Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CFB5A223F8F11F0B1D021A1DAE4EC9C.roa
File: 1CFB5A223F8F11F0B1D021A1DAE4EC9C.roa (raw, json)
Hash identifier: /twjY5uJZKkGFByqJ90/dyD91n8K7NwJDcqkTVDL7ZE=
Subject key identifier: 32:C5:58:D1:38:D5:F5:9B:35:3B:35:3A:8B:91:CF:28:ED:EB:F2:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01844A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CFB5A223F8F11F0B1D021A1DAE4EC9C.roa
Signing time: Mon 02 Jun 2025 08:53:55 +0000
ROA not before: Mon 02 Jun 2025 08:53:50 +0000
ROA not after: Wed 11 Jun 2025 08:53:50 +0000
asID: 140403
IP address blocks: 154.94.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99402 (0x1844a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 2 08:53:50 2025 GMT
Not After : Jun 11 08:53:50 2025 GMT
Subject: CN=683d66a3-21d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2d:c3:7a:19:9d:fe:d1:b6:5c:01:ef:48:a4:
dd:7f:0c:14:70:a7:d5:74:df:c1:23:c0:0e:9b:62:
37:60:e2:50:2f:85:1b:e5:e1:3e:be:88:16:02:18:
cc:f1:c2:28:c4:90:e5:5a:2f:c8:07:5b:29:2e:c0:
43:41:8e:fe:16:6e:9a:df:17:2e:cb:69:ef:cf:36:
3c:25:dc:ce:56:06:a2:e7:32:ec:4c:52:ca:63:38:
69:61:cd:38:8d:b1:ad:52:b3:91:b4:8a:0b:0b:bd:
17:86:df:48:97:2f:3f:03:87:02:7d:ec:ee:1b:7d:
d3:cf:54:61:73:bb:65:e4:69:b5:9f:47:f9:0a:f3:
9d:6d:9b:2d:42:9a:34:6a:de:fb:6f:c8:63:f3:1a:
3f:6a:81:52:d0:db:df:bc:16:7c:f5:35:7b:15:97:
28:66:a7:a2:59:3b:e5:72:10:77:47:79:af:f7:64:
2b:8f:5d:99:02:5b:90:2a:49:db:05:82:4d:23:a7:
b7:89:ab:a3:83:01:c1:6c:fd:4e:b6:00:fe:f9:b7:
16:21:25:fd:d1:b6:ae:6b:06:4c:26:e9:c9:1e:17:
02:4d:6c:57:90:68:cf:eb:0b:1c:05:f8:c7:df:6b:
ad:9d:d7:65:40:34:bb:cb:c8:af:ac:6a:2f:d5:bc:
c3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C5:58:D1:38:D5:F5:9B:35:3B:35:3A:8B:91:CF:28:ED:EB:F2:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CFB5A223F8F11F0B1D021A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.22.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:90:9f:0b:34:54:67:0c:64:f2:99:fb:e3:84:78:cf:fc:a9:
62:c0:0a:9b:52:75:f7:21:95:b7:76:70:c3:61:ca:98:da:97:
1d:70:4e:d9:90:c7:0a:2a:82:2c:be:38:f9:1b:fe:7b:45:7f:
56:c9:95:3a:c1:3b:b6:65:fc:19:d6:30:e9:96:d1:a3:3f:cc:
f8:34:b8:fc:5e:6b:c5:10:ed:5d:fe:5c:b3:92:02:51:4b:40:
4b:2c:0b:58:0b:a5:7a:ec:a9:f9:4d:db:e0:fc:3c:e5:ac:34:
20:8c:38:c9:b9:59:a1:1e:a9:e4:72:37:20:f6:c6:39:eb:05:
f6:a9:fa:50:28:89:0b:a9:0c:5c:92:44:08:7e:ed:98:2f:fd:
9a:0b:58:ca:21:7b:e5:7f:d3:69:07:e0:75:7f:53:bd:07:b2:
3c:c2:39:3f:6f:ca:9d:22:09:78:5d:61:69:d3:98:87:3a:c5:
9e:69:08:47:29:76:e3:cd:ca:99:b6:f2:0c:ce:73:06:7f:9c:
9a:15:5d:7a:d8:1e:37:c4:0a:32:1b:73:83:5a:81:eb:d5:6e:
d8:58:62:0f:1e:46:0d:83:d0:09:76:58:84:3f:f1:1a:3a:a3:
af:2a:5a:e3:f9:ca:74:85:18:ef:e3:6f:05:ab:67:f4:02:fd:
92:34:4e:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYRKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAyMDg1MzUwWhcNMjUwNjExMDg1MzUwWjAYMRYw
FAYDVQQDEw02ODNkNjZhMy0yMWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlC3Dehmd/tG2XAHvSKTdfwwUcKfVdN/BI8AOm2I3YOJQL4Ub5eE+vogW
AhjM8cIoxJDlWi/IB1spLsBDQY7+Fm6a3xcuy2nvzzY8JdzOVgai5zLsTFLKYzhp
Yc04jbGtUrORtIoLC70Xht9Ily8/A4cCfezuG33Tz1Rhc7tl5Gm1n0f5CvOdbZst
Qpo0at77b8hj8xo/aoFS0NvfvBZ89TV7FZcoZqeiWTvlchB3R3mv92Qrj12ZAluQ
KknbBYJNI6e3iaujgwHBbP1OtgD++bcWISX90bauawZMJunJHhcCTWxXkGjP6wsc
BfjH32utnddlQDS7y8ivrGov1bzDhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDLF
WNE41fWbNTs1OouRzyjt6/IpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQ0ZCNUEyMjNGOEYxMUYwQjFEMDIxQTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml4WMA0GCSqGSIb3DQEB
CwUAA4IBAQBOkJ8LNFRnDGTymfvjhHjP/KliwAqbUnX3IZW3dnDDYcqY2pcdcE7Z
kMcKKoIsvjj5G/57RX9WyZU6wTu2ZfwZ1jDpltGjP8z4NLj8XmvFEO1d/lyzkgJR
S0BLLAtYC6V67Kn5Tdvg/DzlrDQgjDjJuVmhHqnkcjcg9sY56wX2qfpQKIkLqQxc
kkQIfu2YL/2aC1jKIXvlf9NpB+B1f1O9B7I8wjk/b8qdIgl4XWFp05iHOsWeaQhH
KXbjzcqZtvIMznMGf5yaFV162B43xAoyG3ODWoHr1W7YWGIPHkYNg9AJdliEP/Ea
OqOvKlrj+cp0hRjv428Fq2f0Av2SNE6r
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:46:23 2025 by rpki-client