Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08B9258876B911F0B09858A8DAE4EC9C.roa
File: 08B9258876B911F0B09858A8DAE4EC9C.roa (raw, json)
Hash identifier: AnewAm0/jzV3ez7Hmh6sWGK9N5CNLq3KVVNXzOvIex8=
Subject key identifier: 3E:A2:54:AF:A5:11:19:FE:EC:DA:F7:E8:7D:C3:82:D3:8F:9B:45:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01914F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08B9258876B911F0B09858A8DAE4EC9C.roa
Signing time: Mon 11 Aug 2025 13:42:34 +0000
ROA not before: Mon 11 Aug 2025 13:42:29 +0000
ROA not after: Sat 30 Aug 2025 13:42:29 +0000
asID: 45194
IP address blocks: 154.84.192.0/24 maxlen: 24
154.84.193.0/24 maxlen: 24
154.84.194.0/24 maxlen: 24
154.84.195.0/24 maxlen: 24
154.84.196.0/24 maxlen: 24
154.84.197.0/24 maxlen: 24
154.84.198.0/24 maxlen: 24
154.84.199.0/24 maxlen: 24
154.84.200.0/24 maxlen: 24
154.84.201.0/24 maxlen: 24
154.84.202.0/24 maxlen: 24
154.84.203.0/24 maxlen: 24
154.84.204.0/24 maxlen: 24
154.84.205.0/24 maxlen: 24
154.84.206.0/24 maxlen: 24
154.84.207.0/24 maxlen: 24
154.84.208.0/24 maxlen: 24
154.84.209.0/24 maxlen: 24
154.84.210.0/24 maxlen: 24
154.84.211.0/24 maxlen: 24
154.84.212.0/24 maxlen: 24
154.84.213.0/24 maxlen: 24
154.84.214.0/24 maxlen: 24
154.84.215.0/24 maxlen: 24
154.84.216.0/24 maxlen: 24
154.84.217.0/24 maxlen: 24
154.84.218.0/24 maxlen: 24
154.84.219.0/24 maxlen: 24
154.84.220.0/24 maxlen: 24
154.84.221.0/24 maxlen: 24
154.84.222.0/24 maxlen: 24
154.84.223.0/24 maxlen: 24
154.84.224.0/24 maxlen: 24
154.84.225.0/24 maxlen: 24
154.84.226.0/24 maxlen: 24
154.84.227.0/24 maxlen: 24
154.84.228.0/24 maxlen: 24
154.84.229.0/24 maxlen: 24
154.84.230.0/24 maxlen: 24
154.84.231.0/24 maxlen: 24
154.84.232.0/24 maxlen: 24
154.84.233.0/24 maxlen: 24
154.84.234.0/24 maxlen: 24
154.84.235.0/24 maxlen: 24
154.84.236.0/24 maxlen: 24
154.84.237.0/24 maxlen: 24
154.84.238.0/24 maxlen: 24
154.84.239.0/24 maxlen: 24
154.84.240.0/24 maxlen: 24
154.84.241.0/24 maxlen: 24
154.84.242.0/24 maxlen: 24
154.84.243.0/24 maxlen: 24
154.84.244.0/24 maxlen: 24
154.84.245.0/24 maxlen: 24
154.84.246.0/24 maxlen: 24
154.84.247.0/24 maxlen: 24
154.84.248.0/24 maxlen: 24
154.84.249.0/24 maxlen: 24
154.84.250.0/24 maxlen: 24
154.84.251.0/24 maxlen: 24
154.84.252.0/24 maxlen: 24
154.84.253.0/24 maxlen: 24
154.84.254.0/24 maxlen: 24
154.84.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102735 (0x1914f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 11 13:42:29 2025 GMT
Not After : Aug 30 13:42:29 2025 GMT
Subject: CN=6899f34a-73c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d4:83:13:d5:b2:44:30:1d:40:d4:f9:c1:a1:
79:cc:55:fc:be:a8:04:8e:3c:74:eb:9a:6d:b7:df:
45:94:e6:3c:4d:5c:9c:50:ac:7a:3c:c6:60:e0:c0:
7c:6a:0f:dd:e7:8c:c7:57:4c:34:13:71:f0:c1:91:
fd:ad:44:4f:70:ab:bf:16:f4:89:58:94:17:4d:14:
92:43:6b:9d:2b:0f:39:80:c6:50:39:30:6f:da:1e:
