Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA34F5D259D011F099854881DAE4EC9C.roa
File: FA34F5D259D011F099854881DAE4EC9C.roa (raw, json)
Hash identifier: w2tPjGbUdE33+jwZ2cqzIcHidgl09MSgI6LgyYzhQBY=
Subject key identifier: 5D:BC:92:49:E4:6D:6B:DA:CA:05:33:AB:57:AE:37:88:C8:7A:9A:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018B40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA34F5D259D011F099854881DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 18:50:54 +0000
ROA not before: Sat 05 Jul 2025 18:50:48 +0000
ROA not after: Thu 04 Sep 2025 18:50:48 +0000
asID: 399195
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101184 (0x18b40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 18:50:48 2025 GMT
Not After : Sep 4 18:50:48 2025 GMT
Subject: CN=6869740e-caba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d8:d0:a8:27:00:1e:c4:72:ad:26:85:22:99:
1a:d7:01:d2:af:89:e1:d6:97:74:4e:8a:18:42:a3:
18:7e:b7:b4:eb:2c:6d:d5:2a:56:4c:5a:d2:2f:f5:
95:ba:73:81:d3:e7:20:7c:a5:26:1f:f0:72:37:e0:
ed:63:57:de:72:59:fc:fa:75:d7:a6:58:de:bf:14:
a7:76:62:f9:f4:54:bc:72:92:7c:89:b5:dc:09:69:
e8:e1:fb:52:9e:2d:3b:39:96:cc:91:e8:a9:1d:e1:
9b:28:7c:af:23:76:15:34:95:ee:84:3e:27:2b:1a:
2a:31:f7:bb:3a:2b:4f:b0:6c:26:01:a2:1e:e3:c9:
e4:3f:e8:63:96:ce:d7:0a:43:00:a8:83:5e:04:31:
f4:84:75:9e:63:df:ec:25:cc:c9:62:ef:16:a0:54:
89:e9:97:0b:90:14:25:f9:1b:b0:d7:d4:01:a5:7b:
af:f5:8a:07:6c:75:1f:8c:d7:37:d7:11:3d:19:1b:
ef:8e:54:09:fc:df:e8:53:4e:1f:15:b6:79:fb:89:
34:4c:d2:53:28:b4:ac:4c:d7:79:f9:8d:5c:f6:de:
6e:03:80:1b:5f:73:7c:89:0e:ce:1c:8c:55:06:3e:
22:d8:9b:a8:b3:7f:c3:5d:5f:5a:ed:b5:2f:8e:69:
83:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BC:92:49:E4:6D:6B:DA:CA:05:33:AB:57:AE:37:88:C8:7A:9A:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA34F5D259D011F099854881DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
15:74:d8:19:4d:21:a3:5e:a1:37:24:3c:c9:50:0c:b1:8c:92:
dc:cd:c3:de:e2:8f:b0:d3:8a:b3:f0:a5:bd:f5:bf:ee:20:db:
ad:aa:ea:3d:b6:43:50:3b:e1:de:6a:22:6f:56:62:3c:15:1a:
d2:49:94:aa:78:47:df:f3:1a:d9:b1:5b:67:40:9e:b0:1e:bc:
1d:e7:2b:bf:99:ce:6d:f2:2c:44:77:07:00:ad:69:74:6a:7c:
f9:03:eb:49:b8:a0:a0:5c:cd:90:59:08:7a:81:42:5b:36:b1:
77:ec:f9:e5:a9:1e:55:1f:bd:1f:86:85:14:43:89:c5:93:c8:
f1:ad:cd:2d:77:b7:23:df:df:70:97:57:5e:76:23:b3:ef:7f:
89:ea:a6:b7:b3:de:a3:d2:80:d6:25:be:e0:99:df:3e:e9:6e:
29:ad:d7:ab:eb:c8:92:95:f6:73:93:fd:48:d5:57:ee:40:f4:
29:aa:48:81:ea:fa:4f:0f:d6:07:26:62:9e:04:01:c4:46:cf:
51:0b:a0:1d:af:c8:05:fd:a6:ae:6d:0d:b1:10:1c:f0:03:98:
3b:b1:45:71:54:f0:c5:87:6c:58:f1:8d:68:68:a0:76:64:b6:
c0:98:07:42:ee:a4:bc:00:4c:b3:a9:27:b8:c8:41:4d:88:1e:
25:20:a6:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYtAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTg1MDQ4WhcNMjUwOTA0MTg1MDQ4WjAYMRYw
FAYDVQQDEw02ODY5NzQwZS1jYWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAstjQqCcAHsRyrSaFIpka1wHSr4nh1pd0TooYQqMYfre06yxt1SpWTFrS
L/WVunOB0+cgfKUmH/ByN+DtY1fecln8+nXXpljevxSndmL59FS8cpJ8ibXcCWno
4ftSni07OZbMkeipHeGbKHyvI3YVNJXuhD4nKxoqMfe7OitPsGwmAaIe48nkP+hj
ls7XCkMAqINeBDH0hHWeY9/sJczJYu8WoFSJ6ZcLkBQl+Ruw19QBpXuv9YoHbHUf
jNc31xE9GRvvjlQJ/N/oU04fFbZ5+4k0TNJTKLSsTNd5+Y1c9t5uA4AbX3N8iQ7O
HIxVBj4i2Juos3/DXV9a7bUvjmmD8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF28
kknkbWvaygUzq1euN4jIepocMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTM0RjVEMjU5RDAxMUYwOTk4NTQ4ODFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQAVdNgZTSGjXqE3JDzJUAyxjJLczcPe4o+w04qz8KW99b/uINutquo9
tkNQO+HeaiJvVmI8FRrSSZSqeEff8xrZsVtnQJ6wHrwd5yu/mc5t8ixEdwcArWl0
anz5A+tJuKCgXM2QWQh6gUJbNrF37PnlqR5VH70fhoUUQ4nFk8jxrc0td7cj399w
l1dediOz73+J6qa3s96j0oDWJb7gmd8+6W4prder68iSlfZzk/1I1VfuQPQpqkiB
6vpPD9YHJmKeBAHERs9RC6Adr8gF/aaubQ2xEBzwA5g7sUVxVPDFh2xY8Y1oaKB2
ZLbAmAdC7qS8AEyzqSe4yEFNiB4lIKZJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:03:25 2025 by rpki-client