Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EC1EFDA79AB11F08A1DACE6DAE4EC9C.roa
File: 3EC1EFDA79AB11F08A1DACE6DAE4EC9C.roa (raw, json)
Hash identifier: vakWcXuWZxBb0/LK6p4vSUmS+GztrUY4vg+KDpXXpf0=
Subject key identifier: 80:11:7E:27:2C:DC:C2:29:B2:C2:48:EE:6C:5F:5E:F4:B3:F2:C6:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0191BB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EC1EFDA79AB11F08A1DACE6DAE4EC9C.roa
Signing time: Fri 15 Aug 2025 07:41:25 +0000
ROA not before: Fri 15 Aug 2025 07:41:19 +0000
ROA not after: Tue 11 Aug 2026 07:41:19 +0000
asID: 137962
IP address blocks: 154.209.0.0/24 maxlen: 24
154.209.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102843 (0x191bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 15 07:41:19 2025 GMT
Not After : Aug 11 07:41:19 2026 GMT
Subject: CN=689ee4a5-77f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4e:43:0a:71:b5:66:92:97:df:01:d7:95:f9:
0a:95:b0:c1:20:6b:de:21:3a:ec:e3:5f:00:eb:56:
2d:0e:ca:a9:cd:ed:54:65:e0:79:d2:3f:16:84:4d:
63:a1:cc:2b:ee:47:8b:4d:d3:e2:1e:d2:be:74:da:
45:26:ce:43:9a:e3:72:66:4e:ed:f3:fe:0d:cb:13:
65:ba:48:eb:73:c0:7e:93:91:a4:54:26:7a:d3:fc:
5f:df:10:86:da:ab:84:de:07:4f:19:78:8a:fc:a3:
94:b8:c4:4c:04:64:72:e6:c5:ad:f1:fd:ba:61:d4:
00:bb:71:7a:2f:e8:7b:4b:b0:91:c0:74:ae:c0:42:
15:a3:59:a6:6c:48:bd:a5:c8:7c:cc:ea:6a:ad:f5:
43:6c:cc:8b:c6:2e:c4:92:b7:66:7f:a8:cd:e0:21:
1e:9b:d1:de:3f:b6:c1:75:17:b7:b8:8c:02:01:c8:
6e:03:90:4c:83:8a:20:d7:6e:74:c4:02:b8:fd:6e:
d8:30:2e:08:4f:5b:04:c7:e6:28:0f:42:54:96:d9:
dc:63:04:e4:99:7d:1e:15:6f:28:bc:b8:b9:5e:c5:
e7:22:fb:1a:1c:cb:cc:a1:7a:e6:20:76:27:48:e7:
cc:02:3f:a9:43:34:fd:cf:0e:69:96:b4:b4:95:30:
b1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:11:7E:27:2C:DC:C2:29:B2:C2:48:EE:6C:5F:5E:F4:B3:F2:C6:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EC1EFDA79AB11F08A1DACE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.0.0/23
Signature Algorithm: sha256WithRSAEncryption
47:5c:e1:83:f8:28:ed:e6:57:26:89:de:04:83:12:8e:5b:31:
31:dc:a4:d4:4f:99:27:f8:e8:84:b6:52:2b:ad:cf:f4:f7:3a:
c5:9c:c0:27:49:c6:8d:8a:05:2b:d0:b0:ce:bf:d6:86:db:fb:
6d:29:e9:02:02:d9:5e:92:50:ac:48:fd:6d:23:e7:24:81:8a:
d8:6b:ab:f9:6a:4a:72:0c:cc:7a:0a:0d:23:15:52:47:ad:59:
4f:19:bb:50:a8:1a:64:89:54:82:c1:b0:c4:7a:8c:ed:a6:5c:
31:64:4d:5a:6c:a9:06:82:ed:db:61:e6:0f:dc:55:6e:08:a1:
5e:84:06:ed:c1:fb:eb:66:16:33:3b:75:17:a3:0d:2f:6e:4c:
c8:ff:e9:62:ef:74:6a:64:9b:01:ae:86:0f:da:47:ea:1b:3e:
a3:ca:a9:33:f0:03:7d:02:3f:10:f7:1e:df:37:f8:01:62:dd:
35:00:ec:c2:21:b6:1f:99:2f:44:cb:dd:8d:91:9a:65:83:7c:
14:79:6e:a5:da:8b:2d:0a:01:7f:03:f3:05:08:74:d5:6a:0c:
9e:32:e0:e5:e8:53:7e:4a:4c:3a:2a:2e:7a:e6:3f:20:3b:88:
90:73:25:bf:7e:f5:08:2c:14:6e:ef:35:77:a3:ff:0f:06:b7:
bb:3b:08:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZG7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE1MDc0MTE5WhcNMjYwODExMDc0MTE5WjAYMRYw
FAYDVQQDEw02ODllZTRhNS03N2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyE5DCnG1ZpKX3wHXlfkKlbDBIGveITrs418A61YtDsqpze1UZeB50j8W
hE1jocwr7keLTdPiHtK+dNpFJs5DmuNyZk7t8/4NyxNlukjrc8B+k5GkVCZ60/xf
3xCG2quE3gdPGXiK/KOUuMRMBGRy5sWt8f26YdQAu3F6L+h7S7CRwHSuwEIVo1mm
bEi9pch8zOpqrfVDbMyLxi7Ekrdmf6jN4CEem9HeP7bBdRe3uIwCAchuA5BMg4og
1250xAK4/W7YMC4IT1sEx+YoD0JUltncYwTkmX0eFW8ovLi5XsXnIvsaHMvMoXrm
IHYnSOfMAj+pQzT9zw5plrS0lTCxhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIAR
fics3MIpssJI7mxfXvSz8sYdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRUMxRUZEQTc5QUIxMUYwOEExREFDRTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtEAMA0GCSqGSIb3DQEB
CwUAA4IBAQBHXOGD+Cjt5lcmid4EgxKOWzEx3KTUT5kn+OiEtlIrrc/09zrFnMAn
ScaNigUr0LDOv9aG2/ttKekCAtleklCsSP1tI+ckgYrYa6v5akpyDMx6Cg0jFVJH
rVlPGbtQqBpkiVSCwbDEeoztplwxZE1abKkGgu3bYeYP3FVuCKFehAbtwfvrZhYz
O3UXow0vbkzI/+li73RqZJsBroYP2kfqGz6jyqkz8AN9Aj8Q9x7fN/gBYt01AOzC
IbYfmS9Ey92NkZplg3wUeW6l2ostCgF/A/MFCHTVagyeMuDl6FN+Skw6Ki565j8g
O4iQcyW/fvUILBRu7zV3o/8PBre7Owg/
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:49 2025 by rpki-client