Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7E143B03EE311F09F42B3C2DAE4EC9C.roa
File: A7E143B03EE311F09F42B3C2DAE4EC9C.roa (raw, json)
Hash identifier: c9SRPNXvecCwfc2T12JSlfYbaoi3VDCeKG/WIx71SSo=
Subject key identifier: 4B:63:ED:9A:B3:A3:99:12:19:D3:06:E4:13:ED:71:0E:A3:C3:2C:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01843D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7E143B03EE311F09F42B3C2DAE4EC9C.roa
Signing time: Sun 01 Jun 2025 12:26:35 +0000
ROA not before: Sun 01 Jun 2025 12:26:30 +0000
ROA not after: Fri 27 Jun 2025 12:26:30 +0000
asID: 401696
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 07:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99389 (0x1843d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 1 12:26:30 2025 GMT
Not After : Jun 27 12:26:30 2025 GMT
Subject: CN=683c46fb-58ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:75:20:c6:52:34:bf:32:30:f1:a7:f6:d6:17:
a2:7d:bc:a5:44:2c:3c:81:b1:35:e5:b0:24:8a:e0:
01:7d:53:5b:eb:48:57:64:8a:ac:c2:85:d1:a9:51:
d0:8e:57:8b:70:b8:49:77:62:a5:40:f7:00:b4:7d:
5f:7f:6b:9f:3b:05:ca:9a:53:37:c6:c8:b0:20:56:
8b:b1:79:23:60:88:6f:85:08:cf:00:cb:42:af:82:
83:c2:32:aa:c7:79:a1:e2:39:7d:db:19:98:a3:f0:
15:ea:0d:e1:c8:24:ee:cf:13:76:18:1e:76:e9:7c:
5f:b4:88:c9:ae:72:04:4c:12:32:8c:fb:00:02:1e:
31:b7:aa:53:d5:00:ef:43:dc:92:7d:a4:5e:95:a9:
97:66:34:7b:83:0f:e0:7a:cc:46:3a:b8:d6:79:f9:
70:58:4f:c4:82:63:c1:14:b0:d5:5a:c0:a1:23:38:
7f:72:cb:ab:20:d8:53:fe:a6:f2:55:3f:4c:24:93:
3a:53:12:89:bb:d9:a3:e5:43:56:32:0f:df:d1:ac:
53:cf:6a:c7:58:86:df:4f:89:aa:3e:1c:20:f8:af:
7f:81:eb:c8:b6:6b:17:c2:38:a6:20:5a:b1:2e:0f:
24:e8:98:ca:66:42:30:b4:f5:3c:ba:d1:4f:49:28:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:63:ED:9A:B3:A3:99:12:19:D3:06:E4:13:ED:71:0E:A3:C3:2C:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7E143B03EE311F09F42B3C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
89:1e:db:b7:2c:e0:9c:8c:48:46:c6:71:44:70:c6:92:79:01:
ad:e8:76:0d:06:e8:61:56:c0:61:d1:d3:ef:db:a9:47:9b:56:
28:32:65:71:77:74:25:12:ab:8a:2c:62:d4:8c:2a:55:74:d3:
d8:ef:49:d9:81:cd:25:89:60:de:17:50:1f:04:ef:23:6f:de:
d5:b4:eb:b6:96:97:30:3a:21:a2:5b:43:63:ca:c8:a0:43:6c:
fd:08:33:1a:4c:1d:01:ea:2a:cf:5c:22:2f:07:ab:73:e4:92:
1b:cc:8d:f2:96:b6:32:d5:ef:be:d7:eb:4c:d2:48:02:12:57:
5b:a1:fa:34:a8:e0:08:59:a2:d3:14:c3:ca:b4:17:13:cb:95:
79:9d:57:2f:39:69:c4:8c:64:d2:cc:6f:22:71:ef:b0:fc:06:
3f:43:b2:e4:95:d4:de:16:08:0e:8f:af:82:10:c7:d7:7e:2e:
d1:a6:d7:e7:e8:ea:04:27:3a:f5:5b:c8:07:c5:a9:81:22:f1:
7b:1b:a6:51:ab:e3:d2:ac:dd:44:75:8f:50:e4:59:d7:5f:22:
7b:d1:ae:47:93:48:ee:d3:1e:70:bc:5e:47:1f:28:b2:db:39:
be:97:6e:37:cb:0c:69:42:83:70:12:7b:34:e5:72:fd:d1:a5:
f6:85:e9:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYQ9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAxMTIyNjMwWhcNMjUwNjI3MTIyNjMwWjAYMRYw
FAYDVQQDEw02ODNjNDZmYi01OGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA43UgxlI0vzIw8af21heifbylRCw8gbE15bAkiuABfVNb60hXZIqswoXR
qVHQjleLcLhJd2KlQPcAtH1ff2ufOwXKmlM3xsiwIFaLsXkjYIhvhQjPAMtCr4KD
wjKqx3mh4jl92xmYo/AV6g3hyCTuzxN2GB526XxftIjJrnIETBIyjPsAAh4xt6pT
1QDvQ9ySfaRelamXZjR7gw/gesxGOrjWeflwWE/EgmPBFLDVWsChIzh/csurINhT
/qbyVT9MJJM6UxKJu9mj5UNWMg/f0axTz2rHWIbfT4mqPhwg+K9/gevItmsXwjim
IFqxLg8k6JjKZkIwtPU8utFPSSihdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEtj
7Zqzo5kSGdMG5BPtcQ6jwyzSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BN0UxNDNCMDNFRTMxMUYwOUY0MkIzQzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQCJHtu3LOCcjEhGxnFEcMaSeQGt6HYNBuhhVsBh0dPv26lHm1YoMmVx
d3QlEquKLGLUjCpVdNPY70nZgc0liWDeF1AfBO8jb97VtOu2lpcwOiGiW0Njysig
Q2z9CDMaTB0B6irPXCIvB6tz5JIbzI3ylrYy1e++1+tM0kgCEldbofo0qOAIWaLT
FMPKtBcTy5V5nVcvOWnEjGTSzG8ice+w/AY/Q7LkldTeFggOj6+CEMfXfi7Rptfn
6OoEJzr1W8gHxamBIvF7G6ZRq+PSrN1EdY9Q5FnXXyJ70a5Hk0ju0x5wvF5HHyiy
2zm+l243ywxpQoNwEns05XL90aX2helM
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:46:08 2025 by rpki-client