Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9BF0D12599511F08DBA9087DAE4EC9C.roa
File: F9BF0D12599511F08DBA9087DAE4EC9C.roa (raw, json)
Hash identifier: YiPDipAEqj8Q+QATqng5EYCEQ5mgvHkmJU9W0b+Wvuc=
Subject key identifier: 1B:E8:49:BD:68:A0:8C:99:51:B5:F4:FA:91:1A:AB:7E:20:BE:05:25
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AEA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9BF0D12599511F08DBA9087DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 11:48:33 +0000
ROA not before: Sat 05 Jul 2025 11:48:28 +0000
ROA not after: Wed 13 Aug 2025 11:48:28 +0000
asID: 57043
IP address blocks: 154.222.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Jul 2025 00:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101098 (0x18aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 11:48:28 2025 GMT
Not After : Aug 13 11:48:28 2025 GMT
Subject: CN=68691111-433e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:58:33:48:0d:99:cc:2b:f8:39:6f:6a:18:36:
8e:ec:d0:4b:62:da:38:ba:39:9d:96:40:fc:d6:6c:
ff:b4:da:69:47:06:76:fb:93:47:a4:ed:98:eb:88:
36:3d:42:88:ad:c9:5c:f1:e1:49:28:6c:00:a0:e5:
a9:10:df:e9:04:8b:4b:05:e8:34:f3:7d:a2:d4:91:
7f:16:d0:6a:24:9f:58:3e:c1:bc:df:de:7f:38:93:
55:aa:89:fa:81:9f:a6:b7:38:39:aa:bb:4e:20:2d:
ee:53:57:f4:e0:28:72:94:44:2d:9f:e7:fa:d3:01:
29:28:45:b3:b8:0a:22:16:e6:68:81:32:b9:34:93:
36:0a:1e:c1:fd:26:70:71:d2:0f:3d:88:4d:a4:b7:
cf:e0:7b:3c:06:18:2d:d4:eb:64:56:f9:07:af:45:
20:6f:1e:f6:f9:b2:f3:2e:17:51:1b:b2:5d:c6:df:
66:e9:f7:14:0a:64:57:a6:b8:36:7f:69:ef:2e:b0:
c6:e6:d1:9e:05:9a:f3:32:6c:09:ac:5d:8a:32:cd:
bf:49:cf:a2:d7:40:11:40:e9:d0:8e:f7:73:a4:e3:
c9:5a:6f:46:a2:c1:fd:4a:be:c2:d5:08:a6:32:58:
46:ca:7c:bd:93:bf:dd:37:6d:c3:90:d1:41:28:69:
69:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E8:49:BD:68:A0:8C:99:51:B5:F4:FA:91:1A:AB:7E:20:BE:05:25
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F9BF0D12599511F08DBA9087DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.76.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:04:4c:eb:08:5b:b0:69:4c:ff:aa:50:ca:4c:4c:3b:fa:dd:
a5:49:73:f6:1f:a9:71:e8:06:bc:1a:12:2b:37:bb:47:1c:4f:
0f:2a:02:86:b7:66:3a:e6:39:2d:69:04:a5:ac:f7:56:62:9d:
66:f0:8b:9c:a5:02:44:d5:f9:48:e5:be:b2:c6:b6:b4:c9:96:
5c:c5:60:d6:32:e9:b9:06:b1:12:89:99:39:39:6f:9e:a0:0a:
75:3c:b9:b1:85:0e:61:b9:18:88:8e:96:e7:71:0e:95:f6:13:
19:32:b9:51:6e:31:a5:d2:28:59:ea:26:cc:b4:dc:1e:b4:b7:
6e:38:e4:d0:db:49:dc:61:4f:8d:7b:23:cc:68:85:fd:4e:eb:
43:0c:71:9a:60:c3:10:67:ec:11:b2:7a:74:8e:8a:08:41:59:
cb:52:2f:26:28:cc:6b:73:7c:5a:a5:7b:42:36:77:25:a9:d5:
09:cd:d4:94:3f:bf:60:03:51:c5:87:5a:09:35:55:c4:68:63:
f8:c9:d1:da:98:ab:23:9e:a6:e6:d6:fa:ea:3a:54:4a:73:cf:
74:03:02:e8:15:43:91:a0:b0:c9:48:ba:9e:9d:4d:72:15:69:
bb:32:1f:6d:eb:8e:a8:07:2a:aa:db:f6:96:af:39:48:e8:cc:
41:16:ab:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYrqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTE0ODI4WhcNMjUwODEzMTE0ODI4WjAYMRYw
FAYDVQQDEw02ODY5MTExMS00MzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAulgzSA2ZzCv4OW9qGDaO7NBLYto4ujmdlkD81mz/tNppRwZ2+5NHpO2Y
64g2PUKIrclc8eFJKGwAoOWpEN/pBItLBeg0832i1JF/FtBqJJ9YPsG8395/OJNV
qon6gZ+mtzg5qrtOIC3uU1f04ChylEQtn+f60wEpKEWzuAoiFuZogTK5NJM2Ch7B
/SZwcdIPPYhNpLfP4Hs8Bhgt1OtkVvkHr0Ugbx72+bLzLhdRG7Jdxt9m6fcUCmRX
prg2f2nvLrDG5tGeBZrzMmwJrF2KMs2/Sc+i10ARQOnQjvdzpOPJWm9GosH9Sr7C
1QimMlhGyny9k7/dN23DkNFBKGlpFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBvo
Sb1ooIyZUbX0+pEaq34gvgUlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GOUJGMEQxMjU5OTUxMUYwOERCQTkwODdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5MMA0GCSqGSIb3DQEB
CwUAA4IBAQA6BEzrCFuwaUz/qlDKTEw7+t2lSXP2H6lx6Aa8GhIrN7tHHE8PKgKG
t2Y65jktaQSlrPdWYp1m8IucpQJE1flI5b6yxra0yZZcxWDWMum5BrESiZk5OW+e
oAp1PLmxhQ5huRiIjpbncQ6V9hMZMrlRbjGl0ihZ6ibMtNwetLduOOTQ20ncYU+N
eyPMaIX9TutDDHGaYMMQZ+wRsnp0jooIQVnLUi8mKMxrc3xapXtCNnclqdUJzdSU
P79gA1HFh1oJNVXEaGP4ydHamKsjnqbm1vrqOlRKc890AwLoFUORoLDJSLqenU1y
FWm7Mh9t646oByqq2/aWrzlI6MxBFqsT
-----END CERTIFICATE-----
Generated at Sun Jul 6 08:20:21 2025 by rpki-client