Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D13E34EC62FC11F0B912F19FDAE4EC9C.roa
File: D13E34EC62FC11F0B912F19FDAE4EC9C.roa (raw, json)
Hash identifier: pyvsttylUSC/iDS9e1EUteqxgKqKbsGtffuurAhKQ8M=
Subject key identifier: D1:7E:7B:FF:6F:4B:6E:30:56:59:D0:03:52:97:A6:9B:54:D2:B4:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D13E34EC62FC11F0B912F19FDAE4EC9C.roa
Signing time: Thu 17 Jul 2025 10:57:23 +0000
ROA not before: Thu 17 Jul 2025 10:57:19 +0000
ROA not after: Wed 27 Aug 2025 10:57:19 +0000
asID: 401701
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101918 (0x18e1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 10:57:19 2025 GMT
Not After : Aug 27 10:57:19 2025 GMT
Subject: CN=6878d713-bca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b2:52:98:91:e9:48:56:7f:4b:7d:b9:a2:78:
15:8d:b2:2a:45:18:cf:66:23:f5:c2:3d:3e:c7:fc:
a9:c0:7a:df:14:02:42:d9:f8:95:e9:2d:ea:dc:06:
82:f8:0e:2a:11:6c:a7:39:a6:31:84:14:81:58:58:
8f:e0:70:f8:23:51:27:9e:bc:0d:48:76:1e:12:21:
81:d6:be:d7:42:d8:79:b3:48:71:12:82:4e:05:44:
aa:ec:74:4a:02:de:00:f8:60:45:57:92:8c:4d:97:
60:b6:68:0c:34:62:ac:58:a4:20:ac:5a:e3:e1:3a:
7a:ee:d1:a7:2a:7f:42:f6:5d:a8:66:57:89:a1:5e:
ed:32:be:a4:7f:f4:e9:5d:99:74:03:23:13:f6:a5:
c2:41:0a:0e:7a:b8:a3:8a:4f:08:41:52:b1:c8:91:
87:64:97:29:10:d0:4b:90:ac:7f:58:d2:88:af:73:
83:8d:99:c0:37:45:17:23:45:c4:4a:77:49:3b:83:
e5:e1:4a:4a:ae:3c:30:c4:c0:9e:c4:f4:36:59:69:
de:ac:18:a9:f1:15:83:e2:99:c7:da:79:4e:95:07:
6e:16:a0:54:5d:c2:30:6e:1e:27:c3:b0:5b:59:65:
12:b2:91:e8:46:48:c6:5c:e4:fe:7c:45:60:51:75:
4f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7E:7B:FF:6F:4B:6E:30:56:59:D0:03:52:97:A6:9B:54:D2:B4:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D13E34EC62FC11F0B912F19FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
25:c3:55:f3:bd:9a:76:41:c7:d7:37:dd:04:25:a5:c4:8e:88:
87:bc:32:de:90:e5:d9:20:84:0b:82:8a:73:da:3e:18:d9:0d:
95:d0:1f:51:2d:7a:cd:7d:d6:99:ac:fe:3c:d8:49:05:64:70:
fe:96:24:fe:bd:16:62:72:f3:57:29:80:67:fa:8e:df:2d:ba:
65:d6:06:26:54:6d:63:a7:f0:42:e5:d0:8c:6c:d8:9d:c1:a4:
57:52:e3:25:8a:54:91:52:3b:55:98:37:e3:30:a9:31:c6:99:
ab:18:79:a8:b1:46:1e:8f:6f:93:2e:3d:c9:17:e5:ee:64:ce:
e2:d9:cf:8f:49:e4:f2:6c:44:20:69:93:95:ae:8c:20:e3:c2:
db:72:30:2b:f0:f4:e8:1a:03:55:9b:ea:ea:78:d4:2c:e0:96:
f3:12:35:02:dc:6f:df:b2:5d:a5:80:63:f2:41:da:97:4c:99:
38:dc:e1:ad:9a:e2:bd:1a:5e:77:6b:32:a8:16:08:a7:99:84:
9b:ef:a2:10:4a:96:13:1d:51:49:ef:51:6a:75:e8:4b:8e:1e:
0b:83:69:8d:7f:cd:7e:0d:dc:95:96:42:42:12:6e:57:51:5a:
2a:46:b6:7a:b6:c7:6f:65:08:90:5b:84:f7:f6:f0:32:65:aa:
39:9e:f6:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY4eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTA1NzE5WhcNMjUwODI3MTA1NzE5WjAYMRYw
FAYDVQQDEw02ODc4ZDcxMy1iY2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLJSmJHpSFZ/S325ongVjbIqRRjPZiP1wj0+x/ypwHrfFAJC2fiV6S3q
3AaC+A4qEWynOaYxhBSBWFiP4HD4I1EnnrwNSHYeEiGB1r7XQth5s0hxEoJOBUSq
7HRKAt4A+GBFV5KMTZdgtmgMNGKsWKQgrFrj4Tp67tGnKn9C9l2oZleJoV7tMr6k
f/TpXZl0AyMT9qXCQQoOerijik8IQVKxyJGHZJcpENBLkKx/WNKIr3ODjZnAN0UX
I0XESndJO4Pl4UpKrjwwxMCexPQ2WWnerBip8RWD4pnH2nlOlQduFqBUXcIwbh4n
w7BbWWUSspHoRkjGXOT+fEVgUXVPSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNF+
e/9vS24wVlnQA1KXpptU0rTuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTNFMzRFQzYyRkMxMUYwQjkxMkYxOUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQAlw1XzvZp2QcfXN90EJaXEjoiHvDLekOXZIIQLgopz2j4Y2Q2V0B9R
LXrNfdaZrP482EkFZHD+liT+vRZicvNXKYBn+o7fLbpl1gYmVG1jp/BC5dCMbNid
waRXUuMlilSRUjtVmDfjMKkxxpmrGHmosUYej2+TLj3JF+XuZM7i2c+PSeTybEQg
aZOVrowg48LbcjAr8PToGgNVm+rqeNQs4JbzEjUC3G/fsl2lgGPyQdqXTJk43OGt
muK9Gl53azKoFginmYSb76IQSpYTHVFJ71FqdehLjh4Lg2mNf81+DdyVlkJCEm5X
UVoqRrZ6tsdvZQiQW4T39vAyZao5nvY+
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:46 2025 by rpki-client