Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DECA7EB85B2211F0A08C30A0DAE4EC9C.roa
File: DECA7EB85B2211F0A08C30A0DAE4EC9C.roa (raw, json)
Hash identifier: 3kAiPsUkBomag+MW6tGi8qOKt6e4GjHxbqYP7dhoueA=
Subject key identifier: 9C:8C:85:C0:3A:8E:AB:C3:11:4F:FA:23:8C:B3:D7:9C:88:78:E0:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C0A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DECA7EB85B2211F0A08C30A0DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 11:09:38 +0000
ROA not before: Mon 07 Jul 2025 11:09:33 +0000
ROA not after: Sun 10 Aug 2025 11:09:33 +0000
asID: 137899
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101386 (0x18c0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 11:09:33 2025 GMT
Not After : Aug 10 11:09:33 2025 GMT
Subject: CN=686baaf2-6ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:02:42:47:4a:c9:a1:ad:e5:85:67:bc:1d:f9:
9b:7f:00:2e:03:d8:61:af:58:0a:29:ea:c0:3f:30:
19:0a:a1:98:75:58:e5:44:ff:ac:61:f5:29:6d:f5:
96:f8:65:69:1f:72:60:80:5c:d4:1a:c5:11:8f:58:
4d:83:6e:4e:45:03:bf:ae:66:58:56:4a:35:bd:ce:
13:98:77:dc:f2:92:1c:7f:e3:9d:d4:31:02:8d:2f:
ad:e6:7d:31:20:0b:73:97:18:b4:fd:77:12:ec:3d:
0d:84:83:64:70:ea:b7:f7:a8:1a:e5:2a:20:65:e6:
71:8c:cb:b7:4c:57:0f:ac:c6:1f:ca:a9:f0:d9:ea:
42:2f:4f:8a:9e:be:f2:4f:a9:d4:01:50:46:f2:25:
b2:98:af:d6:ac:5e:b5:1c:4f:c9:63:c9:26:3f:70:
21:24:d1:2d:09:d4:5d:cf:69:f4:3d:fd:f8:74:51:
a0:08:a1:0b:e9:15:56:bb:5f:00:68:09:ac:e0:93:
94:73:1c:57:5f:07:c4:4f:63:43:03:53:ed:23:55:
75:68:fe:87:0a:ce:53:de:5c:fd:62:8a:27:68:33:
b0:b4:76:ee:68:7a:f5:3b:15:51:4a:8d:5d:42:07:
0a:d9:80:1b:8c:85:b0:63:11:4b:70:99:9c:6e:06:
02:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8C:85:C0:3A:8E:AB:C3:11:4F:FA:23:8C:B3:D7:9C:88:78:E0:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DECA7EB85B2211F0A08C30A0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:5d:95:39:c0:0f:bc:10:53:bd:65:d5:3c:ce:35:25:4f:45:
b7:48:14:2e:21:b3:05:6d:cb:7f:2d:67:d5:95:fb:9a:fb:bd:
29:fa:78:5b:77:1d:d2:c6:b4:1d:fe:59:e2:d4:f8:42:33:87:
6c:61:c2:08:fd:76:f3:0f:a1:e8:d0:94:93:79:ad:a5:22:05:
1d:20:84:5f:2d:62:54:bb:39:31:34:2a:df:d2:96:1e:8f:d4:
10:97:eb:f8:19:5a:07:35:37:10:5f:7d:ac:63:26:e5:17:2c:
54:b0:2e:37:f3:7b:f0:79:c5:74:6a:4b:94:24:72:27:2c:71:
eb:3f:52:49:0b:0d:27:ef:b3:33:13:d9:5d:c4:97:64:91:bd:
b9:1b:7c:d8:8d:22:b4:79:de:1a:b6:53:d7:67:7d:5e:6f:00:
1b:ee:70:ad:84:da:8d:a3:22:1f:fc:fa:0a:19:6e:3a:2c:0c:
d5:86:19:4e:2f:f6:35:f2:ff:43:84:83:d6:82:dd:c3:89:c0:
5a:58:35:4c:3a:a5:1a:1e:6a:7d:47:ba:18:45:46:ab:c7:a8:
52:d1:3e:81:cb:a4:90:ac:a9:f1:61:90:11:8c:a1:54:6a:28:
6a:32:be:f0:67:0a:f4:be:8c:4e:ee:1d:6e:18:22:dc:17:11:
88:d1:12:ec
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTEwOTMzWhcNMjUwODEwMTEwOTMzWjAYMRYw
FAYDVQQDEw02ODZiYWFmMi02YmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAJCR0rJoa3lhWe8HfmbfwAuA9hhr1gKKerAPzAZCqGYdVjlRP+sYfUp
bfWW+GVpH3JggFzUGsURj1hNg25ORQO/rmZYVko1vc4TmHfc8pIcf+Od1DECjS+t
5n0xIAtzlxi0/XcS7D0NhINkcOq396ga5SogZeZxjMu3TFcPrMYfyqnw2epCL0+K
nr7yT6nUAVBG8iWymK/WrF61HE/JY8kmP3AhJNEtCdRdz2n0Pf34dFGgCKEL6RVW
u18AaAms4JOUcxxXXwfET2NDA1PtI1V1aP6HCs5T3lz9YoonaDOwtHbuaHr1OxVR
So1dQgcK2YAbjIWwYxFLcJmcbgYCkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJyM
hcA6jqvDEU/6I4yz15yIeODgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERUNBN0VCODVCMjIxMUYwQTA4QzMwQTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBKXZU5wA+8EFO9ZdU8zjUlT0W3SBQuIbMFbct/LWfVlfua+70p+nhb
dx3SxrQd/lni1PhCM4dsYcII/XbzD6Ho0JSTea2lIgUdIIRfLWJUuzkxNCrf0pYe
j9QQl+v4GVoHNTcQX32sYyblFyxUsC4383vwecV0akuUJHInLHHrP1JJCw0n77Mz
E9ldxJdkkb25G3zYjSK0ed4atlPXZ31ebwAb7nCthNqNoyIf/PoKGW46LAzVhhlO
L/Y18v9DhIPWgt3DicBaWDVMOqUaHmp9R7oYRUarx6hS0T6By6SQrKnxYZARjKFU
aihqMr7wZwr0voxO7h1uGCLcFxGI0RLs
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:04 2025 by rpki-client