Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8E9452862F711F083FC9680DAE4EC9C.roa
File: E8E9452862F711F083FC9680DAE4EC9C.roa (raw, json)
Hash identifier: p7mUjiz5N+FgeJbSIuO3Q/fdJ0U6nRMhHXwQl5N4Uds=
Subject key identifier: 02:04:24:74:22:C2:F1:9B:89:57:41:29:6E:71:98:09:68:F8:B2:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E14
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8E9452862F711F083FC9680DAE4EC9C.roa
Signing time: Thu 17 Jul 2025 10:22:16 +0000
ROA not before: Thu 17 Jul 2025 10:22:11 +0000
ROA not after: Sun 24 Aug 2025 10:22:11 +0000
asID: 214413
IP address blocks: 154.82.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101908 (0x18e14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 10:22:11 2025 GMT
Not After : Aug 24 10:22:11 2025 GMT
Subject: CN=6878ced8-1a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:02:3b:f9:e5:1f:fe:99:5e:b3:c9:48:3c:
56:24:fe:16:e9:27:d1:dd:42:f2:df:ae:4c:16:25:
6b:c6:4a:bd:c1:ee:fd:12:f5:2e:9c:46:23:95:05:
71:24:94:58:a5:4a:48:55:d4:a6:85:d8:b6:ef:63:
84:7a:27:4f:26:78:2d:88:c2:f0:b0:38:08:e0:50:
1d:a7:65:37:1d:95:b2:ff:a6:81:41:75:2e:de:40:
76:3a:89:9c:8f:24:3d:0b:b6:29:1f:cf:7d:58:28:
dd:75:59:2a:e2:bf:28:3e:fa:e2:e1:f2:eb:7a:71:
e8:96:cf:c2:7b:64:f0:16:c4:c9:39:9a:3f:96:76:
85:d1:01:ff:87:58:32:60:55:9d:5a:76:ad:9c:99:
34:03:8b:46:62:14:36:03:3c:49:a0:74:db:bd:a4:
85:aa:49:8a:68:20:8e:97:39:45:3a:1f:32:be:b2:
c3:91:bb:b4:89:20:43:d5:6e:1f:58:ca:f9:87:57:
28:a4:c5:14:26:ff:7d:57:e4:29:ae:c0:1c:3d:67:
ed:0b:f6:02:7e:35:98:24:fc:d9:81:e6:01:77:97:
bd:66:b1:16:19:34:6a:25:95:a5:35:05:5b:86:c4:
39:7e:4e:55:e3:0d:a3:7a:09:83:a0:74:04:fc:45:
b7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:04:24:74:22:C2:F1:9B:89:57:41:29:6E:71:98:09:68:F8:B2:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8E9452862F711F083FC9680DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.0.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:c3:11:e9:90:d5:3f:37:43:77:4b:9a:91:7f:91:3a:cd:85:
48:20:45:1f:aa:64:db:eb:e3:93:5f:67:90:44:75:d3:33:d8:
4e:1a:7b:e5:01:75:3f:0e:86:95:c1:7c:bc:d7:2e:a4:35:98:
ee:79:7a:1e:11:f4:95:4b:81:b2:3a:49:7b:d9:7c:a3:2c:cb:
8e:b7:f4:6b:56:80:c3:8b:b4:b8:e6:81:e9:29:b0:72:55:6f:
1e:d7:a2:54:0c:7f:ce:d3:e6:2b:b3:a1:08:b5:5b:d9:69:67:
39:00:9a:46:2d:96:3b:39:fb:f0:51:aa:9a:70:d1:5d:53:8b:
f1:88:bf:df:ea:ed:1c:33:03:4b:de:fe:fe:8e:2f:b1:16:9e:
13:fb:40:51:80:19:ad:57:0d:9d:8a:11:df:36:e1:1f:99:13:
d9:21:ec:ec:a8:31:59:80:8d:eb:c9:0f:e6:e5:03:e5:1f:ee:
4a:97:d3:55:f3:33:98:19:d6:88:29:e1:51:34:b7:a0:01:34:
28:ef:d0:a4:94:17:0d:e1:5b:5d:d9:42:92:0e:35:26:5c:49:
fa:14:e8:ce:de:bd:f1:1b:e7:c4:e7:67:ee:96:d5:9b:64:46:
16:e6:74:a4:4f:70:1c:92:ac:1d:30:1c:73:0d:ef:25:d9:10:
a6:a5:5f:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY4UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTAyMjExWhcNMjUwODI0MTAyMjExWjAYMRYw
FAYDVQQDEw02ODc4Y2VkOC0xYTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqT4CO/nlH/6ZXrPJSDxWJP4W6SfR3ULy365MFiVrxkq9we79EvUunEYj
lQVxJJRYpUpIVdSmhdi272OEeidPJngtiMLwsDgI4FAdp2U3HZWy/6aBQXUu3kB2
OomcjyQ9C7YpH899WCjddVkq4r8oPvri4fLrenHols/Ce2TwFsTJOZo/lnaF0QH/
h1gyYFWdWnatnJk0A4tGYhQ2AzxJoHTbvaSFqkmKaCCOlzlFOh8yvrLDkbu0iSBD
1W4fWMr5h1copMUUJv99V+QprsAcPWftC/YCfjWYJPzZgeYBd5e9ZrEWGTRqJZWl
NQVbhsQ5fk5V4w2jegmDoHQE/EW3qQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAIE
JHQiwvGbiVdBKW5xmAlo+LIIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOEU5NDUyODYyRjcxMUYwODNGQzk2ODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlIAMA0GCSqGSIb3DQEB
CwUAA4IBAQAPwxHpkNU/N0N3S5qRf5E6zYVIIEUfqmTb6+OTX2eQRHXTM9hOGnvl
AXU/DoaVwXy81y6kNZjueXoeEfSVS4GyOkl72XyjLMuOt/RrVoDDi7S45oHpKbBy
VW8e16JUDH/O0+Yrs6EItVvZaWc5AJpGLZY7OfvwUaqacNFdU4vxiL/f6u0cMwNL
3v7+ji+xFp4T+0BRgBmtVw2dihHfNuEfmRPZIezsqDFZgI3ryQ/m5QPlH+5Kl9NV
8zOYGdaIKeFRNLegATQo79CklBcN4Vtd2UKSDjUmXEn6FOjO3r3xG+fE52fultWb
ZEYW5nSkT3AckqwdMBxzDe8l2RCmpV8A
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:33:11 2025 by rpki-client