Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE49C67E5CEC11F0984E1AC3DAE4EC9C.roa
File: FE49C67E5CEC11F0984E1AC3DAE4EC9C.roa (raw, json)
Hash identifier: R14LznX68Fkt/UkTAximSMBtJwNwlIPgEhFSLBI3tpQ=
Subject key identifier: A3:FC:A6:62:C9:04:C0:18:4F:54:F2:5F:90:56:6A:83:1B:2C:37:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CF6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE49C67E5CEC11F0984E1AC3DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 17:49:00 +0000
ROA not before: Wed 09 Jul 2025 17:48:55 +0000
ROA not after: Fri 15 Aug 2025 17:48:55 +0000
asID: 396356
IP address blocks: 154.93.8.0/21 maxlen: 24
154.95.48.0/22 maxlen: 24
154.95.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101622 (0x18cf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 17:48:55 2025 GMT
Not After : Aug 15 17:48:55 2025 GMT
Subject: CN=686eab8c-9107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:87:7a:31:bc:78:af:d7:98:7e:2d:db:4b:50:
bd:59:6b:ac:a1:31:d4:30:23:5e:d1:e7:7e:43:44:
66:a3:4f:45:39:ef:56:5f:e1:4a:7a:e6:49:4b:4b:
fa:07:dc:54:20:27:b0:17:bf:f5:3e:99:c8:e3:37:
3c:4e:d6:a5:50:bb:21:ac:51:a1:9d:a2:9e:f7:d9:
32:fe:88:44:2a:82:3d:1f:a6:a5:81:af:00:92:e1:
23:f2:9f:62:09:84:0c:98:68:0c:84:5d:82:fd:57:
b2:51:dc:8b:6d:3d:2e:f1:be:45:ae:fd:62:79:ea:
09:ec:4b:d8:f2:81:85:4c:d3:75:77:f0:f4:78:5a:
97:16:08:cf:c3:d3:c6:2f:9d:8b:91:36:a8:83:07:
94:93:53:24:0f:fb:39:46:c7:f3:bc:60:c2:be:71:
21:8c:48:83:77:1c:48:7d:ee:85:01:0d:ec:75:fd:
1d:0e:6c:20:df:48:48:09:a2:c6:cf:60:a5:d4:3e:
7b:8e:92:28:5a:6a:a2:ba:8a:d0:2b:dd:70:b4:f1:
f5:0b:6e:f2:dd:ce:b5:1f:0e:d9:5d:ab:fe:db:65:
a9:a2:0e:a0:7c:5a:4e:1f:73:cc:35:b4:08:cf:a3:
33:8d:2d:01:5d:99:74:b2:66:1e:bc:bf:cd:39:48:
b6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FC:A6:62:C9:04:C0:18:4F:54:F2:5F:90:56:6A:83:1B:2C:37:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FE49C67E5CEC11F0984E1AC3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.8.0/21
154.95.48.0-154.95.52.255
Signature Algorithm: sha256WithRSAEncryption
c9:3a:1b:1a:dd:37:2b:ea:ba:a6:ee:c2:df:4b:e7:11:1b:39:
1c:95:02:fd:01:f8:e2:2f:e3:9a:5c:68:07:ed:93:7e:ac:18:
41:46:c2:18:a4:85:dc:ac:04:5d:5d:c7:6b:5b:07:a4:34:46:
96:1d:15:a6:b4:cd:5f:36:af:5e:7c:8b:f8:12:c6:1b:02:2b:
04:6d:81:60:e7:af:31:ff:2f:76:2b:46:73:af:40:cd:c4:6e:
56:07:c9:de:35:28:6b:9c:35:01:21:77:58:5d:40:4f:8c:66:
ac:f6:ac:2c:e4:be:ae:6e:f5:ff:b7:14:ac:76:97:94:ae:49:
62:dc:68:11:87:1d:77:a3:21:65:46:b4:0e:79:bd:d7:ee:66:
b3:79:ae:78:83:48:d2:2f:69:82:01:17:76:10:eb:1e:01:5f:
6b:74:d8:a1:ae:16:0b:42:de:e9:f7:cc:2d:73:a1:61:7c:09:
95:9f:10:2e:ad:b5:bd:cf:97:be:c9:03:77:79:bf:80:39:bc:
78:b9:2b:29:c8:86:00:85:30:a2:ba:6d:84:0b:e7:28:1e:8d:
90:40:c5:6a:6a:cf:48:41:dd:cd:7b:a3:6f:6c:ed:d5:88:78:
73:0f:b9:31:42:57:eb:cf:70:71:36:8c:70:01:88:3e:da:43:
f3:dd:90:af
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAYz2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTc0ODU1WhcNMjUwODE1MTc0ODU1WjAYMRYw
FAYDVQQDEw02ODZlYWI4Yy05MTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApYd6Mbx4r9eYfi3bS1C9WWusoTHUMCNe0ed+Q0Rmo09FOe9WX+FKeuZJ
S0v6B9xUICewF7/1PpnI4zc8TtalULshrFGhnaKe99ky/ohEKoI9H6alga8AkuEj
8p9iCYQMmGgMhF2C/VeyUdyLbT0u8b5Frv1ieeoJ7EvY8oGFTNN1d/D0eFqXFgjP
w9PGL52LkTaogweUk1MkD/s5RsfzvGDCvnEhjEiDdxxIfe6FAQ3sdf0dDmwg30hI
CaLGz2Cl1D57jpIoWmqiuorQK91wtPH1C27y3c61Hw7ZXav+22Wpog6gfFpOH3PM
NbQIz6MzjS0BXZl0smYevL/NOUi2KwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKP8
pmLJBMAYT1TyX5BWaoMbLDcKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRTQ5QzY3RTVDRUMxMUYwOTg0RTFBQzNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDml0IMAwDBASaXzADBACa
XzQwDQYJKoZIhvcNAQELBQADggEBAMk6GxrdNyvquqbuwt9L5xEbORyVAv0B+OIv
45pcaAftk36sGEFGwhikhdysBF1dx2tbB6Q0RpYdFaa0zV82r158i/gSxhsCKwRt
gWDnrzH/L3YrRnOvQM3EblYHyd41KGucNQEhd1hdQE+MZqz2rCzkvq5u9f+3FKx2
l5SuSWLcaBGHHXejIWVGtA55vdfuZrN5rniDSNIvaYIBF3YQ6x4BX2t02KGuFgtC
3un3zC1zoWF8CZWfEC6ttb3Pl77JA3d5v4A5vHi5KynIhgCFMKK6bYQL5ygejZBA
xWpqz0hB3c17o29s7dWIeHMPuTFCV+vPcHE2jHABiD7aQ/PdkK8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:50 2025 by rpki-client