
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D595CC565A11F09F0A5F7BDAE4EC9C.roa
File: 43D595CC565A11F09F0A5F7BDAE4EC9C.roa (raw, json)
Hash identifier: C9ItrdERq/MFVB9TEs54hMKNQLlJ7+BlPijK8jVfP5o=
Subject key identifier: C3:81:8F:25:74:3D:0D:E5:36:74:30:EF:94:BD:60:48:B8:4D:A0:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D595CC565A11F09F0A5F7BDAE4EC9C.roa
Signing time: Tue 01 Jul 2025 09:03:35 +0000
ROA not before: Tue 01 Jul 2025 09:03:26 +0000
ROA not after: Wed 09 Jul 2025 09:03:26 +0000
asID: 23674
IP address blocks: 154.192.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 10:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100768 (0x189a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 1 09:03:26 2025 GMT
Not After : Jul 9 09:03:26 2025 GMT
Subject: CN=6863a467-04d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:59:44:1f:89:d7:66:07:5d:0d:88:de:ac:
56:36:e7:27:24:07:9b:20:8b:a9:7b:32:fd:20:68:
a8:f7:7b:15:2e:10:9d:0b:1a:22:03:3a:ed:e0:69:
47:67:18:8c:a9:18:a1:ee:d4:fd:db:fa:02:6b:24:
42:fd:6f:8a:2c:95:47:e1:0c:77:60:5b:b3:4e:e1:
97:d8:2c:17:16:83:fb:4f:1c:9f:e1:2e:82:72:1b:
3d:cf:1e:8b:7b:0b:83:63:c6:38:26:51:40:bd:af:
66:2c:73:1a:ec:01:8c:44:bd:2a:1f:73:bf:7e:5e:
1c:9e:11:29:f4:bf:09:f8:69:9d:e1:2c:eb:cc:72:
b0:c9:e6:ce:9c:3d:cc:e2:5b:f0:0d:ee:12:4d:f1:
38:d0:84:95:7d:8b:c5:d6:53:c0:b9:20:4a:da:50:
33:c0:43:8a:b9:f2:84:d3:7f:4a:c4:50:b2:fe:8e:
d9:0f:a3:a6:5d:fd:91:87:37:1a:8c:1d:e7:62:4c:
40:34:6a:a3:06:03:a4:5c:ba:76:39:55:6d:cb:ad:
65:5c:d2:e5:80:e4:aa:03:2e:e6:b4:69:94:0c:bb:
62:5d:fe:80:fa:4d:33:ef:20:40:b9:d8:a2:a9:17:
8e:82:b6:59:39:0a:b9:e5:d8:e3:07:6b:f4:0c:2c:
20:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:81:8F:25:74:3D:0D:E5:36:74:30:EF:94:BD:60:48:B8:4D:A0:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D595CC565A11F09F0A5F7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.192.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:3a:75:f9:c0:33:bf:ad:21:d7:21:fd:a5:08:de:be:dd:26:
03:24:5b:eb:ff:64:fb:b7:43:27:4a:c2:73:59:07:73:38:4a:
f8:80:b6:9f:36:78:18:4e:2e:7f:da:5b:ec:f9:90:0b:d4:60:
cb:10:2e:cf:d5:f8:6c:ff:0e:76:df:ad:2f:e0:28:89:ea:0f:
ed:35:b8:ee:1d:2d:93:e8:d3:0d:93:25:0f:4f:f1:47:5c:bf:
14:87:2e:91:8e:d5:b2:c9:9f:e8:1c:39:8f:1c:d6:c7:75:c2:
ef:b7:bb:27:56:49:df:b4:3e:cc:97:ae:d8:86:21:06:13:7b:
9f:b4:af:99:39:f7:7d:16:c0:83:7b:ea:27:c6:07:27:88:63:
1a:bc:d8:26:dd:e3:f2:91:94:24:8a:82:88:d9:ae:56:ce:ae:
7c:2a:1f:a6:1d:e5:b2:d5:e7:c7:09:d9:72:16:d3:f4:fe:10:
0e:ce:15:77:04:54:ad:3d:96:6f:fa:a0:b0:d7:31:3c:51:a6:
ca:37:1e:bc:53:8d:37:ec:05:d3:ee:ed:1f:9a:24:b3:11:f8:
bb:e8:66:f5:28:e0:45:3e:73:c5:44:8e:dd:5b:7c:cf:03:84:
62:34:c5:34:bd:a7:da:20:c6:8d:7b:a6:66:c2:81:40:7b:79:
ab:b2:29:75
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAYmgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAxMDkwMzI2WhcNMjUwNzA5MDkwMzI2WjAYMRYw
FAYDVQQDEw02ODYzYTQ2Ny0wNGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtgFZRB+J12YHXQ2I3qxWNucnJAebIIupezL9IGio93sVLhCdCxoiAzrt
4GlHZxiMqRih7tT92/oCayRC/W+KLJVH4Qx3YFuzTuGX2CwXFoP7Txyf4S6Cchs9
zx6LewuDY8Y4JlFAva9mLHMa7AGMRL0qH3O/fl4cnhEp9L8J+Gmd4SzrzHKwyebO
nD3M4lvwDe4STfE40ISVfYvF1lPAuSBK2lAzwEOKufKE039KxFCy/o7ZD6OmXf2R
hzcajB3nYkxANGqjBgOkXLp2OVVty61lXNLlgOSqAy7mtGmUDLtiXf6A+k0z7yBA
udiiqReOgrZZOQq55djjB2v0DCwgOQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMOB
jyV0PQ3lNnQw75S9YEi4TaDUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0Q1OTVDQzU2NUExMUYwOUYwQTVGN0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmsAwDQYJKoZIhvcNAQEL
BQADggEBABk6dfnAM7+tIdch/aUI3r7dJgMkW+v/ZPu3QydKwnNZB3M4SviAtp82
eBhOLn/aW+z5kAvUYMsQLs/V+Gz/DnbfrS/gKInqD+01uO4dLZPo0w2TJQ9P8Udc
vxSHLpGO1bLJn+gcOY8c1sd1wu+3uydWSd+0PsyXrtiGIQYTe5+0r5k5930WwIN7
6ifGByeIYxq82Cbd4/KRlCSKgojZrlbOrnwqH6Yd5bLV58cJ2XIW0/T+EA7OFXcE
VK09lm/6oLDXMTxRpso3HrxTjTfsBdPu7R+aJLMR+LvoZvUo4EU+c8VEjt1bfM8D
hGI0xTS9p9ogxo17pmbCgUB7eauyKXU=
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:35:53 2025 by rpki-client