Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC907412623111F0B2082CE8DAE4EC9C.roa
File: CC907412623111F0B2082CE8DAE4EC9C.roa (raw, json)
Hash identifier: erxJRT4TMgVWpPRvjGKOdkfw/njxZWFsC1E8ptQihzk=
Subject key identifier: 86:D5:54:D8:CF:40:12:3C:B8:B0:84:85:92:C5:BF:B4:F6:35:26:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DF3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC907412623111F0B2082CE8DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 10:44:08 +0000
ROA not before: Wed 16 Jul 2025 10:44:03 +0000
ROA not after: Tue 22 Jul 2025 10:44:03 +0000
asID: 5650
IP address blocks: 154.194.20.0/22 maxlen: 24
154.205.176.0/22 maxlen: 24
154.205.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101875 (0x18df3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 16 10:44:03 2025 GMT
Not After : Jul 22 10:44:03 2025 GMT
Subject: CN=68778278-6bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:13:e7:92:03:c6:b1:92:69:0a:6e:42:d7:da:
9a:d0:79:ea:dd:7e:ff:7a:4b:36:13:9e:f3:d6:06:
ed:f1:08:b4:40:07:f2:f9:71:5a:74:30:b2:b4:2a:
d2:ad:9d:4e:ce:c1:e8:71:01:dd:05:7a:de:f2:f2:
33:b6:17:4c:5e:6f:91:b2:c1:da:3a:b8:27:5b:6a:
f5:26:3f:95:20:41:bb:52:c4:b9:8e:62:df:c0:00:
c5:db:3d:50:70:2c:ae:5a:8c:7c:b7:c2:3a:c0:a2:
b8:fc:2d:b6:84:da:1e:ce:c3:da:63:b4:fe:8d:bd:
ee:9c:f1:84:cb:78:a5:68:b7:a4:6f:c6:31:a4:0d:
be:b4:af:bb:4a:21:48:5c:a8:f5:f2:ba:1b:f0:f5:
5a:d5:2a:a1:85:fd:3f:72:87:32:3d:da:6a:19:6e:
03:3f:44:78:f2:6d:8e:ba:64:1d:4f:a6:1b:61:92:
4f:7f:53:5f:b7:6c:92:3a:5f:ff:d6:54:b3:ea:8a:
23:1b:c1:d0:10:d7:cb:f4:4f:0b:9d:0c:3b:68:0c:
03:ef:c0:44:f0:6d:c0:1d:66:9a:35:b0:19:eb:1d:
8a:89:23:81:30:6f:18:48:25:70:78:4d:96:3d:2d:
ce:20:35:b7:e0:b7:43:f0:47:2a:38:aa:9b:c4:6c:
f3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D5:54:D8:CF:40:12:3C:B8:B0:84:85:92:C5:BF:B4:F6:35:26:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC907412623111F0B2082CE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.20.0/22
154.205.176.0/21
Signature Algorithm: sha256WithRSAEncryption
73:96:7c:50:03:76:29:65:a3:17:05:a8:d1:69:1c:52:40:73:
5f:e5:91:1f:f6:8f:8c:4f:90:58:b8:5d:9e:af:9c:92:90:ca:
d4:54:b7:0b:c7:05:6f:25:43:97:83:03:d7:97:e8:3c:aa:35:
99:7a:db:2a:51:b0:5c:64:dc:8f:11:cd:cd:28:73:54:28:98:
a3:6e:c4:0c:5e:2e:cc:de:71:d5:09:74:02:18:0f:70:a3:df:
31:bc:72:01:5a:c0:1d:f7:32:9b:22:0a:19:5e:bc:39:aa:1f:
4f:8f:76:8e:ff:ee:d1:f6:e9:00:3a:ce:68:1d:54:52:da:5a:
50:ef:51:ea:6f:f0:ff:ee:be:24:f8:46:c3:07:3c:7e:49:db:
56:44:0a:71:2e:98:f0:a0:27:00:f1:f2:0f:ea:aa:27:7c:e0:
61:2b:96:ce:8c:1c:06:a6:ca:98:74:61:3f:86:f9:76:24:7e:
37:e0:b1:a6:4a:7d:87:74:b9:19:d2:6b:3f:14:46:9a:48:38:
bf:7c:d1:4c:83:b8:8c:c9:0c:4a:99:26:b9:2c:94:b2:36:a8:
ac:4b:4b:2c:b4:76:31:26:22:b8:3e:af:59:a6:e7:7f:13:f3:
89:5b:62:7f:ac:0c:47:77:54:8f:67:85:15:a9:ec:73:e4:82:
bd:76:21:52
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAY3zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE2MTA0NDAzWhcNMjUwNzIyMTA0NDAzWjAYMRYw
FAYDVQQDEw02ODc3ODI3OC02YmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAphPnkgPGsZJpCm5C19qa0Hnq3X7/eks2E57z1gbt8Qi0QAfy+XFadDCy
tCrSrZ1OzsHocQHdBXre8vIzthdMXm+RssHaOrgnW2r1Jj+VIEG7UsS5jmLfwADF
2z1QcCyuWox8t8I6wKK4/C22hNoezsPaY7T+jb3unPGEy3ilaLekb8YxpA2+tK+7
SiFIXKj18rob8PVa1Sqhhf0/cocyPdpqGW4DP0R48m2OumQdT6YbYZJPf1Nft2yS
Ol//1lSz6oojG8HQENfL9E8LnQw7aAwD78BE8G3AHWaaNbAZ6x2KiSOBMG8YSCVw
eE2WPS3OIDW34LdD8EcqOKqbxGzziQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIbV
VNjPQBI8uLCEhZLFv7T2NSYsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQzkwNzQxMjYyMzExMUYwQjIwODJDRThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIUAwQDms2wMA0GCSqG
SIb3DQEBCwUAA4IBAQBzlnxQA3YpZaMXBajRaRxSQHNf5ZEf9o+MT5BYuF2er5yS
kMrUVLcLxwVvJUOXgwPXl+g8qjWZetsqUbBcZNyPEc3NKHNUKJijbsQMXi7M3nHV
CXQCGA9wo98xvHIBWsAd9zKbIgoZXrw5qh9Pj3aO/+7R9ukAOs5oHVRS2lpQ71Hq
b/D/7r4k+EbDBzx+SdtWRApxLpjwoCcA8fIP6qonfOBhK5bOjBwGpsqYdGE/hvl2
JH434LGmSn2HdLkZ0ms/FEaaSDi/fNFMg7iMyQxKmSa5LJSyNqisS0sstHYxJiK4
Pq9Zpud/E/OJW2J/rAxHd1SPZ4UVqexz5IK9diFS
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:42 2025 by rpki-client