Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85F896A63C7011F0BEEC13D9DAE4EC9C.roa
File: 85F896A63C7011F0BEEC13D9DAE4EC9C.roa (raw, json)
Hash identifier: gaX4mpQxTOC6oRbFTOsn/QjsXAb5rHvvEZUrzvAqy7Q=
Subject key identifier: E8:09:35:9D:57:9C:61:A0:CB:42:17:14:7B:65:5E:A0:C0:DF:D8:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0183AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85F896A63C7011F0BEEC13D9DAE4EC9C.roa
Signing time: Thu 29 May 2025 09:37:23 +0000
ROA not before: Thu 29 May 2025 09:37:19 +0000
ROA not after: Sun 08 Jun 2025 09:37:19 +0000
asID: 132839
IP address blocks: 154.195.192.0/19 maxlen: 24
154.195.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99244 (0x183ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 29 09:37:19 2025 GMT
Not After : Jun 8 09:37:19 2025 GMT
Subject: CN=68382ad3-b3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a1:96:09:10:1d:db:6a:9c:d4:3f:7c:be:3d:
b0:6f:7c:a8:30:e5:60:7c:52:46:82:76:d8:4a:67:
f2:49:54:39:3d:09:b7:fb:8b:a0:44:ef:cd:f7:f1:
77:f7:38:30:5e:b7:05:2e:72:7c:67:16:52:e8:30:
a9:ce:94:a8:0b:89:fb:19:d3:94:dd:48:6b:47:f8:
8b:b4:3f:13:05:48:a7:bf:8e:e5:18:3f:ea:96:02:
a5:63:7c:03:36:b6:1b:12:ae:32:67:31:bc:73:44:
db:2e:5f:eb:18:7e:ae:8d:b7:42:a1:72:84:81:04:
c9:30:1e:37:78:d9:c8:a5:db:e9:0c:b1:86:2c:60:
86:ce:7c:76:05:1a:1a:d7:c6:91:74:2d:08:c6:e8:
ca:7b:63:35:26:90:cc:bb:c3:67:d6:55:67:b7:af:
81:1d:bf:45:92:bd:e9:7e:a0:dd:1c:39:60:83:a7:
da:17:37:d4:2b:7f:f8:da:82:9a:65:bd:9a:be:4f:
ac:39:8b:63:1c:b0:70:62:85:1e:0b:f4:28:c0:a8:
76:d2:a3:9a:f2:a5:64:39:8a:23:2a:55:ff:2b:76:
50:9b:ee:5c:41:84:05:db:4e:ae:bb:5f:73:29:d3:
4d:d7:77:b8:78:cb:ea:d9:85:90:a2:2e:4e:75:1e:
04:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:09:35:9D:57:9C:61:A0:CB:42:17:14:7B:65:5E:A0:C0:DF:D8:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85F896A63C7011F0BEEC13D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.192.0/18
Signature Algorithm: sha256WithRSAEncryption
16:70:c3:8d:c1:95:5f:ff:52:17:54:dc:ae:18:e6:50:47:d5:
70:08:be:eb:29:3e:7a:45:3a:de:23:e1:e6:8c:a1:fc:fc:07:
25:cb:5a:72:8a:18:2b:f7:2f:dd:de:54:9c:1c:fc:23:85:aa:
fb:6d:23:63:8d:cb:6d:aa:f0:30:08:04:d0:78:81:c6:79:11:
59:f1:57:6b:b4:16:9f:92:6e:0a:5a:3b:d0:5c:09:ed:c6:4d:
9e:d3:0d:79:43:32:08:37:76:ef:2e:17:4c:13:54:37:79:44:
5a:05:30:bb:d0:f5:b2:eb:6e:dd:3c:cb:51:55:6d:9b:a2:2a:
80:67:c0:50:a7:8f:52:70:b5:27:0a:87:0d:7b:02:6f:6b:7e:
d9:56:af:41:66:36:62:5e:e8:c2:ec:c5:a8:4e:81:b1:aa:c1:
4b:c1:35:b0:b8:4c:76:04:b9:98:17:9f:53:e0:28:44:4e:27:
5f:b6:60:36:00:e0:b6:81:65:e2:63:26:c3:79:d6:f2:c7:1a:
5c:77:29:18:e0:3d:ee:ca:ef:c7:a1:4b:b6:d4:59:fd:7a:b0:
85:17:1e:a7:c6:7f:d8:fb:57:04:9d:7b:c3:df:d7:da:77:7a:
b5:19:b0:cc:f8:24:31:05:3f:7f:00:19:6e:43:be:8a:93:fd:
d4:31:9e:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYOsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI5MDkzNzE5WhcNMjUwNjA4MDkzNzE5WjAYMRYw
FAYDVQQDEw02ODM4MmFkMy1iM2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxqGWCRAd22qc1D98vj2wb3yoMOVgfFJGgnbYSmfySVQ5PQm3+4ugRO/N
9/F39zgwXrcFLnJ8ZxZS6DCpzpSoC4n7GdOU3UhrR/iLtD8TBUinv47lGD/qlgKl
Y3wDNrYbEq4yZzG8c0TbLl/rGH6ujbdCoXKEgQTJMB43eNnIpdvpDLGGLGCGznx2
BRoa18aRdC0IxujKe2M1JpDMu8Nn1lVnt6+BHb9Fkr3pfqDdHDlgg6faFzfUK3/4
2oKaZb2avk+sOYtjHLBwYoUeC/QowKh20qOa8qVkOYojKlX/K3ZQm+5cQYQF206u
u19zKdNN13e4eMvq2YWQoi5OdR4EOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOgJ
NZ1XnGGgy0IXFHtlXqDA39jaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUY4OTZBNjNDNzAxMUYwQkVFQzEzRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsPAMA0GCSqGSIb3DQEB
CwUAA4IBAQAWcMONwZVf/1IXVNyuGOZQR9VwCL7rKT56RTreI+HmjKH8/Acly1py
ihgr9y/d3lScHPwjhar7bSNjjcttqvAwCATQeIHGeRFZ8VdrtBafkm4KWjvQXAnt
xk2e0w15QzIIN3bvLhdME1Q3eURaBTC70PWy627dPMtRVW2boiqAZ8BQp49ScLUn
CocNewJva37ZVq9BZjZiXujC7MWoToGxqsFLwTWwuEx2BLmYF59T4ChETidftmA2
AOC2gWXiYybDedbyxxpcdykY4D3uyu/HoUu21Fn9erCFFx6nxn/Y+1cEnXvD39fa
d3q1GbDM+CQxBT9/ABluQ76Kk/3UMZ5p
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:23:21 2025 by rpki-client