5Wjs1GMTTvznnRigbqZ8hZVT4bj/xtSygToFD+rNPWxEdg
yLrDFDWQmJHyHAbvTvM5o0SJFelg29NXBQg59uHiLofn9MXL97zYgpuH3PEUOLMQ
mCEUTcIlg0m+gnVRQuP+KgcgDCQPNZ8G5Z7XWgkNvLqwcsZEgZMHcuwttXyD7zDG
2vfbb5UfV1BhMm1KItxV6MciqNx0R5syEyIp20K8PgIyoXxtwT40LQdmx+UgIkkA
RXVBzINgbDRZBFhcDJdsZJ3eWAKwCQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFK9N
XNsm6H1xetOak9vkQHpUoFTfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNzU4NTVDQzVBQTMxMUYwOTEwNDg1RDhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAIGNRAQLmNnFKRRIYFlsXbrCdt0p+7qGTXew
EqCoUP1hDhz/VCCgGymIlg4rylYBYnb1MvIbjWxchyjrLxylMFlnqWdko4rp8YTX
2ik1Wni9h04O+n5WE5HykERiIPcozlXOHS6kR3Hi6sPCiccu5hWF1UjOBk5uy/3w
oeDouo9LLa+0657rc/ihXkMu97qW8KbzSZpiHK7u5uBnyjD+nhCYKYuauMrS6MUx
uZ9w6WB2/iiJ0k8A0Nekg6WbRfCQlDUVlQNfWz0tTNk8pGNoB2OjSPlBtSvSRrNr
LewgeALHV1MyOpOVFpDOifaV//70H3qKMqw2ufIpR4NjInNuITc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:17 2025 by rpki-client