Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE9CC6CE5A9411F093952DF6DAE4EC9C.roa
File: CE9CC6CE5A9411F093952DF6DAE4EC9C.roa (raw, json)
Hash identifier: lNrMe8R2ylWynJZlD//D3Rygjz6ucuKgjozR9a3WqS4=
Subject key identifier: F5:27:CD:56:B9:7F:46:F1:0D:CA:6A:E4:5A:F8:83:F6:AC:29:EB:11
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BA2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE9CC6CE5A9411F093952DF6DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 18:12:42 +0000
ROA not before: Sun 06 Jul 2025 18:12:36 +0000
ROA not after: Sun 17 Aug 2025 18:12:36 +0000
asID: 203020
IP address blocks: 154.203.44.0/22 maxlen: 24
154.203.48.0/23 maxlen: 24
154.204.96.0/19 maxlen: 24
154.220.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101282 (0x18ba2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 18:12:36 2025 GMT
Not After : Aug 17 18:12:36 2025 GMT
Subject: CN=686abc9a-f874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:24:3a:e2:22:cf:d1:e3:c0:fe:b1:62:39:31:
63:e3:db:a8:88:01:33:0f:f4:bb:05:f6:1d:16:58:
39:97:e9:22:2c:9f:c7:df:0f:d5:76:68:10:f3:da:
2d:a4:6f:b4:ba:7c:50:aa:2d:b4:d2:c2:5f:52:5c:
18:ea:65:4b:17:34:49:fd:26:c7:a8:63:1e:1d:4f:
ae:1c:cf:c6:ae:49:30:ef:a2:56:65:60:26:b5:4f:
ec:2c:3d:60:b0:5f:a4:61:39:cb:19:f9:d6:7e:ea:
15:b8:1e:ae:f0:f7:40:61:79:e3:c6:08:69:0a:f9:
f0:0d:02:6e:95:ff:7b:21:dc:59:62:69:fe:80:8a:
fc:5d:12:9f:a5:96:4b:db:24:8f:09:04:55:0d:ba:
9a:bf:ed:15:5f:52:4c:c3:16:e0:d3:c0:9f:e9:5d:
99:30:64:c4:d9:bc:55:8e:0f:0b:ac:ba:a0:cf:25:
0e:3d:32:1e:b6:c1:6b:d0:71:82:ef:b1:65:6d:b8:
89:3e:e6:4e:3a:5e:e6:c2:f6:a0:a1:5d:08:84:18:
4a:b9:81:d3:fd:5b:74:e8:d0:00:69:c9:a7:9a:b1:
19:8b:10:73:6e:37:eb:63:ec:a5:fa:08:56:b6:ed:
e8:b9:5e:f9:a4:b2:4a:0b:f4:e6:f4:48:b5:1c:d8:
1c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:27:CD:56:B9:7F:46:F1:0D:CA:6A:E4:5A:F8:83:F6:AC:29:EB:11
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE9CC6CE5A9411F093952DF6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.44.0-154.203.49.255
154.204.96.0/19
154.220.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:5a:37:6a:2b:61:96:2d:4e:f6:db:14:91:a0:ce:70:f6:35:
6c:d9:8a:f8:41:1a:e9:df:18:5e:28:e3:4c:65:fb:fc:34:b7:
f0:6f:93:18:fc:59:46:94:ef:c6:ab:b0:be:b8:9e:9a:bb:a7:
6b:0b:4f:0f:b6:f7:29:e9:b6:d5:70:96:eb:2b:74:94:85:82:
af:02:d0:0e:53:08:78:d2:5d:92:ce:64:70:33:0d:4c:22:89:
77:ad:6b:6d:f2:63:f8:eb:b4:0e:d9:07:f6:3e:47:1d:1b:d8:
2f:ec:7b:f8:f3:51:af:9b:44:a9:49:05:21:ef:41:a4:b3:32:
0b:c8:0c:c7:a8:5e:50:b1:1d:91:33:53:1e:0a:27:2e:ef:24:
cb:92:7b:6e:f2:b0:35:d6:f4:3a:10:95:8b:ce:11:f4:31:6f:
56:56:25:ac:00:2f:09:11:27:7e:84:1a:76:ac:79:7b:cf:02:
17:6a:19:00:34:1e:57:b8:6c:a0:6e:8d:b6:50:2f:61:ad:60:
4d:2b:91:4a:64:e1:94:08:4f:27:7f:7d:d0:a6:1c:1e:a3:9f:
18:1d:e3:90:1a:b0:54:da:60:9b:22:90:b8:72:d8:af:cc:ea:
6a:ed:1b:c4:c3:bc:44:2d:f4:69:b2:73:7f:71:8b:e4:13:15:
72:5f:9f:cb
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAYuiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MTgxMjM2WhcNMjUwODE3MTgxMjM2WjAYMRYw
FAYDVQQDEw02ODZhYmM5YS1mODc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwiQ64iLP0ePA/rFiOTFj49uoiAEzD/S7BfYdFlg5l+kiLJ/H3w/VdmgQ
89otpG+0unxQqi200sJfUlwY6mVLFzRJ/SbHqGMeHU+uHM/Grkkw76JWZWAmtU/s
LD1gsF+kYTnLGfnWfuoVuB6u8PdAYXnjxghpCvnwDQJulf97IdxZYmn+gIr8XRKf
pZZL2ySPCQRVDbqav+0VX1JMwxbg08Cf6V2ZMGTE2bxVjg8LrLqgzyUOPTIetsFr
0HGC77FlbbiJPuZOOl7mwvagoV0IhBhKuYHT/Vt06NAAacmnmrEZixBzbjfrY+yl
+ghWtu3ouV75pLJKC/Tm9Ei1HNgclwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFPUn
zVa5f0bxDcpq5Fr4g/asKesRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTlDQzZDRTVBOTQxMUYwOTM5NTJERjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKayywDBAGayzADBAWa
zGADBAaa3IAwDQYJKoZIhvcNAQELBQADggEBAFtaN2orYZYtTvbbFJGgznD2NWzZ
ivhBGunfGF4o40xl+/w0t/Bvkxj8WUaU78arsL64npq7p2sLTw+29ynpttVwlusr
dJSFgq8C0A5TCHjSXZLOZHAzDUwiiXeta23yY/jrtA7ZB/Y+Rx0b2C/se/jzUa+b
RKlJBSHvQaSzMgvIDMeoXlCxHZEzUx4KJy7vJMuSe27ysDXW9DoQlYvOEfQxb1ZW
JawALwkRJ36EGnaseXvPAhdqGQA0Hle4bKBujbZQL2GtYE0rkUpk4ZQITyd/fdCm
HB6jnxgd45AasFTaYJsikLhy2K/M6mrtG8TDvEQt9Gmyc39xi+QTFXJfn8s=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:44 2025 by rpki-client