Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D10613B263AD11F09DB95FA6DAE4EC9C.roa
File: D10613B263AD11F09DB95FA6DAE4EC9C.roa (raw, json)
Hash identifier: LBTi/oyGfFJzMR8Br2jCjRaMsPw26NhvGdNLCaYTd90=
Subject key identifier: BE:65:91:8F:2F:EA:90:90:4D:AF:76:BF:65:5A:4F:E6:93:74:AB:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D10613B263AD11F09DB95FA6DAE4EC9C.roa
Signing time: Fri 18 Jul 2025 08:04:24 +0000
ROA not before: Fri 18 Jul 2025 08:04:19 +0000
ROA not after: Mon 11 Aug 2025 08:04:19 +0000
asID: 204044
IP address blocks: 154.84.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101984 (0x18e60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 18 08:04:19 2025 GMT
Not After : Aug 11 08:04:19 2025 GMT
Subject: CN=687a0008-ab12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:47:14:31:b9:e9:94:fe:67:f1:bf:df:f8:6d:
91:05:00:96:e4:9f:c4:35:70:cb:1f:71:d8:14:33:
b6:5d:af:67:12:2a:72:71:8b:5c:cc:ef:14:28:00:
5e:51:5e:f7:e1:df:ab:cc:0d:a7:0c:5c:04:d3:26:
b5:22:12:3e:4d:c0:b4:e9:1b:62:0b:2f:b8:24:5f:
43:d3:8c:42:62:66:a8:c7:ba:d0:37:82:6d:97:58:
89:60:71:ed:9b:ae:81:c9:70:11:25:2f:4a:c1:e9:
82:9f:3a:22:1f:21:51:c5:c1:c5:85:2a:6f:5b:d1:
fc:cc:fc:bd:b0:f4:7d:b8:cc:d5:14:5c:61:ef:7d:
9d:d1:74:26:7f:d4:06:26:21:16:0b:b5:49:94:a6:
f2:7b:90:6e:6e:57:ee:cf:a4:af:d7:3b:05:79:74:
54:19:45:0f:45:a4:b6:b3:c5:3f:3f:24:f1:7f:ea:
d4:8d:ee:e8:e0:40:ab:a4:61:c6:aa:c2:d0:09:3b:
b9:d4:8c:5e:02:19:3e:f7:ef:1c:c3:93:fd:cf:75:
fb:36:a3:16:be:01:96:3a:c8:e2:13:92:73:f8:bf:
78:a4:d2:e0:41:c9:b8:cb:cb:82:e9:26:0b:76:56:
db:0d:7d:9f:52:6e:ab:de:4b:a5:5c:f4:3c:c0:0d:
15:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:65:91:8F:2F:EA:90:90:4D:AF:76:BF:65:5A:4F:E6:93:74:AB:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D10613B263AD11F09DB95FA6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.184.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:f4:96:e5:c1:ad:1f:df:53:75:6a:94:ae:46:43:86:d4:03:
be:f0:97:33:2d:ea:6c:35:7a:84:d3:f5:a9:e1:70:9b:c6:8d:
fc:6b:ce:1b:7b:2d:44:88:5c:c7:ee:58:e5:9c:24:02:da:e2:
88:a6:c1:75:67:9b:dd:83:61:18:d8:3b:ae:67:26:2c:b4:e0:
40:dc:c4:f6:1f:b9:2b:19:47:e4:78:08:fb:ae:a2:0f:24:98:
06:d7:60:51:89:7e:2d:5f:96:92:31:75:b4:7c:00:29:cc:f4:
3b:02:a1:a5:bb:45:98:38:25:90:7a:2f:85:23:1a:fc:51:ed:
7d:a7:a0:1a:83:a3:2f:ac:a3:76:16:bb:64:39:2f:bb:dd:be:
a3:74:b7:2a:5f:e7:a7:e4:28:81:7c:fa:c8:7b:f9:72:28:54:
13:e2:ad:e8:3f:4e:a6:50:9e:c5:89:20:92:35:a2:19:9d:48:
fe:f9:a2:10:3b:fc:76:27:3c:ae:50:fc:b1:e1:8f:93:18:61:
2b:75:73:94:5b:51:7b:b9:87:82:bc:49:78:fd:f2:68:09:6a:
96:62:93:e3:c3:76:4e:29:19:b2:08:5a:07:e5:99:77:3b:5c:
07:91:c3:bb:5b:d7:c7:d5:4b:70:78:ce:68:c2:00:81:4a:a8:
c4:fb:d7:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY5gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE4MDgwNDE5WhcNMjUwODExMDgwNDE5WjAYMRYw
FAYDVQQDEw02ODdhMDAwOC1hYjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1kcUMbnplP5n8b/f+G2RBQCW5J/ENXDLH3HYFDO2Xa9nEipycYtczO8U
KABeUV734d+rzA2nDFwE0ya1IhI+TcC06RtiCy+4JF9D04xCYmaox7rQN4Jtl1iJ
YHHtm66ByXARJS9KwemCnzoiHyFRxcHFhSpvW9H8zPy9sPR9uMzVFFxh732d0XQm
f9QGJiEWC7VJlKbye5Bublfuz6Sv1zsFeXRUGUUPRaS2s8U/PyTxf+rUje7o4ECr
pGHGqsLQCTu51IxeAhk+9+8cw5P9z3X7NqMWvgGWOsjiE5Jz+L94pNLgQcm4y8uC
6SYLdlbbDX2fUm6r3kulXPQ8wA0VEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL5l
kY8v6pCQTa92v2VaT+aTdKs0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTA2MTNCMjYzQUQxMUYwOURCOTVGQTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlS4MA0GCSqGSIb3DQEB
CwUAA4IBAQDJ9Jblwa0f31N1apSuRkOG1AO+8JczLepsNXqE0/Wp4XCbxo38a84b
ey1EiFzH7ljlnCQC2uKIpsF1Z5vdg2EY2DuuZyYstOBA3MT2H7krGUfkeAj7rqIP
JJgG12BRiX4tX5aSMXW0fAApzPQ7AqGlu0WYOCWQei+FIxr8Ue19p6Aag6MvrKN2
FrtkOS+73b6jdLcqX+en5CiBfPrIe/lyKFQT4q3oP06mUJ7FiSCSNaIZnUj++aIQ
O/x2JzyuUPyx4Y+TGGErdXOUW1F7uYeCvEl4/fJoCWqWYpPjw3ZOKRmyCFoH5Zl3
O1wHkcO7W9fH1UtweM5owgCBSqjE+9cx
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:50 2025 by rpki-client