Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEFFC2A05B3E11F08828C8D2DAE4EC9C.roa
File: DEFFC2A05B3E11F08828C8D2DAE4EC9C.roa (raw, json)
Hash identifier: 7Y+xUjC8+wSI+tiZOuf2FMb0Zc2J5rcBPFCtjg39XLo=
Subject key identifier: 0B:62:D3:C4:32:AE:15:D5:48:C5:83:E2:B1:05:17:B4:19:5F:0F:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEFFC2A05B3E11F08828C8D2DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 14:30:04 +0000
ROA not before: Mon 07 Jul 2025 14:29:59 +0000
ROA not after: Wed 13 Aug 2025 14:29:59 +0000
asID: 20457
IP address blocks: 154.198.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101404 (0x18c1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 14:29:59 2025 GMT
Not After : Aug 13 14:29:59 2025 GMT
Subject: CN=686bd9ec-de48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:20:f0:ba:80:d4:31:36:61:b7:04:1d:c1:
85:2c:34:ba:06:2a:53:84:30:01:dc:dd:59:50:2f:
70:0a:cf:4d:b8:e1:3f:7b:a7:bc:77:d5:fb:44:78:
ed:df:79:ad:01:3a:2e:1a:67:30:4e:88:d9:a9:57:
35:5b:91:14:0c:7c:7a:e9:af:a8:da:76:06:ce:c2:
05:e0:dc:44:90:25:9c:22:2d:ab:94:05:97:95:f3:
b8:4e:8d:ec:a4:ab:43:72:c7:03:f9:13:ee:0e:d6:
03:b1:17:63:4c:0f:06:2b:ca:e7:da:fe:d7:eb:94:
20:f4:e1:dc:36:94:6b:dd:a3:b8:7e:f0:32:40:03:
be:16:1a:c6:f7:56:71:c0:de:02:67:0f:86:e9:b3:
5f:d9:2f:d8:7a:9d:49:05:07:f3:ee:66:c7:16:62:
4a:c6:5a:05:db:c7:0d:2a:3d:03:ed:60:0b:07:f5:
a6:73:b0:d9:d9:a2:37:04:8d:15:4e:3c:33:a7:98:
30:61:9f:70:d0:d6:94:fc:8f:be:ef:8d:af:5b:c7:
78:8b:67:4a:a9:b9:f8:81:56:5b:85:46:c9:b3:14:
6a:48:8e:e7:c4:71:a8:ba:57:5c:b0:0a:bc:fd:a6:
31:5a:87:39:30:7b:d9:63:71:14:f3:e6:29:30:4b:
79:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:62:D3:C4:32:AE:15:D5:48:C5:83:E2:B1:05:17:B4:19:5F:0F:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEFFC2A05B3E11F08828C8D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.11.0/24
Signature Algorithm: sha256WithRSAEncryption
12:85:5a:d5:39:63:41:d8:ae:31:2b:29:73:59:23:e6:6e:bb:
f6:af:31:15:94:1f:72:f7:e4:97:08:6a:bf:c4:57:fe:07:c4:
e5:fd:7d:33:1f:8a:d6:b3:33:f5:c7:dc:1d:d7:a5:20:5d:14:
96:e4:e1:26:fb:52:6d:01:28:04:2a:e5:f0:e9:c5:ba:36:27:
fc:2d:c6:16:04:90:96:67:17:ac:a7:69:2f:49:42:1b:29:cc:
7e:77:2d:13:08:7d:49:71:84:f3:c3:4a:2d:d6:a9:0a:20:af:
96:3d:ce:80:e2:34:f9:dc:07:4c:1e:3f:af:36:29:2a:71:ab:
7c:16:b5:3c:52:a9:83:4a:fe:47:3a:28:69:e6:70:e1:c4:1e:
9c:c2:84:f3:8c:39:8b:35:f7:42:df:49:10:be:a6:1b:f4:5a:
4b:dc:dc:56:7d:12:e1:79:3b:38:af:3e:d5:88:16:b5:06:45:
ca:36:63:6f:6f:62:95:69:ae:67:10:41:aa:62:63:7b:c9:6e:
53:29:9a:0d:e4:71:fe:49:74:51:7d:c9:bf:6b:c5:c8:6d:92:
3e:d9:9e:e2:86:87:e0:ee:5d:a0:95:a4:4d:60:a2:c3:d8:04:
46:45:22:68:b3:78:65:b1:13:9d:cd:9d:5b:d7:05:4f:c5:8c:
05:79:38:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTQyOTU5WhcNMjUwODEzMTQyOTU5WjAYMRYw
FAYDVQQDEw02ODZiZDllYy1kZTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2PEg8LqA1DE2YbcEHcGFLDS6BipThDAB3N1ZUC9wCs9NuOE/e6e8d9X7
RHjt33mtATouGmcwTojZqVc1W5EUDHx66a+o2nYGzsIF4NxEkCWcIi2rlAWXlfO4
To3spKtDcscD+RPuDtYDsRdjTA8GK8rn2v7X65Qg9OHcNpRr3aO4fvAyQAO+FhrG
91ZxwN4CZw+G6bNf2S/Yep1JBQfz7mbHFmJKxloF28cNKj0D7WALB/Wmc7DZ2aI3
BI0VTjwzp5gwYZ9w0NaU/I++742vW8d4i2dKqbn4gVZbhUbJsxRqSI7nxHGouldc
sAq8/aYxWoc5MHvZY3EU8+YpMEt56QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAti
08QyrhXVSMWD4rEFF7QZXw8rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERUZGQzJBMDVCM0UxMUYwODgyOEM4RDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYLMA0GCSqGSIb3DQEB
CwUAA4IBAQAShVrVOWNB2K4xKylzWSPmbrv2rzEVlB9y9+SXCGq/xFf+B8Tl/X0z
H4rWszP1x9wd16UgXRSW5OEm+1JtASgEKuXw6cW6Nif8LcYWBJCWZxesp2kvSUIb
Kcx+dy0TCH1JcYTzw0ot1qkKIK+WPc6A4jT53AdMHj+vNikqcat8FrU8UqmDSv5H
Oihp5nDhxB6cwoTzjDmLNfdC30kQvqYb9FpL3NxWfRLheTs4rz7ViBa1BkXKNmNv
b2KVaa5nEEGqYmN7yW5TKZoN5HH+SXRRfcm/a8XIbZI+2Z7ihofg7l2glaRNYKLD
2ARGRSJos3hlsROdzZ1b1wVPxYwFeTjw
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:19 2025 by rpki-client