Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03A76C8E414011F0955B829CDAE4EC9C.roa
File: 03A76C8E414011F0955B829CDAE4EC9C.roa (raw, json)
Hash identifier: gZ9RsiRkkq5nlfF+Q+ukpThZH1NLNNo9q46SA4sCm24=
Subject key identifier: D4:5F:85:CB:82:77:BE:F0:48:64:C3:F5:ED:CD:1B:42:6F:C4:FE:E3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0184DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03A76C8E414011F0955B829CDAE4EC9C.roa
Signing time: Wed 04 Jun 2025 12:32:45 +0000
ROA not before: Wed 04 Jun 2025 12:32:40 +0000
ROA not after: Mon 14 Jul 2025 12:32:40 +0000
asID: 397630
IP address blocks: 154.83.44.0/22 maxlen: 24
154.84.132.0/24 maxlen: 24
154.84.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99548 (0x184dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 4 12:32:40 2025 GMT
Not After : Jul 14 12:32:40 2025 GMT
Subject: CN=68403ced-08af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:39:45:92:1c:c4:43:62:0b:ec:44:49:a3:5f:
a3:5a:e8:b1:7c:60:4d:c1:d5:38:0c:d0:c1:82:8a:
a5:4a:b5:ea:8c:a3:06:1c:84:99:ad:66:26:c2:a0:
0b:d1:75:65:8b:e6:90:06:11:d3:cd:a6:61:ad:81:
00:13:02:3d:a2:36:aa:4b:c9:c8:67:62:5f:58:0c:
e9:2c:f8:bc:c3:92:fe:6a:90:af:b4:d8:79:43:43:
04:19:b1:3d:7c:08:1b:12:e6:2b:e2:1f:22:b6:78:
ae:30:1f:da:6a:09:89:ea:3a:f2:42:47:34:b0:f4:
b6:f2:c9:cc:31:fb:da:e1:7c:f8:aa:04:e9:e9:5e:
6e:28:32:85:dc:a7:ae:25:02:68:fa:4e:bc:1d:93:
20:87:2c:36:43:94:de:5a:f2:4c:fb:71:29:e9:e3:
c3:da:3c:8a:e8:38:72:be:cd:de:82:f2:f0:36:91:
2a:a9:fb:39:ed:79:ac:e6:ae:ee:2d:32:07:48:32:
2b:fc:d4:5f:1a:66:35:44:b1:2f:93:64:bf:85:4f:
10:64:f4:ff:0f:da:92:0c:66:8f:b7:f8:73:44:04:
e4:34:64:12:fc:49:05:3e:5c:f3:9f:de:d7:50:be:
53:ec:83:b1:6b:2a:c9:4f:ef:ff:91:0b:1e:c5:ed:
72:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5F:85:CB:82:77:BE:F0:48:64:C3:F5:ED:CD:1B:42:6F:C4:FE:E3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03A76C8E414011F0955B829CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.44.0/22
154.84.132.0/24
154.84.134.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:1e:30:13:ac:fa:22:34:c2:af:67:ad:c0:7b:ec:9a:96:d7:
42:08:06:c5:6a:69:d0:93:3c:38:69:d4:e2:5d:91:44:c5:8d:
db:fb:e8:ba:7a:70:0b:29:81:33:e7:46:7a:62:de:3f:b9:d1:
cb:04:10:e8:e3:fc:7f:af:ce:66:b1:3e:f8:d9:8c:58:47:27:
d5:ed:d5:98:ec:0a:81:33:d9:70:ad:69:01:23:48:67:7b:cc:
60:87:1d:17:cd:c2:bd:27:fe:29:5a:5f:66:bc:00:a4:d7:61:
24:f9:9e:93:1a:d5:86:a1:9a:52:5c:05:c2:ee:20:05:44:df:
8e:de:4d:4d:d8:02:c1:7d:0b:89:1c:22:90:8d:6a:d6:fc:20:
be:f2:0f:94:4f:bb:08:79:80:ab:65:c2:83:59:d0:28:f9:8f:
85:bd:31:45:ed:54:44:46:c0:ca:fa:2b:c4:bd:60:99:f4:7b:
dd:90:79:5e:dc:0d:38:d7:ef:6c:0a:0c:93:41:00:68:ca:c6:
e4:97:87:90:fe:0f:7b:ba:45:9c:ab:6f:0b:57:31:66:5a:1f:
19:d6:f6:4c:51:cd:38:cf:47:f2:e0:1f:1c:c0:8e:87:0f:eb:
ce:0e:79:74:88:95:fe:10:0f:2a:fe:53:11:fd:1e:96:46:6c:
05:27:74:59
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAYTcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjA0MTIzMjQwWhcNMjUwNzE0MTIzMjQwWjAYMRYw
FAYDVQQDEw02ODQwM2NlZC0wOGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmTlFkhzEQ2IL7ERJo1+jWuixfGBNwdU4DNDBgoqlSrXqjKMGHISZrWYm
wqAL0XVli+aQBhHTzaZhrYEAEwI9ojaqS8nIZ2JfWAzpLPi8w5L+apCvtNh5Q0ME
GbE9fAgbEuYr4h8itniuMB/aagmJ6jryQkc0sPS28snMMfva4Xz4qgTp6V5uKDKF
3KeuJQJo+k68HZMghyw2Q5TeWvJM+3Ep6ePD2jyK6Dhyvs3egvLwNpEqqfs57Xms
5q7uLTIHSDIr/NRfGmY1RLEvk2S/hU8QZPT/D9qSDGaPt/hzRATkNGQS/EkFPlzz
n97XUL5T7IOxayrJT+//kQsexe1ybQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNRf
hcuCd77wSGTD9e3NG0JvxP7jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wM0E3NkM4RTQxNDAxMUYwOTU1QjgyOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmlMsAwQAmlSEAwQAmlSG
MA0GCSqGSIb3DQEBCwUAA4IBAQAKHjATrPoiNMKvZ63Ae+yaltdCCAbFamnQkzw4
adTiXZFExY3b++i6enALKYEz50Z6Yt4/udHLBBDo4/x/r85msT742YxYRyfV7dWY
7AqBM9lwrWkBI0hne8xghx0XzcK9J/4pWl9mvACk12Ek+Z6TGtWGoZpSXAXC7iAF
RN+O3k1N2ALBfQuJHCKQjWrW/CC+8g+UT7sIeYCrZcKDWdAo+Y+FvTFF7VRERsDK
+ivEvWCZ9HvdkHle3A041+9sCgyTQQBoysbkl4eQ/g97ukWcq28LVzFmWh8Z1vZM
Uc04z0fy4B8cwI6HD+vODnl0iJX+EA8q/lMR/R6WRmwFJ3RZ
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:00:54 2025 by rpki-client