Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E49D805C598C11F08F50D3CBDAE4EC9C.roa
File: E49D805C598C11F08F50D3CBDAE4EC9C.roa (raw, json)
Hash identifier: N3i8Obnq9iL1G9ZsMXGRl7wMOkBXKFUNy2N6VvqLhZc=
Subject key identifier: BB:F6:64:44:89:CF:36:5A:D3:95:43:38:94:DA:14:00:D1:89:ED:0B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018ADA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E49D805C598C11F08F50D3CBDAE4EC9C.roa
Signing time: Sat 05 Jul 2025 10:43:32 +0000
ROA not before: Sat 05 Jul 2025 10:43:27 +0000
ROA not after: Thu 21 Aug 2025 10:43:27 +0000
asID: 203020
IP address blocks: 154.85.28.0/22 maxlen: 24
154.90.192.0/19 maxlen: 24
154.94.128.0/18 maxlen: 24
154.94.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101082 (0x18ada)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 10:43:27 2025 GMT
Not After : Aug 21 10:43:27 2025 GMT
Subject: CN=686901d4-2366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:93:9c:6f:ef:b6:c9:0f:eb:93:d1:77:d2:f2:
e1:89:4d:43:66:d2:26:7f:f6:c1:2a:db:76:41:9e:
c5:2f:78:e2:79:3e:94:67:95:bf:83:26:d8:da:8e:
6c:02:85:4e:f6:6f:c6:40:75:e9:64:2d:ac:a1:ae:
f7:27:12:bf:90:a9:07:f9:49:cc:83:a3:f8:b2:0e:
f6:08:ab:c0:a5:ae:43:01:87:4b:4a:52:49:10:24:
8a:be:75:6c:45:22:c5:30:11:60:3d:e2:4d:b4:03:
08:22:52:21:ef:0d:e1:b5:f4:98:21:f9:43:4e:14:
f1:a0:c8:93:df:48:8b:fb:7b:70:31:8e:43:39:0a:
53:70:f6:7d:87:6a:e4:fe:9a:97:96:b2:b8:21:07:
7a:70:a6:b7:2f:07:e1:72:09:b5:57:95:6d:f6:2c:
5d:cb:ca:10:12:88:cc:52:37:45:a0:b2:a4:54:b0:
bf:63:18:1e:7f:bc:3f:f9:f5:2c:c4:5a:9b:10:cb:
7c:43:5f:4e:69:8e:ee:c8:5d:32:e5:00:64:22:e4:
51:d7:b0:0a:23:91:02:d1:3f:81:27:c7:b1:02:4b:
0d:14:58:fc:cb:77:65:ed:a6:b8:4e:fa:d3:6b:e1:
93:53:a0:0a:4d:f7:14:4a:b3:e9:95:e8:80:c6:95:
a1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F6:64:44:89:CF:36:5A:D3:95:43:38:94:DA:14:00:D1:89:ED:0B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E49D805C598C11F08F50D3CBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.28.0/22
154.90.192.0/19
154.94.128.0/18
154.94.240.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:5c:78:98:72:8b:27:c2:7d:99:84:eb:c9:73:84:b2:e3:13:
2c:95:d9:c4:94:77:03:bd:f3:a0:e3:62:7c:1e:fc:fb:78:7e:
38:d7:d2:b5:29:82:19:36:58:ce:58:a5:c9:1a:a6:03:f1:6a:
0e:7b:3c:a8:ad:8f:59:db:0d:75:c0:43:2c:68:41:2a:40:79:
e4:ef:7f:c7:fc:45:e4:7d:75:ac:99:51:4f:19:5a:03:3c:9e:
fa:16:89:78:e2:ed:7d:26:3a:61:34:e4:bd:08:3a:e6:47:6b:
6f:4e:19:8f:40:d8:96:64:26:63:1c:81:26:ca:84:25:96:74:
58:a9:90:62:2a:16:e1:80:13:20:3d:3f:30:be:ea:f6:fc:17:
0d:e4:d4:5a:bd:40:ad:f8:d6:77:ce:3a:8b:62:78:48:59:38:
b6:a8:c6:63:f9:fa:3c:d5:9c:ad:ff:58:9f:41:1f:4d:15:6f:
42:a7:75:38:d3:75:3c:19:be:c3:0d:f4:8e:56:2d:74:16:dc:
d8:da:0e:78:70:d4:6a:fc:6d:43:94:16:be:47:b7:08:d3:f6:
cd:b0:55:1b:7f:e5:21:46:18:30:c9:44:0a:88:ba:34:75:98:
24:6a:60:d6:d2:6b:a0:75:14:53:35:d2:47:50:bf:dc:b5:9b:
15:83:b6:ed
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAYraMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTA0MzI3WhcNMjUwODIxMTA0MzI3WjAYMRYw
FAYDVQQDEw02ODY5MDFkNC0yMzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyZOcb++2yQ/rk9F30vLhiU1DZtImf/bBKtt2QZ7FL3jieT6UZ5W/gybY
2o5sAoVO9m/GQHXpZC2soa73JxK/kKkH+UnMg6P4sg72CKvApa5DAYdLSlJJECSK
vnVsRSLFMBFgPeJNtAMIIlIh7w3htfSYIflDThTxoMiT30iL+3twMY5DOQpTcPZ9
h2rk/pqXlrK4IQd6cKa3Lwfhcgm1V5Vt9ixdy8oQEojMUjdFoLKkVLC/Yxgef7w/
+fUsxFqbEMt8Q19OaY7uyF0y5QBkIuRR17AKI5EC0T+BJ8exAksNFFj8y3dl7aa4
TvrTa+GTU6AKTfcUSrPpleiAxpWhVwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFLv2
ZESJzzZa05VDOJTaFADRie0LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDlEODA1QzU5OEMxMUYwOEY1MEQzQ0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCmlUcAwQFmlrAAwQGml6A
AwQEml7wMA0GCSqGSIb3DQEBCwUAA4IBAQCyXHiYcosnwn2ZhOvJc4Sy4xMsldnE
lHcDvfOg42J8Hvz7eH4419K1KYIZNljOWKXJGqYD8WoOezyorY9Z2w11wEMsaEEq
QHnk73/H/EXkfXWsmVFPGVoDPJ76Fol44u19JjphNOS9CDrmR2tvThmPQNiWZCZj
HIEmyoQllnRYqZBiKhbhgBMgPT8wvur2/BcN5NRavUCt+NZ3zjqLYnhIWTi2qMZj
+fo81Zyt/1ifQR9NFW9Cp3U403U8Gb7DDfSOVi10FtzY2g54cNRq/G1DlBa+R7cI
0/bNsFUbf+UhRhgwyUQKiLo0dZgkamDW0mugdRRTNdJHUL/ctZsVg7bt
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:49 2025 by rpki-client