Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7BFAB145E4011F0827BD0B0DAE4EC9C.roa
File: C7BFAB145E4011F0827BD0B0DAE4EC9C.roa (raw, json)
Hash identifier: xvSSu6L2xzxsZAupLtCd41VeSbh6wWFdlZOvS7SpNZU=
Subject key identifier: D8:93:CF:EE:F1:D6:A9:09:F8:56:90:93:E6:B9:B6:E9:8A:A6:1D:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7BFAB145E4011F0827BD0B0DAE4EC9C.roa
Signing time: Fri 11 Jul 2025 10:21:17 +0000
ROA not before: Fri 11 Jul 2025 10:21:13 +0000
ROA not after: Tue 22 Jul 2025 10:21:13 +0000
asID: 135419
IP address blocks: 154.209.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101709 (0x18d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 10:21:13 2025 GMT
Not After : Jul 22 10:21:13 2025 GMT
Subject: CN=6870e59d-b703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:b5:53:43:47:ae:a5:c9:64:93:ed:77:d0:
3b:a0:a6:82:c6:c4:e1:b4:88:a5:1d:d0:10:3f:9b:
9c:4e:7b:ef:99:72:58:8a:8b:7b:7e:ef:da:cd:34:
7b:21:23:c3:f6:15:10:4d:c3:c2:bb:df:0c:bd:1c:
0e:6a:15:44:28:1e:cd:fc:09:c9:33:89:98:66:47:
12:ed:0f:06:f8:4b:34:d7:7c:09:91:74:aa:27:60:
44:77:cd:0c:9d:b5:5c:dd:68:36:50:8d:44:ab:a0:
7c:39:bb:69:fd:66:d9:a6:9d:3a:b0:13:03:37:08:
ca:ac:d9:b8:dd:b8:7e:c7:44:f4:60:92:df:6c:f5:
70:06:93:14:7f:3c:6f:13:71:46:21:c4:29:25:5a:
2b:d1:94:d8:32:d7:e4:d4:61:22:c7:5e:17:a0:d1:
eb:81:d5:84:9e:83:d6:52:bb:34:35:8c:04:ad:0a:
83:89:e9:3e:4d:6e:16:67:40:26:ba:ce:5b:e0:aa:
63:86:a3:cb:d5:d4:7e:26:1f:78:89:4f:fe:22:6d:
57:3f:21:3a:67:96:44:5c:69:ce:ba:5b:c5:7d:52:
ac:d8:2a:6f:24:11:32:58:ed:76:20:df:cd:7f:01:
8a:ef:d6:73:7f:ab:65:a8:c2:dd:58:4c:d6:d3:dc:
b9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:93:CF:EE:F1:D6:A9:09:F8:56:90:93:E6:B9:B6:E9:8A:A6:1D:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7BFAB145E4011F0827BD0B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.146.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:59:18:15:73:52:e0:d0:55:75:7b:2d:85:6f:76:5e:46:54:
f4:c8:9a:ea:4f:5e:5d:f1:15:75:e7:66:7c:c3:0c:69:dc:8a:
f8:25:ec:42:3f:fe:e1:05:f8:dd:7d:5a:5b:87:20:20:ef:be:
5c:19:a1:51:86:bb:04:37:0b:3f:79:1c:6d:69:c1:57:0e:fb:
36:f5:6e:df:ca:6b:24:20:fb:5f:fb:26:c1:fc:d3:8d:fb:44:
ae:49:62:0f:ef:3d:4c:3f:e6:79:a2:43:22:e4:c5:51:3a:73:
73:9a:b8:dc:ee:c8:b0:86:8d:be:dc:bf:0a:65:4e:04:51:42:
51:8a:9f:a2:ce:2a:d5:8e:9c:3e:e5:35:9e:98:ca:0f:74:15:
5d:f0:06:9d:eb:c6:36:ba:32:1e:ee:93:92:0c:e7:51:e4:43:
bb:a9:09:f3:02:0c:69:c1:53:f8:f5:d0:d7:2e:40:c4:77:4e:
21:69:14:8c:f0:e1:13:c4:57:dd:65:99:5e:77:39:3b:f4:5b:
25:8e:e8:45:33:e6:b2:bb:f8:a1:c9:ba:3c:56:0b:84:6a:97:
a4:ec:38:c7:8a:9f:1e:f8:71:45:42:f6:5d:d4:87:27:fc:34:
59:09:ab:e4:9a:8b:2d:e9:2e:93:41:9e:1c:97:dc:f1:6c:f3:
18:c4:2a:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY1NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTAyMTEzWhcNMjUwNzIyMTAyMTEzWjAYMRYw
FAYDVQQDEw02ODcwZTU5ZC1iNzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCa1U0NHrqXJZJPtd9A7oKaCxsThtIilHdAQP5ucTnvvmXJYiot7fu/a
zTR7ISPD9hUQTcPCu98MvRwOahVEKB7N/AnJM4mYZkcS7Q8G+Es013wJkXSqJ2BE
d80MnbVc3Wg2UI1Eq6B8Obtp/WbZpp06sBMDNwjKrNm43bh+x0T0YJLfbPVwBpMU
fzxvE3FGIcQpJVor0ZTYMtfk1GEix14XoNHrgdWEnoPWUrs0NYwErQqDiek+TW4W
Z0Amus5b4KpjhqPL1dR+Jh94iU/+Im1XPyE6Z5ZEXGnOulvFfVKs2CpvJBEyWO12
IN/NfwGK79Zzf6tlqMLdWEzW09y5lwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNiT
z+7x1qkJ+FaQk+a5tumKph1oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DN0JGQUIxNDVFNDAxMUYwODI3QkQwQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtGSMA0GCSqGSIb3DQEB
CwUAA4IBAQDWWRgVc1Lg0FV1ey2Fb3ZeRlT0yJrqT15d8RV152Z8wwxp3Ir4JexC
P/7hBfjdfVpbhyAg775cGaFRhrsENws/eRxtacFXDvs29W7fymskIPtf+ybB/NON
+0SuSWIP7z1MP+Z5okMi5MVROnNzmrjc7siwho2+3L8KZU4EUUJRip+izirVjpw+
5TWemMoPdBVd8Aad68Y2ujIe7pOSDOdR5EO7qQnzAgxpwVP49dDXLkDEd04haRSM
8OETxFfdZZledzk79FsljuhFM+ayu/ihybo8VguEapek7DjHip8e+HFFQvZd1Icn
/DRZCavkmost6S6TQZ4cl9zxbPMYxCox
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:48 2025 by rpki-client