Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF46FFFE5B8811F0BC5840ACDAE4EC9C.roa
File: DF46FFFE5B8811F0BC5840ACDAE4EC9C.roa (raw, json)
Hash identifier: ZZ34AeWgoRW2DbzS4v+YuJTF+umZYe4TiVZk6gTrpJg=
Subject key identifier: A3:99:74:59:C0:38:19:99:8D:3F:C2:E7:4C:86:C5:90:F0:B2:67:B3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C86
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF46FFFE5B8811F0BC5840ACDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 23:19:47 +0000
ROA not before: Mon 07 Jul 2025 23:19:41 +0000
ROA not after: Fri 17 Jul 2026 23:19:41 +0000
asID: 21859
IP address blocks: 154.193.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101510 (0x18c86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 23:19:41 2025 GMT
Not After : Jul 17 23:19:41 2026 GMT
Subject: CN=686c5613-9b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:86:41:2b:7d:75:05:f0:82:13:d6:42:07:27:
c1:62:11:31:82:0b:35:e8:0e:9a:8d:98:80:17:4a:
18:e1:0f:69:b0:52:9d:58:7f:13:2d:a6:b3:f1:43:
d2:5c:1c:ab:11:b6:60:06:a5:6d:c7:e8:ea:cf:04:
5d:c7:37:9c:a1:be:59:9d:b3:6e:0b:ae:37:a1:ae:
5d:49:44:bf:1c:bb:0a:13:10:40:cf:8c:86:5f:d7:
43:84:b8:63:53:93:28:60:b1:c6:c2:37:9b:71:66:
bc:67:94:6d:5c:5f:eb:ee:c0:76:da:f9:1c:bd:65:
5b:dc:a8:dd:c5:e9:12:65:ab:e7:b8:ba:df:10:88:
25:0c:61:a7:78:14:d6:10:fa:75:0f:b1:7e:91:6a:
ef:69:11:12:45:ef:26:01:7e:6d:41:ca:3c:34:1d:
05:19:1f:f6:e2:af:43:7f:e9:f2:bd:99:00:30:36:
9c:8a:2d:07:5b:7a:50:97:7f:da:c3:bd:a4:e0:50:
ff:a3:38:09:67:c1:a2:35:14:c3:6a:aa:16:14:61:
d0:1b:0e:95:e0:36:c3:e7:81:0d:74:4b:de:6e:b4:
5a:8c:92:e4:13:56:a7:9f:89:f2:e1:aa:8a:86:74:
a9:11:4f:0d:89:53:c0:60:4a:76:64:1c:97:e3:68:
06:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:99:74:59:C0:38:19:99:8D:3F:C2:E7:4C:86:C5:90:F0:B2:67:B3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF46FFFE5B8811F0BC5840ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.248.0/21
Signature Algorithm: sha256WithRSAEncryption
74:41:c0:83:84:40:b7:e8:2f:62:42:94:ee:1d:6b:42:ec:2a:
6d:43:84:ca:25:63:f3:cd:f4:cd:f3:a7:77:80:cb:14:a9:f9:
cf:f0:5a:39:58:7e:38:24:9c:42:dc:5f:f9:56:af:ff:74:1b:
20:01:56:86:d3:05:0b:48:76:a3:54:4f:45:88:4e:ea:cd:00:
ed:a9:27:70:86:5e:e0:ef:2e:6e:25:0b:ef:ff:e2:dc:78:ab:
0a:08:10:5c:a8:99:be:33:b4:29:4b:38:8a:fe:6a:f5:f2:c8:
ff:87:83:42:e6:c8:b1:ab:50:1d:2d:17:5a:84:b1:2b:a9:af:
09:1d:c0:f3:bd:3f:04:56:83:6e:3e:b7:7c:31:a0:66:8b:f7:
84:12:5d:5b:ba:c2:56:a3:6d:8e:7e:9d:ff:70:56:af:63:59:
ef:33:49:83:00:1d:03:72:51:e5:32:57:4e:95:5b:0a:f8:aa:
dc:bb:6e:e3:cf:f4:6d:87:4d:16:ad:dc:84:77:11:13:9a:93:
cc:62:c5:a7:72:44:5e:db:79:d8:2d:6a:f8:47:1d:46:28:83:
92:51:50:55:04:3b:2f:9b:7c:5b:ac:92:18:d0:62:11:41:2a:
98:9f:ec:9d:9e:23:78:56:fd:73:ba:d6:34:85:21:d0:8f:d3:
69:41:39:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYyGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MjMxOTQxWhcNMjYwNzE3MjMxOTQxWjAYMRYw
FAYDVQQDEw02ODZjNTYxMy05YjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8IZBK311BfCCE9ZCByfBYhExggs16A6ajZiAF0oY4Q9psFKdWH8TLaaz
8UPSXByrEbZgBqVtx+jqzwRdxzecob5ZnbNuC643oa5dSUS/HLsKExBAz4yGX9dD
hLhjU5MoYLHGwjebcWa8Z5RtXF/r7sB22vkcvWVb3KjdxekSZavnuLrfEIglDGGn
eBTWEPp1D7F+kWrvaRESRe8mAX5tQco8NB0FGR/24q9Df+nyvZkAMDacii0HW3pQ
l3/aw72k4FD/ozgJZ8GiNRTDaqoWFGHQGw6V4DbD54ENdEvebrRajJLkE1ann4ny
4aqKhnSpEU8NiVPAYEp2ZByX42gGmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKOZ
dFnAOBmZjT/C50yGxZDwsmezMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjQ2RkZGRTVCODgxMUYwQkM1ODQwQUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsH4MA0GCSqGSIb3DQEB
CwUAA4IBAQB0QcCDhEC36C9iQpTuHWtC7CptQ4TKJWPzzfTN86d3gMsUqfnP8Fo5
WH44JJxC3F/5Vq//dBsgAVaG0wULSHajVE9FiE7qzQDtqSdwhl7g7y5uJQvv/+Lc
eKsKCBBcqJm+M7QpSziK/mr18sj/h4NC5sixq1AdLRdahLErqa8JHcDzvT8EVoNu
Prd8MaBmi/eEEl1busJWo22Ofp3/cFavY1nvM0mDAB0DclHlMldOlVsK+Krcu27j
z/Rth00WrdyEdxETmpPMYsWnckRe23nYLWr4Rx1GKIOSUVBVBDsvm3xbrJIY0GIR
QSqYn+ydniN4Vv1zutY0hSHQj9NpQTlC
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:01 2025 by rpki-client