Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23F6AE9A7E6811F0AFBA8EDBDAE4EC9C.roa
File: 23F6AE9A7E6811F0AFBA8EDBDAE4EC9C.roa (raw, json)
Hash identifier: uQ8axgt+U/PqaoWAVR+QEsf05PH2sHOzqQWLT1sUkws=
Subject key identifier: A4:5A:B6:22:C7:09:38:3A:A0:2F:DD:F9:71:AF:13:9D:98:B3:8B:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0192EA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23F6AE9A7E6811F0AFBA8EDBDAE4EC9C.roa
Signing time: Thu 21 Aug 2025 08:23:40 +0000
ROA not before: Thu 21 Aug 2025 08:23:35 +0000
ROA not after: Sat 01 Nov 2025 08:23:35 +0000
asID: 149014
IP address blocks: 154.223.168.0/24 maxlen: 24
154.223.169.0/24 maxlen: 24
154.223.170.0/24 maxlen: 24
154.223.171.0/24 maxlen: 24
154.223.176.0/24 maxlen: 24
154.223.177.0/24 maxlen: 24
154.223.178.0/24 maxlen: 24
154.223.179.0/24 maxlen: 24
154.223.180.0/24 maxlen: 24
154.223.182.0/24 maxlen: 24
154.223.183.0/24 maxlen: 24
154.223.188.0/24 maxlen: 24
154.223.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103146 (0x192ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 21 08:23:35 2025 GMT
Not After : Nov 1 08:23:35 2025 GMT
Subject: CN=68a6d78c-b396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:ec:7b:9d:61:42:ec:18:8a:65:69:b5:b5:35:
13:ea:7b:0d:0f:81:ec:62:d6:9b:93:ad:86:2e:9f:
2a:b5:35:88:79:01:91:fc:75:57:b4:2c:8e:5b:62:
5b:2f:3c:bc:c5:30:b7:57:a3:cb:36:0a:15:8f:ae:
23:45:43:ee:9c:77:6d:20:83:28:0b:8f:44:da:a3:
ea:ea:35:96:8d:09:d2:3f:1e:e6:50:f8:42:1c:1b:
84:a5:7d:b6:ae:06:69:7a:0c:86:89:62:39:a7:c3:
7f:0f:8f:d7:8f:27:85:da:6a:81:86:03:b9:32:4e:
6c:ad:5f:39:19:da:19:b6:d4:68:88:2b:1a:4b:b7:
bd:7e:62:98:dc:d6:48:c6:55:94:e0:63:a0:ea:9d:
7b:73:5d:cb:5d:dd:99:7f:4c:ac:7a:90:c3:d0:ed:
88:0b:c5:05:26:0e:49:54:29:47:f3:7c:3e:08:3a:
e5:ce:42:c2:cd:f3:4c:68:bb:27:98:4b:76:1a:20:
35:69:8d:91:ab:f4:fa:fb:98:b5:23:0b:d3:a1:92:
be:fb:72:3b:3c:72:ee:64:83:37:65:98:27:b4:f3:
79:89:d0:aa:3a:0d:e9:bd:2e:43:17:6b:41:6b:e5:
34:e0:43:ce:d6:2c:42:94:80:d3:6d:33:b1:aa:8d:
cd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5A:B6:22:C7:09:38:3A:A0:2F:DD:F9:71:AF:13:9D:98:B3:8B:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23F6AE9A7E6811F0AFBA8EDBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0-154.223.180.255
154.223.182.0/23
154.223.188.0/23
Signature Algorithm: sha256WithRSAEncryption
cf:d9:5c:b3:cc:0d:7a:66:b1:f3:b1:4d:b0:7e:6a:6a:4f:2f:
9f:df:c9:79:01:b5:61:48:4f:f4:33:a1:72:73:dc:4f:d8:c2:
19:e6:bc:dc:89:44:da:92:92:1d:0d:e8:6c:92:6c:b7:77:aa:
85:a1:20:ad:0c:34:b2:72:89:fd:a7:0a:aa:ae:a1:41:b0:16:
95:d2:14:84:6b:f8:bc:95:da:de:35:1f:06:59:3f:6b:7e:95:
33:33:01:e9:96:87:23:b2:7a:d7:0e:2e:2d:e2:18:1d:36:a2:
a6:85:c2:d2:2d:15:d7:59:af:c2:72:90:29:68:a8:13:4e:36:
40:27:f2:f9:c5:07:a3:af:0d:1a:63:54:d2:d9:31:5f:9e:d2:
ec:3c:3f:e7:09:6e:a3:c6:60:c5:48:5c:7a:9d:65:4f:4a:b5:
d6:e3:4f:8f:96:23:b2:0a:78:bb:c3:77:8e:10:34:3d:95:53:
81:b9:a7:22:f7:98:04:23:b5:c2:4c:6f:ec:da:03:3a:f3:da:
02:c7:d6:3d:05:a8:91:eb:50:7e:bd:09:16:e6:34:c9:4e:7a:
14:6e:bb:de:76:8d:77:2f:2d:33:5a:ec:6b:c1:a7:74:58:fa:
0e:c0:dd:27:31:bb:3e:0e:d0:c7:bb:20:77:09:be:f8:05:da:
b0:6f:00:7e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAZLqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIxMDgyMzM1WhcNMjUxMTAxMDgyMzM1WjAYMRYw
FAYDVQQDEw02OGE2ZDc4Yy1iMzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+ux7nWFC7BiKZWm1tTUT6nsND4HsYtabk62GLp8qtTWIeQGR/HVXtCyO
W2JbLzy8xTC3V6PLNgoVj64jRUPunHdtIIMoC49E2qPq6jWWjQnSPx7mUPhCHBuE
pX22rgZpegyGiWI5p8N/D4/XjyeF2mqBhgO5Mk5srV85GdoZttRoiCsaS7e9fmKY
3NZIxlWU4GOg6p17c13LXd2Zf0ysepDD0O2IC8UFJg5JVClH83w+CDrlzkLCzfNM
aLsnmEt2GiA1aY2Rq/T6+5i1IwvToZK++3I7PHLuZIM3ZZgntPN5idCqOg3pvS5D
F2tBa+U04EPO1ixClIDTbTOxqo3NYwIDAQABo4ICvzCCArswHQYDVR0OBBYEFKRa
tiLHCTg6oC/d+XGvE52Ys4tyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yM0Y2QUU5QTdFNjgxMUYwQUZCQThFREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCmt+oMAwDBASa37ADBACa
37QDBAGa37YDBAGa37wwDQYJKoZIhvcNAQELBQADggEBAM/ZXLPMDXpmsfOxTbB+
ampPL5/fyXkBtWFIT/QzoXJz3E/YwhnmvNyJRNqSkh0N6GySbLd3qoWhIK0MNLJy
if2nCqquoUGwFpXSFIRr+LyV2t41HwZZP2t+lTMzAemWhyOyetcOLi3iGB02oqaF
wtItFddZr8JykCloqBNONkAn8vnFB6OvDRpjVNLZMV+e0uw8P+cJbqPGYMVIXHqd
ZU9KtdbjT4+WI7IKeLvDd44QND2VU4G5pyL3mAQjtcJMb+zaAzrz2gLH1j0FqJHr
UH69CRbmNMlOehRuu952jXcvLTNa7GvBp3RY+g7A3Scxuz4O0Me7IHcJvvgF2rBv
AH4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:42 2025 by rpki-client