97:ed:28:42:bd:92:8b:f2:db:7c:0c:f4:8d:30:df:
95:23:7b:00:c9:ad:d7:60:45:c3:bf:6a:9e:0e:4d:
72:40:00:68:53:af:d7:e1:14:01:b7:97:0c:a2:cc:
48:19:c4:06:be:0b:7b:17:c8:4a:16:fb:64:5a:10:
d5:6c:dc:9a:6b:93:4c:9f:7d:32:79:1e:6d:34:61:
1c:7b:36:80:5f:c7:f7:d8:bf:23:49:28:b3:86:18:
09:bc:20:52:4c:b0:c6:d7:fc:24:c8:6e:58:6b:ba:
f7:69:a2:d3:fc:cf:8a:80:d4:71:71:4e:64:07:f9:
03:f9:b8:eb:07:20:7b:82:03:a7:b1:48:00:ae:31:
f7:3f:05:74:78:25:71:f3:7d:00:96:a5:9a:ed:8a:
25:bb:17:4b:9d:92:86:d1:7b:00:f8:d3:71:11:d2:
36:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A2:54:AF:A5:11:19:FE:EC:DA:F7:E8:7D:C3:82:D3:8F:9B:45:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08B9258876B911F0B09858A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.192.0/18
Signature Algorithm: sha256WithRSAEncryption
54:39:58:f4:bd:f5:75:77:93:8d:02:f1:d3:a1:b3:36:c2:21:
43:4d:e8:45:1c:e4:c4:2e:32:c4:93:e9:bc:e8:1f:ac:56:c6:
31:96:d8:d1:81:71:e6:12:8a:c6:28:80:1f:bf:51:34:cc:94:
a3:79:b7:82:20:13:2d:19:49:a5:50:60:01:34:cb:42:f7:9c:
12:73:a4:43:83:d1:dc:09:9d:b9:7f:8f:ce:83:10:14:fd:c2:
9d:5d:98:00:0b:b2:f4:f4:99:89:bd:06:8e:cc:4e:d0:ff:38:
67:9e:fa:00:71:3e:71:c8:32:ff:42:38:be:3e:aa:df:6d:7b:
3a:5c:48:51:e2:da:db:d6:81:e2:4a:4f:f6:da:5b:9c:16:99:
77:11:b0:89:04:a2:73:b8:72:e3:96:40:af:b6:e6:fe:5c:e6:
0f:15:16:fd:f7:22:2a:91:14:ee:d1:f4:e1:ad:ab:f5:1b:22:
e4:4e:06:8c:17:96:65:d9:d9:fd:c0:5e:98:c9:0a:5c:86:4d:
9c:cf:bc:8d:c5:0c:3f:f3:43:45:1f:49:86:62:69:e2:cf:62:
61:82:c3:b2:04:2b:d8:10:22:f7:71:16:d9:35:d1:e1:44:d8:
e9:8c:dc:66:9e:64:79:18:53:45:a5:9b:7c:4c:e3:a2:c7:03:
1a:53:ce:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZFPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODExMTM0MjI5WhcNMjUwODMwMTM0MjI5WjAYMRYw
FAYDVQQDEw02ODk5ZjM0YS03M2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA49SDE9WyRDAdQNT5waF5zFX8vqgEjjx065ptt99FlOY8TVycUKx6PMZg
4MB8ag/d54zHV0w0E3HwwZH9rURPcKu/FvSJWJQXTRSSQ2udKw85gMZQOTBv2h6X
7ShCvZKL8tt8DPSNMN+VI3sAya3XYEXDv2qeDk1yQABoU6/X4RQBt5cMosxIGcQG
vgt7F8hKFvtkWhDVbNyaa5NMn30yeR5tNGEcezaAX8f32L8jSSizhhgJvCBSTLDG
1/wkyG5Ya7r3aaLT/M+KgNRxcU5kB/kD+bjrByB7ggOnsUgArjH3PwV0eCVx830A
lqWa7YoluxdLnZKG0XsA+NNxEdI2VQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD6i
VK+lERn+7Nr36H3DgtOPm0VmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOEI5MjU4ODc2QjkxMUYwQjA5ODU4QThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmlTAMA0GCSqGSIb3DQEB
CwUAA4IBAQBUOVj0vfV1d5ONAvHTobM2wiFDTehFHOTELjLEk+m86B+sVsYxltjR
gXHmEorGKIAfv1E0zJSjebeCIBMtGUmlUGABNMtC95wSc6RDg9HcCZ25f4/OgxAU
/cKdXZgAC7L09JmJvQaOzE7Q/zhnnvoAcT5xyDL/Qji+PqrfbXs6XEhR4trb1oHi
Sk/22lucFpl3EbCJBKJzuHLjlkCvtub+XOYPFRb99yIqkRTu0fThrav1GyLkTgaM
F5Zl2dn9wF6YyQpchk2cz7yNxQw/80NFH0mGYmniz2JhgsOyBCvYECL3cRbZNdHh
RNjpjNxmnmR5GFNFpZt8TOOixwMaU86J
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:31 2025 by rpki-client