Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDD96344609811F0BC5C2381DAE4EC9C.roa
File: EDD96344609811F0BC5C2381DAE4EC9C.roa (raw, json)
Hash identifier: tyVPOJ6BJ7TV66SjVCxOQ4RLfceDHHJqATOqbE+MhU0=
Subject key identifier: 29:0A:98:95:D0:B1:AA:C9:EF:D8:B6:9D:24:B2:17:79:15:68:13:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018DA9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDD96344609811F0BC5C2381DAE4EC9C.roa
Signing time: Mon 14 Jul 2025 09:57:19 +0000
ROA not before: Mon 14 Jul 2025 09:57:15 +0000
ROA not after: Mon 21 Jul 2025 09:57:15 +0000
asID: 139646
IP address blocks: 154.204.0.0/24 maxlen: 24
154.208.12.0/22 maxlen: 24
154.208.16.0/20 maxlen: 24
154.212.128.0/24 maxlen: 24
154.214.32.0/19 maxlen: 24
154.215.0.0/24 maxlen: 24
154.216.128.0/18 maxlen: 24
154.218.0.0/24 maxlen: 24
154.221.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 21 Jul 2025 09:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101801 (0x18da9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 14 09:57:15 2025 GMT
Not After : Jul 21 09:57:15 2025 GMT
Subject: CN=6874d47f-8250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:99:0a:c4:0a:d8:bb:57:85:b3:a4:d4:c8:07:
ea:ee:b1:c1:cc:a2:51:c3:9b:fb:30:b3:40:af:06:
08:c7:56:a8:6c:30:09:05:05:96:fa:8c:98:c1:a8:
f7:fe:12:00:3a:25:68:4b:9f:39:25:d1:fd:4e:3b:
68:3f:fc:64:34:0f:68:c6:db:73:b6:2b:55:0a:ef:
a4:78:cf:92:bf:26:97:22:bf:ad:b1:da:38:b4:9b:
86:38:de:71:00:d1:a8:ad:f6:75:13:94:14:2f:aa:
79:03:b3:39:4a:25:69:f7:d0:33:a7:47:9d:22:82:
4d:48:56:4a:77:52:32:98:3d:fb:78:3d:6e:9d:44:
be:2d:a5:3e:db:bd:1b:5a:93:7a:59:36:7b:d0:2b:
c3:f3:4b:2f:10:26:d4:c7:f3:5f:02:a5:1f:45:dc:
a3:8e:28:6c:df:50:6d:2d:51:55:52:50:03:e6:87:
b4:d7:d9:21:b8:f3:cc:25:72:e0:bb:fe:db:82:7f:
dc:5d:ff:8e:9e:a7:12:48:2f:c6:7a:79:f3:a7:ac:
66:11:29:fb:78:aa:00:69:12:3e:c0:6e:81:22:f2:
0d:2d:ea:fb:5c:21:e7:d2:f8:c4:d8:80:1b:e4:16:
de:19:f6:ce:a3:ea:01:59:5e:e7:7d:9b:0c:0e:e6:
b2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0A:98:95:D0:B1:AA:C9:EF:D8:B6:9D:24:B2:17:79:15:68:13:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDD96344609811F0BC5C2381DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
154.208.12.0-154.208.31.255
154.212.128.0/24
154.214.32.0/19
154.215.0.0/24
154.216.128.0/18
154.218.0.0/24
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
40:cb:11:17:bc:51:43:c8:11:62:57:2a:86:4d:4e:86:66:aa:
25:a5:cd:7d:69:93:59:8f:82:e2:2a:7c:88:80:ff:bc:74:b4:
a0:ab:11:97:87:e6:e1:ce:64:52:c3:d2:14:c7:e0:dc:c7:0f:
ff:44:f2:ce:0b:60:70:cd:ab:b7:d3:7a:9d:45:24:a0:ba:88:
f2:44:f2:92:da:3d:1d:e1:2c:a3:a6:56:20:dd:71:7f:1f:77:
83:59:32:3f:fe:8b:78:4f:1c:80:9d:43:be:63:8d:ec:00:23:
06:d5:d4:ff:60:a5:e3:d3:5d:4d:c6:ce:ad:c7:32:27:07:fe:
32:3e:b5:8a:fa:e3:a0:f4:9f:76:62:03:2d:00:7e:c5:a3:a6:
8b:49:95:14:a9:aa:ce:d3:07:1e:ce:75:fe:a3:e3:47:f9:17:
8a:ca:a6:90:22:4e:90:c3:dc:6f:e2:fe:ca:e0:3a:2c:dd:f8:
9c:7c:23:6c:ad:fd:04:9b:c8:d6:bd:21:60:8e:b7:c7:1b:ac:
e8:e7:54:a0:e8:dc:51:1c:e8:17:5f:61:8c:a8:3a:9c:98:43:
3f:ef:a1:54:02:c4:a5:dd:d0:76:1a:67:ab:dd:3e:61:8e:55:
2d:15:49:1b:00:08:f6:4e:72:95:52:6e:e9:23:80:84:e3:2d:
94:fe:d3:99
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAY2pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE0MDk1NzE1WhcNMjUwNzIxMDk1NzE1WjAYMRYw
FAYDVQQDEw02ODc0ZDQ3Zi04MjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpkKxArYu1eFs6TUyAfq7rHBzKJRw5v7MLNArwYIx1aobDAJBQWW+oyY
waj3/hIAOiVoS585JdH9TjtoP/xkNA9oxttztitVCu+keM+SvyaXIr+tsdo4tJuG
ON5xANGorfZ1E5QUL6p5A7M5SiVp99Azp0edIoJNSFZKd1IymD37eD1unUS+LaU+
270bWpN6WTZ70CvD80svECbUx/NfAqUfRdyjjihs31BtLVFVUlAD5oe019khuPPM
JXLgu/7bgn/cXf+OnqcSSC/Gennzp6xmESn7eKoAaRI+wG6BIvINLer7XCHn0vjE
2IAb5BbeGfbOo+oBWV7nfZsMDuayCwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFCkK
mJXQsarJ79i2nSSyF3kVaBMOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FREQ5NjM0NDYwOTgxMUYwQkM1QzIzODFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAmswAMAwDBAKa0AwDBAWa
0AADBACa1IADBAWa1iADBACa1wADBAaa2IADBACa2gADBACa3QAwDQYJKoZIhvcN
AQELBQADggEBAEDLERe8UUPIEWJXKoZNToZmqiWlzX1pk1mPguIqfIiA/7x0tKCr
EZeH5uHOZFLD0hTH4NzHD/9E8s4LYHDNq7fTep1FJKC6iPJE8pLaPR3hLKOmViDd
cX8fd4NZMj/+i3hPHICdQ75jjewAIwbV1P9gpePTXU3Gzq3HMicH/jI+tYr646D0
n3ZiAy0AfsWjpotJlRSpqs7TBx7Odf6j40f5F4rKppAiTpDD3G/i/srgOizd+Jx8
I2yt/QSbyNa9IWCOt8cbrOjnVKDo3FEc6BdfYYyoOpyYQz/voVQCxKXd0HYaZ6vd
PmGOVS0VSRsACPZOcpVSbukjgITjLZT+05k=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:41 2025 by rpki-client