Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ECD3C0765B2E11F08678B5EBDAE4EC9C.roa
File: ECD3C0765B2E11F08678B5EBDAE4EC9C.roa (raw, json)
Hash identifier: ueqUbRCW90L1rhH5Utve1yY2+Z7DSL15gJBjyrmR8/I=
Subject key identifier: F9:64:5C:9F:22:21:FD:A7:6B:E1:28:E7:66:88:43:C0:48:D7:F3:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C12
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ECD3C0765B2E11F08678B5EBDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 12:35:55 +0000
ROA not before: Mon 07 Jul 2025 12:35:50 +0000
ROA not after: Mon 11 Aug 2025 12:35:50 +0000
asID: 214143
IP address blocks: 154.197.60.0/23 maxlen: 24
154.197.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101394 (0x18c12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 12:35:50 2025 GMT
Not After : Aug 11 12:35:50 2025 GMT
Subject: CN=686bbf2b-f806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:a9:a6:3e:56:31:a1:41:4d:25:66:77:e4:
d8:da:0b:a8:58:0d:fc:19:15:99:e5:f4:89:0b:6d:
26:21:92:47:17:ae:14:18:00:87:5f:74:7c:bc:9e:
1d:95:dc:d4:29:38:b8:6a:19:61:58:57:1e:44:02:
39:11:63:28:24:22:1f:a5:3f:19:03:f2:e9:f5:3a:
22:56:7a:57:ca:35:cd:09:02:cc:3a:09:09:d0:a0:
c8:ca:a8:5b:bf:7a:d3:db:73:83:4f:64:e7:d4:09:
1e:d3:87:f8:fa:96:c3:2f:c1:e6:90:05:8c:5d:31:
0f:c4:2c:b8:62:82:7a:60:28:b4:d3:dd:fe:1a:7d:
fe:ee:11:e2:76:85:a0:e3:87:0e:cc:c5:38:09:f7:
09:2f:40:a0:81:80:4c:66:20:f1:f3:49:98:cd:e4:
96:f7:27:0f:bc:6e:41:19:9f:de:51:64:87:a9:10:
25:bf:08:84:da:8a:ba:be:b7:ae:6f:48:87:4d:f3:
be:00:c1:d9:c9:e0:67:e5:39:0f:25:2b:19:dd:9f:
66:da:66:2c:f1:5f:45:24:50:15:39:cd:ef:91:ea:
d5:7c:07:3e:14:52:03:9b:0b:d0:a8:12:1e:cb:da:
9a:b1:ce:71:10:fa:a5:9e:2e:ef:41:ff:5d:b3:d8:
09:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:64:5C:9F:22:21:FD:A7:6B:E1:28:E7:66:88:43:C0:48:D7:F3:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ECD3C0765B2E11F08678B5EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.60.0/23
154.197.86.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:20:a2:cf:1c:4f:4e:0c:9a:bc:15:1f:08:3a:ee:38:03:f7:
23:66:2d:2c:d3:a4:2a:d6:36:2f:6c:4a:4a:68:8a:35:a5:04:
86:8d:b0:6f:12:f9:93:f0:dd:09:0b:f4:e5:ae:99:1a:e5:f5:
8d:a6:4e:9c:51:d6:45:da:a1:18:f5:78:f6:02:0b:bc:ae:f3:
28:1e:cf:84:b1:a9:24:87:39:d5:f5:92:f5:bb:1e:98:43:63:
0f:4c:49:90:17:24:ab:6e:95:59:09:04:5f:93:45:71:46:75:
07:37:d6:8a:66:b0:7f:9e:70:39:00:29:64:24:3e:40:64:06:
a3:0f:db:de:0b:08:de:96:86:12:5e:05:fd:26:f7:fd:a2:8d:
91:3d:15:f0:61:ff:b9:e8:8d:65:6d:63:d0:04:32:62:14:c8:
9f:65:f8:bd:ee:b5:bd:05:6a:09:f4:f6:e1:8d:93:81:f9:f0:
25:7c:df:63:d2:dc:df:fa:c6:f0:d2:ec:8f:2b:b9:dc:e4:9a:
82:08:e5:b1:1b:89:59:84:1c:cd:cf:a6:ad:fe:ea:8f:1c:30:
7d:43:b8:91:65:9f:69:73:31:aa:70:e7:0f:ef:46:88:c4:76:
a0:70:f9:26:e2:dc:1f:88:f3:7a:4e:ef:25:b0:97:af:fb:31:
04:50:7e:c3
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYwSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTIzNTUwWhcNMjUwODExMTIzNTUwWjAYMRYw
FAYDVQQDEw02ODZiYmYyYi1mODA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArPOppj5WMaFBTSVmd+TY2guoWA38GRWZ5fSJC20mIZJHF64UGACHX3R8
vJ4dldzUKTi4ahlhWFceRAI5EWMoJCIfpT8ZA/Lp9ToiVnpXyjXNCQLMOgkJ0KDI
yqhbv3rT23ODT2Tn1Ake04f4+pbDL8HmkAWMXTEPxCy4YoJ6YCi0093+Gn3+7hHi
doWg44cOzMU4CfcJL0CggYBMZiDx80mYzeSW9ycPvG5BGZ/eUWSHqRAlvwiE2oq6
vreub0iHTfO+AMHZyeBn5TkPJSsZ3Z9m2mYs8V9FJFAVOc3vkerVfAc+FFIDmwvQ
qBIey9qasc5xEPqlni7vQf9ds9gJ1QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPlk
XJ8iIf2na+Eo52aIQ8BI1/MXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQ0QzQzA3NjVCMkUxMUYwODY3OEI1RUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsU8AwQBmsVWMA0GCSqG
SIb3DQEBCwUAA4IBAQBbIKLPHE9ODJq8FR8IOu44A/cjZi0s06Qq1jYvbEpKaIo1
pQSGjbBvEvmT8N0JC/Tlrpka5fWNpk6cUdZF2qEY9Xj2Agu8rvMoHs+EsakkhznV
9ZL1ux6YQ2MPTEmQFySrbpVZCQRfk0VxRnUHN9aKZrB/nnA5AClkJD5AZAajD9ve
CwjeloYSXgX9Jvf9oo2RPRXwYf+56I1lbWPQBDJiFMifZfi97rW9BWoJ9PbhjZOB
+fAlfN9j0tzf+sbw0uyPK7nc5JqCCOWxG4lZhBzNz6at/uqPHDB9Q7iRZZ9pczGq
cOcP70aIxHagcPkm4twfiPN6Tu8lsJev+zEEUH7D
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:58:39 2025 by rpki-client