Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CFCC5BA3AD211F09927C5D2DAE4EC9C.roa
File: 9CFCC5BA3AD211F09927C5D2DAE4EC9C.roa (raw, json)
Hash identifier: FyIOPFeoPm8Joci/VX55iq79e9dYT8+nVeAa50t+cHc=
Subject key identifier: 0B:56:BD:7C:D5:76:08:E1:08:21:AB:FA:5C:60:80:28:3E:BB:1F:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0182D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CFCC5BA3AD211F09927C5D2DAE4EC9C.roa
Signing time: Tue 27 May 2025 08:14:30 +0000
ROA not before: Tue 27 May 2025 08:14:25 +0000
ROA not after: Fri 04 Jul 2025 08:14:25 +0000
asID: 57043
IP address blocks: 154.202.75.0/24 maxlen: 24
154.207.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99033 (0x182d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 27 08:14:25 2025 GMT
Not After : Jul 4 08:14:25 2025 GMT
Subject: CN=68357466-fb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e0:b4:93:f8:08:36:32:e8:39:42:6b:b5:6f:
1d:d6:92:46:ba:46:54:12:f9:bf:a3:f8:fd:93:3d:
0b:8d:1d:87:60:c7:25:8f:cf:e8:93:fa:29:b4:a9:
14:da:65:01:f4:cd:09:ba:36:dd:2a:c0:42:ce:30:
01:24:0e:77:f7:d0:0b:52:68:2b:53:5b:0d:eb:47:
7f:7d:30:21:f0:a6:e2:8c:ab:c4:16:25:dd:74:b7:
ed:f5:ad:35:da:bb:33:f8:e6:59:57:dd:ce:95:6c:
6e:2f:93:02:57:6f:01:72:08:9f:9e:20:10:fb:26:
05:a9:14:59:25:6f:e1:9b:b9:cf:71:5d:c4:df:96:
2a:a3:b4:59:da:b5:bc:81:3b:ed:d6:51:25:81:60:
65:bd:2d:47:33:04:b3:cb:7e:01:3f:d1:86:b1:71:
eb:f8:8a:0f:f5:38:e8:21:15:7d:0f:f0:cf:e9:f7:
c6:b9:ff:cc:e7:20:80:81:4c:d0:26:38:8b:38:7f:
84:27:af:a5:09:ff:4d:50:70:47:d2:02:21:da:cc:
0f:7f:70:ea:37:3d:52:15:0f:78:cb:20:6e:ef:1d:
2d:17:08:75:b6:4c:c3:cc:b9:92:6d:8c:40:68:d0:
4d:95:9d:56:87:65:9c:9f:a5:d1:be:31:44:3b:86:
8d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:56:BD:7C:D5:76:08:E1:08:21:AB:FA:5C:60:80:28:3E:BB:1F:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CFCC5BA3AD211F09927C5D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.75.0/24
154.207.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:9a:4c:f0:41:f5:a4:a4:b7:27:4d:59:fb:e7:f0:5d:f5:1a:
4b:14:18:06:dc:cb:0e:06:80:fc:d2:d6:36:c9:12:e6:76:6b:
f1:0d:74:3a:5b:5c:86:53:71:21:f4:8c:c2:08:25:69:31:a7:
59:03:3b:86:a0:ff:9e:ce:60:dc:3d:a2:2f:ae:64:40:02:64:
c6:35:a5:85:99:7a:7c:c5:b8:e3:26:a3:50:27:84:32:3e:dd:
0d:0d:4b:cc:0e:02:0e:6a:23:11:3c:9f:7a:61:eb:cf:d9:09:
47:1c:06:ac:84:0c:16:e1:2f:49:d1:0e:26:ca:25:2b:18:18:
af:78:da:c6:11:ac:34:ac:cc:2f:3e:ad:43:a5:00:f7:c8:cf:
a9:ac:f3:f1:f6:66:53:ec:15:59:50:0c:90:39:e4:35:bc:f5:
1e:d3:96:0b:55:f2:dc:72:8e:ed:ce:61:25:e7:0b:45:d6:47:
5b:20:97:bd:03:e2:e4:3d:e1:2c:84:c3:63:52:29:f0:e3:d9:
d4:42:ae:b1:f8:a6:bb:83:43:a8:48:55:ea:82:aa:5f:85:49:
48:ee:b5:6e:a9:ed:55:68:00:1f:f3:56:e6:b4:11:05:74:43:
4e:d2:28:55:b0:ea:84:87:a5:4f:18:bd:1c:04:f6:48:b0:eb:
21:1f:f5:e7
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYLZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI3MDgxNDI1WhcNMjUwNzA0MDgxNDI1WjAYMRYw
FAYDVQQDEw02ODM1NzQ2Ni1mYjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+C0k/gINjLoOUJrtW8d1pJGukZUEvm/o/j9kz0LjR2HYMclj8/ok/op
tKkU2mUB9M0JujbdKsBCzjABJA5399ALUmgrU1sN60d/fTAh8KbijKvEFiXddLft
9a012rsz+OZZV93OlWxuL5MCV28BcgifniAQ+yYFqRRZJW/hm7nPcV3E35Yqo7RZ
2rW8gTvt1lElgWBlvS1HMwSzy34BP9GGsXHr+IoP9TjoIRV9D/DP6ffGuf/M5yCA
gUzQJjiLOH+EJ6+lCf9NUHBH0gIh2swPf3DqNz1SFQ94yyBu7x0tFwh1tkzDzLmS
bYxAaNBNlZ1Wh2Wcn6XRvjFEO4aN1QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFAtW
vXzVdgjhCCGr+lxggCg+ux8IMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0ZDQzVCQTNBRDIxMUYwOTkyN0M1RDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmspLAwQAms+tMA0GCSqG
SIb3DQEBCwUAA4IBAQBPmkzwQfWkpLcnTVn75/Bd9RpLFBgG3MsOBoD80tY2yRLm
dmvxDXQ6W1yGU3Eh9IzCCCVpMadZAzuGoP+ezmDcPaIvrmRAAmTGNaWFmXp8xbjj
JqNQJ4QyPt0NDUvMDgIOaiMRPJ96YevP2QlHHAashAwW4S9J0Q4myiUrGBiveNrG
Eaw0rMwvPq1DpQD3yM+prPPx9mZT7BVZUAyQOeQ1vPUe05YLVfLcco7tzmEl5wtF
1kdbIJe9A+LkPeEshMNjUinw49nUQq6x+Ka7g0OoSFXqgqpfhUlI7rVuqe1VaAAf
81bmtBEFdENO0ihVsOqEh6VPGL0cBPZIsOshH/Xn
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:26:48 2025 by rpki-client