Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/321034CA783111F09730BFC4DAE4EC9C.roa
File: 321034CA783111F09730BFC4DAE4EC9C.roa (raw, json)
Hash identifier: sR0jOSrxeOBly3ektcwQTyjs3uySS1cOioAIATNFKBQ=
Subject key identifier: 1C:10:D5:8C:E1:1A:D7:D2:7C:BE:DE:FE:B5:AE:B8:C6:38:23:FC:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01919A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/321034CA783111F09730BFC4DAE4EC9C.roa
Signing time: Wed 13 Aug 2025 10:35:14 +0000
ROA not before: Wed 13 Aug 2025 10:35:09 +0000
ROA not after: Sun 23 Nov 2025 10:35:09 +0000
asID: 132825
IP address blocks: 154.93.24.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102810 (0x1919a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 13 10:35:09 2025 GMT
Not After : Nov 23 10:35:09 2025 GMT
Subject: CN=689c6a62-21fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1e:28:92:67:c6:ea:04:56:03:ec:2b:2f:89:
5d:8a:bc:db:ae:49:c0:59:63:5c:ba:63:1f:13:48:
3d:63:cf:91:8e:49:ad:28:c0:06:ee:f9:24:23:64:
8c:a1:93:a0:0a:24:6a:98:bc:e2:ca:41:ba:74:9e:
1b:49:04:ad:97:e2:71:65:29:62:f3:3f:bd:59:af:
1e:d1:82:c3:f9:ca:75:0a:9d:9f:ae:e8:b3:b6:1a:
68:a7:f7:b6:c2:2d:9c:0f:ae:f3:21:a8:31:0e:85:
10:0d:04:0a:2c:45:49:00:0a:a1:4b:24:15:c3:97:
e0:0f:2e:dc:4c:16:80:a9:d5:7f:3d:46:17:3f:72:
b7:e8:c1:45:b7:c0:dc:14:b3:3a:14:33:38:8f:55:
03:4b:6b:4c:69:62:75:3a:8a:5e:ed:81:cc:b5:4a:
8e:c0:a0:2c:db:dc:c0:3e:e8:d3:02:b2:cf:0f:ef:
7f:a2:c3:a2:94:88:49:56:06:da:58:6b:3a:11:62:
7c:d3:1f:c4:ac:b2:47:f5:35:09:3b:f3:9b:b8:6c:
9f:c4:3d:dd:31:79:3f:ed:95:8a:1a:b4:eb:1e:1f:
75:c9:e4:64:b2:86:71:bf:e3:0b:35:e3:2e:53:24:
2d:41:8a:c3:fb:27:68:10:5a:9e:b2:d4:75:90:f3:
69:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:10:D5:8C:E1:1A:D7:D2:7C:BE:DE:FE:B5:AE:B8:C6:38:23:FC:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/321034CA783111F09730BFC4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.24.0/23
Signature Algorithm: sha256WithRSAEncryption
65:27:13:24:85:58:a5:00:a0:57:5a:07:1c:3d:6d:f8:89:73:
3d:0b:19:4a:49:a6:d2:d2:03:6d:54:0c:35:ca:22:99:b0:f9:
ff:1e:f3:d7:f2:8c:71:c5:3a:7b:ff:d3:d5:ea:c4:f4:ee:1a:
3a:51:fb:66:a3:62:4d:a3:1d:b3:92:14:35:c1:08:6b:18:9d:
d2:65:19:f3:d6:a5:aa:5d:48:87:d4:c3:b3:02:2f:ca:34:02:
1b:ef:44:bd:89:c8:5e:6a:6d:fc:6b:78:bf:69:b0:6b:47:28:
d2:88:14:79:73:06:0c:a3:7c:cc:c8:2a:fd:46:69:6c:36:98:
89:7a:ac:9c:67:55:54:9b:9a:26:1e:cc:5a:01:d6:21:a8:33:
cc:b7:79:a8:45:1d:87:dc:b4:93:a1:46:ca:40:64:1e:f0:b8:
1e:62:84:d6:cf:7b:6f:ed:23:c1:17:5b:ea:52:fb:93:a3:06:
a7:a9:df:3a:bc:26:dc:0f:22:58:f3:5e:7c:02:43:17:e6:22:
cf:fd:db:74:92:37:87:22:64:bd:7f:13:b9:6c:42:09:65:1c:
be:99:ff:c5:5b:88:b7:35:65:cc:4a:ec:02:7d:35:8a:17:ed:
93:c4:22:fb:ec:27:04:39:8a:f2:ac:aa:04:da:71:65:59:3d:
46:27:54:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZGaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODEzMTAzNTA5WhcNMjUxMTIzMTAzNTA5WjAYMRYw
FAYDVQQDEw02ODljNmE2Mi0yMWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmR4okmfG6gRWA+wrL4ldirzbrknAWWNcumMfE0g9Y8+RjkmtKMAG7vkk
I2SMoZOgCiRqmLziykG6dJ4bSQStl+JxZSli8z+9Wa8e0YLD+cp1Cp2fruizthpo
p/e2wi2cD67zIagxDoUQDQQKLEVJAAqhSyQVw5fgDy7cTBaAqdV/PUYXP3K36MFF
t8DcFLM6FDM4j1UDS2tMaWJ1Oope7YHMtUqOwKAs29zAPujTArLPD+9/osOilIhJ
VgbaWGs6EWJ80x/ErLJH9TUJO/ObuGyfxD3dMXk/7ZWKGrTrHh91yeRksoZxv+ML
NeMuUyQtQYrD+ydoEFqestR1kPNpQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBwQ
1YzhGtfSfL7e/rWuuMY4I/w5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjEwMzRDQTc4MzExMUYwOTczMEJGQzREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml0YMA0GCSqGSIb3DQEB
CwUAA4IBAQBlJxMkhVilAKBXWgccPW34iXM9CxlKSabS0gNtVAw1yiKZsPn/HvPX
8oxxxTp7/9PV6sT07ho6Uftmo2JNox2zkhQ1wQhrGJ3SZRnz1qWqXUiH1MOzAi/K
NAIb70S9icheam38a3i/abBrRyjSiBR5cwYMo3zMyCr9RmlsNpiJeqycZ1VUm5om
HsxaAdYhqDPMt3moRR2H3LSToUbKQGQe8LgeYoTWz3tv7SPBF1vqUvuTowanqd86
vCbcDyJY8158AkMX5iLP/dt0kjeHImS9fxO5bEIJZRy+mf/FW4i3NWXMSuwCfTWK
F+2TxCL77CcEOYryrKoE2nFlWT1GJ1TW
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:39:33 2025 by rpki-client