Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EEFC81345D0011F09131F6C0DAE4EC9C.roa
File: EEFC81345D0011F09131F6C0DAE4EC9C.roa (raw, json)
Hash identifier: jvhb+I6km/aWUMuPMcKutjFKpmsCw8jiLXXZustYv6Q=
Subject key identifier: 9F:D3:87:FA:E3:AA:AF:C5:43:67:C2:29:F3:27:BD:1D:F8:48:59:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D0C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EEFC81345D0011F09131F6C0DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 20:11:45 +0000
ROA not before: Wed 09 Jul 2025 20:11:39 +0000
ROA not after: Sun 24 Aug 2025 20:11:39 +0000
asID: 40065
IP address blocks: 154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101644 (0x18d0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 20:11:39 2025 GMT
Not After : Aug 24 20:11:39 2025 GMT
Subject: CN=686ecd00-131f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7a:6f:64:2a:7f:94:3d:ab:44:2e:a1:16:2b:
bc:e0:40:9d:de:e9:50:28:7c:b3:8c:64:26:c1:c1:
61:24:80:b7:b5:29:02:ae:90:aa:e2:92:dd:70:d3:
e8:91:18:ce:01:a8:41:e1:f4:db:43:46:d2:02:55:
b9:e0:94:c5:b8:0a:0b:a4:d0:e3:ff:84:dc:fb:d1:
ad:cc:f0:24:85:4b:e6:a7:0f:61:e2:11:01:a1:7f:
e6:82:69:e0:0b:db:00:5d:9a:54:18:e4:61:70:cb:
f0:7b:57:31:82:1b:e8:6b:0c:f7:cd:ec:7f:b1:a1:
91:e7:f4:cc:59:bd:cf:4b:54:92:4a:fa:5b:bf:c3:
81:b1:87:7b:22:ea:a6:45:59:76:76:c9:0a:76:4f:
3a:2e:56:0b:4c:78:b6:41:9e:fd:3a:15:91:d3:6e:
61:a9:e0:2f:a5:d5:23:31:bd:0a:4f:ba:b2:8a:a1:
a8:56:e3:f8:95:13:4f:73:8a:60:70:47:8c:c8:58:
fa:b2:0b:27:24:d0:e3:a7:fd:08:5b:00:48:ec:4c:
85:1b:6f:d5:ad:92:42:07:e8:ac:3c:3b:e1:c4:6e:
45:42:8f:9d:ae:6c:69:a1:f3:a2:5e:b8:99:6e:d4:
30:5b:75:9a:87:c0:fa:2d:65:bc:59:65:37:be:dc:
03:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D3:87:FA:E3:AA:AF:C5:43:67:C2:29:F3:27:BD:1D:F8:48:59:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EEFC81345D0011F09131F6C0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.240.0/20
Signature Algorithm: sha256WithRSAEncryption
16:90:d6:e3:ad:ea:de:78:67:d8:2b:f5:27:66:ab:ae:12:3d:
57:25:55:79:d1:4d:d3:54:ff:e6:cb:9c:0f:52:00:83:42:43:
1c:37:d4:58:aa:78:eb:a9:59:2d:3a:12:a4:37:cf:aa:c9:8c:
e3:54:d8:7e:2c:85:70:cd:ea:a5:81:c7:a9:f4:ca:3c:d8:94:
23:b0:37:2b:fe:cc:85:19:72:2f:1f:78:bd:9a:a5:4c:34:06:
0d:79:a2:21:07:f1:71:c8:a4:27:65:a2:2e:03:1e:2a:bd:19:
4d:96:d0:58:83:a0:41:c2:b4:da:58:10:cb:10:dd:6f:f6:0d:
22:18:46:ba:c0:76:dd:6a:15:a7:ba:3d:a8:ab:a8:65:1f:12:
16:f4:04:5a:7f:07:9f:28:0d:06:c5:37:4e:8d:a4:46:28:d7:
21:9d:79:b9:3b:4c:a0:b8:fa:7d:8e:b4:e9:a2:17:af:0f:30:
0e:7d:09:ad:7c:46:ff:09:dd:a5:91:04:1c:70:00:27:d3:1b:
83:d4:a5:2a:0d:4c:ac:9e:c6:11:44:35:6a:20:c1:b3:3d:ec:
02:89:39:bc:f3:82:64:89:79:c9:a3:09:34:06:e9:c6:d9:e8:
55:44:f6:61:48:16:11:5a:70:86:37:2a:c1:7c:c3:f5:c6:da:
bf:e1:8e:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY0MMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MjAxMTM5WhcNMjUwODI0MjAxMTM5WjAYMRYw
FAYDVQQDEw02ODZlY2QwMC0xMzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwnpvZCp/lD2rRC6hFiu84ECd3ulQKHyzjGQmwcFhJIC3tSkCrpCq4pLd
cNPokRjOAahB4fTbQ0bSAlW54JTFuAoLpNDj/4Tc+9GtzPAkhUvmpw9h4hEBoX/m
gmngC9sAXZpUGORhcMvwe1cxghvoawz3zex/saGR5/TMWb3PS1SSSvpbv8OBsYd7
IuqmRVl2dskKdk86LlYLTHi2QZ79OhWR025hqeAvpdUjMb0KT7qyiqGoVuP4lRNP
c4pgcEeMyFj6sgsnJNDjp/0IWwBI7EyFG2/VrZJCB+isPDvhxG5FQo+drmxpofOi
XriZbtQwW3Wah8D6LWW8WWU3vtwD2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ/T
h/rjqq/FQ2fCKfMnvR34SFlnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRUZDODEzNDVEMDAxMUYwOTEzMUY2QzBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtnwMA0GCSqGSIb3DQEB
CwUAA4IBAQAWkNbjrereeGfYK/UnZquuEj1XJVV50U3TVP/my5wPUgCDQkMcN9RY
qnjrqVktOhKkN8+qyYzjVNh+LIVwzeqlgcep9Mo82JQjsDcr/syFGXIvH3i9mqVM
NAYNeaIhB/FxyKQnZaIuAx4qvRlNltBYg6BBwrTaWBDLEN1v9g0iGEa6wHbdahWn
uj2oq6hlHxIW9ARafwefKA0GxTdOjaRGKNchnXm5O0yguPp9jrTpohevDzAOfQmt
fEb/Cd2lkQQccAAn0xuD1KUqDUysnsYRRDVqIMGzPewCiTm884JkiXnJowk0BunG
2ehVRPZhSBYRWnCGNyrBfMP1xtq/4Y6g
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:50 2025 by rpki-client