Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3388BD25B8311F0A972A38DDAE4EC9C.roa
File: E3388BD25B8311F0A972A38DDAE4EC9C.roa (raw, json)
Hash identifier: jr0T8WFFZmtj4btsRk13r5s0gSAJ2YY93NzkJrLTpIg=
Subject key identifier: A7:08:9E:D9:97:EB:D4:51:D0:72:CD:AC:94:3F:A1:53:95:85:9B:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C7C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3388BD25B8311F0A972A38DDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 22:44:06 +0000
ROA not before: Mon 07 Jul 2025 22:44:00 +0000
ROA not after: Mon 08 Dec 2025 22:44:00 +0000
asID: 150000
IP address blocks: 154.82.159.0/24 maxlen: 24
154.82.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101500 (0x18c7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 22:44:00 2025 GMT
Not After : Dec 8 22:44:00 2025 GMT
Subject: CN=686c4db6-a0e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c5:8e:8e:0a:45:08:4a:36:6d:a9:00:5a:60:
22:79:87:5e:46:08:25:32:e3:b5:62:77:b5:41:e6:
df:fa:75:52:08:68:de:b8:82:09:a7:aa:01:d6:a6:
da:3a:b0:f7:52:c1:77:c4:aa:bf:74:84:03:02:12:
fd:c7:3e:70:d0:32:fe:f4:89:e3:a7:6b:98:74:0c:
7a:fa:3e:17:d4:d8:05:5c:d4:07:0f:d4:28:f9:49:
23:a1:93:a9:f4:ed:64:ea:03:8d:c9:53:db:b9:98:
b3:10:8b:47:85:17:15:a5:f0:94:c1:6e:d2:45:35:
0f:b5:03:a5:90:a5:b6:ff:a5:85:9b:85:f0:39:f6:
df:68:c8:3c:e2:8f:77:13:ac:81:2e:99:ee:73:d8:
ec:ef:df:4b:d5:e6:18:30:33:38:15:16:2b:5e:2d:
f3:22:a8:5a:b3:95:0e:a2:22:81:f9:40:48:30:f8:
de:59:25:09:80:22:59:c1:1b:00:62:e3:1e:20:a4:
d4:36:62:e8:01:f9:24:73:49:ea:f4:59:7c:77:34:
3e:66:03:2f:0d:ae:60:74:e9:da:45:82:5a:ac:46:
da:3e:0b:4c:fd:c6:2f:71:30:a0:22:ad:e7:83:40:
3d:d4:25:31:3e:21:3f:59:00:c2:5d:91:f5:b0:11:
55:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:08:9E:D9:97:EB:D4:51:D0:72:CD:AC:94:3F:A1:53:95:85:9B:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3388BD25B8311F0A972A38DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.159.0-154.82.160.255
Signature Algorithm: sha256WithRSAEncryption
0d:d8:d7:5c:53:5d:57:e6:5e:da:ef:31:cf:04:f6:cf:7f:da:
c2:64:78:de:a9:d7:45:15:82:b0:c1:08:7f:ad:b2:f6:f0:ea:
e0:e1:43:67:ba:b1:9c:71:e4:46:74:c2:16:16:af:40:07:6d:
af:0a:94:a1:f3:63:d0:56:2b:db:be:a6:03:99:66:72:0e:5b:
c7:95:90:53:3a:58:7e:a9:c5:8e:f2:f1:24:b0:48:37:0b:f7:
8b:6e:60:03:e3:52:cd:c8:3f:2a:89:4d:fb:c4:5a:c5:61:33:
70:90:7f:df:a3:57:d8:a3:c9:00:bd:1a:c2:94:34:4e:02:0b:
a5:f4:ca:86:e7:37:87:98:81:6b:2b:9c:36:04:06:e6:95:ac:
47:5b:fc:b6:53:e1:f8:67:30:9c:04:0f:31:91:0a:63:7b:f9:
26:6d:89:46:a4:33:30:81:ee:b8:35:a2:8e:e8:c2:3e:8b:58:
f7:56:64:a7:7d:ea:0b:b2:97:87:f4:65:de:26:e2:20:dc:9a:
49:4e:5a:fc:4d:9c:82:95:7a:53:f7:7f:00:93:9e:28:35:fa:
33:33:10:ee:e6:c5:c1:81:7f:1a:62:76:ed:7d:4d:3d:9f:23:
3a:c4:6c:53:98:57:3f:d3:ef:18:d3:92:fa:92:c4:f9:a1:f5:
76:6e:b7:25
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAYx8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MjI0NDAwWhcNMjUxMjA4MjI0NDAwWjAYMRYw
FAYDVQQDEw02ODZjNGRiNi1hMGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4MWOjgpFCEo2bakAWmAieYdeRgglMuO1Yne1Qebf+nVSCGjeuIIJp6oB
1qbaOrD3UsF3xKq/dIQDAhL9xz5w0DL+9Injp2uYdAx6+j4X1NgFXNQHD9Qo+Ukj
oZOp9O1k6gONyVPbuZizEItHhRcVpfCUwW7SRTUPtQOlkKW2/6WFm4XwOfbfaMg8
4o93E6yBLpnuc9js799L1eYYMDM4FRYrXi3zIqhas5UOoiKB+UBIMPjeWSUJgCJZ
wRsAYuMeIKTUNmLoAfkkc0nq9Fl8dzQ+ZgMvDa5gdOnaRYJarEbaPgtM/cYvcTCg
Iq3ng0A91CUxPiE/WQDCXZH1sBFVxQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKcI
ntmX69RR0HLNrJQ/oVOVhZv4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMzM4OEJEMjVCODMxMUYwQTk3MkEzOEREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaUp8DBACaUqAwDQYJ
KoZIhvcNAQELBQADggEBAA3Y11xTXVfmXtrvMc8E9s9/2sJkeN6p10UVgrDBCH+t
svbw6uDhQ2e6sZxx5EZ0whYWr0AHba8KlKHzY9BWK9u+pgOZZnIOW8eVkFM6WH6p
xY7y8SSwSDcL94tuYAPjUs3IPyqJTfvEWsVhM3CQf9+jV9ijyQC9GsKUNE4CC6X0
yobnN4eYgWsrnDYEBuaVrEdb/LZT4fhnMJwEDzGRCmN7+SZtiUakMzCB7rg1oo7o
wj6LWPdWZKd96guyl4f0Zd4m4iDcmklOWvxNnIKVelP3fwCTnig1+jMzEO7mxcGB
fxpidu19TT2fIzrEbFOYVz/T7xjTkvqSxPmh9XZutyU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:28:27 2025 by rpki-client