Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3720B8627F4411F093C7E384DAE4EC9C.roa
File: 3720B8627F4411F093C7E384DAE4EC9C.roa (raw, json)
Hash identifier: e2toQ4qEr41IuM3eFvYDOSppgaRviz+C9WjP+9SbEag=
Subject key identifier: 18:25:AE:C7:1A:C0:E2:EF:8D:A6:C5:8F:03:0D:C7:8F:7F:91:F5:06
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019491
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3720B8627F4411F093C7E384DAE4EC9C.roa
Signing time: Fri 22 Aug 2025 10:39:01 +0000
ROA not before: Fri 22 Aug 2025 10:38:56 +0000
ROA not after: Mon 01 Sep 2025 10:38:56 +0000
asID: 54801
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103569 (0x19491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 22 10:38:56 2025 GMT
Not After : Sep 1 10:38:56 2025 GMT
Subject: CN=68a848c5-4f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:84:e2:f0:93:fe:c1:30:2f:77:f8:a0:d3:c5:
da:91:b8:23:a3:fc:5e:f3:3d:3f:11:0f:f5:ff:df:
bb:b9:d6:2e:f9:82:e5:4a:2b:7e:8d:a7:2c:91:38:
6d:ae:53:8a:97:17:0a:cb:fe:49:b1:dc:31:9a:fc:
5a:20:a1:a6:d0:50:25:d6:60:5c:f8:a0:ed:06:5a:
d1:67:36:22:84:a8:c2:64:36:a3:26:de:66:b4:90:
90:bb:5a:af:74:93:2e:63:9a:51:7c:d7:0a:e5:ba:
6c:a8:0b:d2:6d:8e:90:a9:42:3f:0e:d3:1d:9c:37:
0f:4f:00:8a:05:ac:83:0d:9c:04:59:94:9c:88:7a:
c2:8b:14:95:f4:3a:59:de:22:8a:88:a3:11:c7:fe:
a2:f6:f0:2e:d4:0f:d7:02:fc:aa:95:42:09:7e:0d:
a4:12:fb:a6:11:53:af:18:da:1c:19:a7:1a:3c:0d:
73:a4:41:6f:63:28:6c:fa:17:06:55:05:47:cc:5a:
4c:0e:45:13:eb:3e:07:1d:f3:e3:9b:90:40:49:aa:
02:26:92:0e:74:60:34:92:c8:c5:82:a1:0e:f2:84:
f1:d9:e5:04:13:15:74:cb:ed:25:fc:5f:0c:45:74:
0c:85:d3:0b:80:f8:29:84:0c:74:a1:7d:09:b1:fc:
2e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:25:AE:C7:1A:C0:E2:EF:8D:A6:C5:8F:03:0D:C7:8F:7F:91:F5:06
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3720B8627F4411F093C7E384DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
05:8d:f8:1f:a9:ec:2d:8a:bc:4f:d7:34:3d:d7:1d:f0:ac:9b:
13:ae:d3:a5:0d:8e:be:f7:fe:0e:0c:6f:d6:06:40:36:56:bc:
7c:5e:82:1b:3c:df:85:f7:12:54:7c:cd:c1:a3:a3:56:3b:9c:
8a:20:3e:25:04:fe:98:77:06:d0:6a:a8:d7:15:d7:b5:99:b9:
f1:72:b4:66:7f:e9:cf:ce:1c:c8:69:91:47:38:43:7f:e8:f0:
41:81:68:89:4c:25:99:74:17:d2:d3:a2:49:35:0f:38:33:28:
32:c8:64:72:73:f9:1a:40:f3:d3:88:56:e9:cc:d3:4a:68:82:
95:cc:19:6f:61:6e:5c:b1:22:f3:9b:d3:ca:a4:bb:76:b9:3c:
3e:ce:c6:e3:c5:cd:fc:b1:5e:45:72:52:27:fc:8b:0f:67:68:
6d:4c:ca:54:42:bc:3c:6d:a2:e1:fd:b3:5a:87:6c:eb:4f:6b:
00:17:b2:b6:eb:b3:82:26:d4:7e:0f:bb:ce:cb:e9:74:a8:6e:
8d:d0:3a:f8:88:90:1f:b6:49:22:92:60:b2:cd:ce:b6:73:61:
16:3e:16:d6:6d:c4:8b:b9:6f:40:e0:90:95:cb:65:52:2b:72:
ad:34:5d:4e:90:3d:bd:8c:16:04:87:cb:da:05:77:08:70:95:
86:69:10:d3
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZSRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIyMTAzODU2WhcNMjUwOTAxMTAzODU2WjAYMRYw
FAYDVQQDEw02OGE4NDhjNS00ZjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoYTi8JP+wTAvd/ig08Xakbgjo/xe8z0/EQ/1/9+7udYu+YLlSit+jacs
kThtrlOKlxcKy/5JsdwxmvxaIKGm0FAl1mBc+KDtBlrRZzYihKjCZDajJt5mtJCQ
u1qvdJMuY5pRfNcK5bpsqAvSbY6QqUI/DtMdnDcPTwCKBayDDZwEWZSciHrCixSV
9DpZ3iKKiKMRx/6i9vAu1A/XAvyqlUIJfg2kEvumEVOvGNocGacaPA1zpEFvYyhs
+hcGVQVHzFpMDkUT6z4HHfPjm5BASaoCJpIOdGA0ksjFgqEO8oTx2eUEExV0y+0l
/F8MRXQMhdMLgPgphAx0oX0JsfwuoQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBgl
rscawOLvjabFjwMNx49/kfUGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNzIwQjg2MjdGNDQxMUYwOTNDN0UzODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQAFjfgfqewtirxP1zQ91x3wrJsTrtOlDY6+9/4ODG/WBkA2
Vrx8XoIbPN+F9xJUfM3Bo6NWO5yKID4lBP6YdwbQaqjXFde1mbnxcrRmf+nPzhzI
aZFHOEN/6PBBgWiJTCWZdBfS06JJNQ84MygyyGRyc/kaQPPTiFbpzNNKaIKVzBlv
YW5csSLzm9PKpLt2uTw+zsbjxc38sV5FclIn/IsPZ2htTMpUQrw8baLh/bNah2zr
T2sAF7K267OCJtR+D7vOy+l0qG6N0Dr4iJAftkkikmCyzc62c2EWPhbWbcSLuW9A
4JCVy2VSK3KtNF1OkD29jBYEh8vaBXcIcJWGaRDT
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:51:53 2025 by rpki-client