Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E8299A076C811F09A19138BDAE4EC9C.roa
File: 4E8299A076C811F09A19138BDAE4EC9C.roa (raw, json)
Hash identifier: RxEHPe/OWGIdMHls2n8ZNfu7gVNRZQgoSDi+kjfaGKE=
Subject key identifier: C0:70:96:F2:E0:79:11:60:C8:9F:32:C8:76:24:C6:F0:C3:6D:83:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019157
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E8299A076C811F09A19138BDAE4EC9C.roa
Signing time: Mon 11 Aug 2025 15:31:53 +0000
ROA not before: Mon 11 Aug 2025 15:31:48 +0000
ROA not after: Wed 17 Sep 2025 15:31:48 +0000
asID: 22773
IP address blocks: 154.82.224.0/19 maxlen: 24
154.85.4.0/22 maxlen: 24
154.85.13.0/24 maxlen: 24
154.85.121.0/24 maxlen: 24
154.85.122.0/24 maxlen: 24
154.90.18.0/24 maxlen: 24
154.90.19.0/24 maxlen: 24
154.90.20.0/24 maxlen: 24
154.90.21.0/24 maxlen: 24
154.90.146.0/24 maxlen: 24
154.90.147.0/24 maxlen: 24
154.90.148.0/24 maxlen: 24
154.90.149.0/24 maxlen: 24
154.90.150.0/24 maxlen: 24
154.90.151.0/24 maxlen: 24
154.90.152.0/24 maxlen: 24
154.90.153.0/24 maxlen: 24
154.90.154.0/24 maxlen: 24
154.90.155.0/24 maxlen: 24
154.94.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102743 (0x19157)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 11 15:31:48 2025 GMT
Not After : Sep 17 15:31:48 2025 GMT
Subject: CN=689a0ce9-dffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4c:22:a2:c2:cb:79:b7:2b:67:24:f7:4e:6b:
34:bc:f9:bb:8e:0a:97:55:c9:22:8a:ad:64:bd:cb:
ae:ba:71:97:32:7a:92:06:40:0f:9c:c1:89:e9:e1:
08:1f:51:76:da:15:25:da:38:79:b4:ba:bf:48:58:
e9:b2:d5:f5:94:25:6f:a0:3d:c1:a6:a6:55:61:56:
51:68:a1:45:61:b5:c1:f4:b5:ec:18:77:53:f0:5b:
12:b4:be:75:ff:3a:63:1b:ee:49:13:d2:7f:5b:19:
c4:c4:05:37:de:33:c3:d3:61:1e:fb:da:a9:a1:e8:
bc:f5:19:38:3c:89:8b:ba:31:65:bc:46:dc:e4:fa:
13:a8:cb:3b:e2:d9:bb:36:54:8c:1e:25:88:a2:35:
89:91:59:7e:61:ce:65:9b:8b:70:74:a4:82:c9:9a:
29:d7:53:61:14:28:ac:f0:de:70:a7:f4:32:39:9a:
6e:e1:62:2d:5b:95:73:5b:e7:9f:16:85:74:15:95:
c4:f4:f1:8c:99:c1:37:6f:0e:6b:82:3e:d4:45:a1:
a8:f6:45:ad:f2:fb:5d:fa:83:48:47:f6:83:a3:0f:
ac:55:b1:6b:46:9f:be:84:2c:3d:17:dc:57:af:9b:
61:9a:da:7a:aa:ca:62:73:67:08:03:84:f7:c5:c0:
ca:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:70:96:F2:E0:79:11:60:C8:9F:32:C8:76:24:C6:F0:C3:6D:83:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E8299A076C811F09A19138BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.224.0/19
154.85.4.0/22
154.85.13.0/24
154.85.121.0-154.85.122.255
154.90.18.0-154.90.21.255
154.90.146.0-154.90.155.255
154.94.32.0/24
Signature Algorithm: sha256WithRSAEncryption
85:25:a1:bb:16:33:50:88:bb:1c:9e:80:dd:ec:52:40:18:2f:
e3:d2:76:51:73:41:39:9a:69:19:67:73:b5:37:02:64:a2:05:
3d:3e:d1:9b:62:9c:97:86:9d:d8:3c:2b:20:b8:8f:78:01:f3:
e2:ff:ef:be:f8:c8:ec:75:50:76:fd:78:59:c3:ea:4b:b9:24:
4c:b9:84:2f:ed:ad:1c:eb:46:43:a9:02:05:d2:5a:4a:20:f7:
c9:5b:61:2b:42:95:a6:2f:b5:d4:38:39:24:62:d0:24:9e:14:
fe:52:ab:21:ca:8b:a0:c7:04:4d:46:47:59:60:f0:7c:01:fd:
3e:9c:97:be:88:13:8c:fc:b7:d4:28:e0:b6:4f:7c:f9:f3:ae:
1d:64:62:d3:6d:e0:43:fd:97:66:af:aa:93:7b:5c:2c:bf:3e:
9b:5e:70:92:ab:cb:32:bb:73:03:f5:b0:f1:60:15:ad:b8:a0:
3b:b6:95:2e:73:37:62:15:b8:af:c5:5e:a3:80:92:0b:87:ca:
0f:5e:da:42:f9:6b:c6:2e:07:01:96:db:63:b3:bd:4f:6b:bf:
6c:66:5d:ff:5b:58:04:44:21:0d:f9:c1:06:de:d5:97:75:d2:
4e:36:15:1c:83:4a:2d:ea:de:f6:e4:63:2f:2e:0a:da:cb:78:
7f:4b:25:0f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIDAZFXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODExMTUzMTQ4WhcNMjUwOTE3MTUzMTQ4WjAYMRYw
FAYDVQQDEw02ODlhMGNlOS1kZmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv0wiosLLebcrZyT3Tms0vPm7jgqXVckiiq1kvcuuunGXMnqSBkAPnMGJ
6eEIH1F22hUl2jh5tLq/SFjpstX1lCVvoD3BpqZVYVZRaKFFYbXB9LXsGHdT8FsS
tL51/zpjG+5JE9J/WxnExAU33jPD02Ee+9qpoei89Rk4PImLujFlvEbc5PoTqMs7
4tm7NlSMHiWIojWJkVl+Yc5lm4twdKSCyZop11NhFCis8N5wp/QyOZpu4WItW5Vz
W+efFoV0FZXE9PGMmcE3bw5rgj7URaGo9kWt8vtd+oNIR/aDow+sVbFrRp++hCw9
F9xXr5thmtp6qspic2cIA4T3xcDKHwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFMBw
lvLgeRFgyJ8yyHYkxvDDbYMrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RTgyOTlBMDc2QzgxMUYwOUExOTEzOEJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQFmlLgAwQCmlUEAwQAmlUN
MAwDBACaVXkDBACaVXowDAMEAZpaEgMEAZpaFDAMAwQBmlqSAwQCmlqYAwQAml4g
MA0GCSqGSIb3DQEBCwUAA4IBAQCFJaG7FjNQiLscnoDd7FJAGC/j0nZRc0E5mmkZ
Z3O1NwJkogU9PtGbYpyXhp3YPCsguI94AfPi/++++MjsdVB2/XhZw+pLuSRMuYQv
7a0c60ZDqQIF0lpKIPfJW2ErQpWmL7XUODkkYtAknhT+UqshyougxwRNRkdZYPB8
Af0+nJe+iBOM/LfUKOC2T3z5864dZGLTbeBD/Zdmr6qTe1wsvz6bXnCSq8syu3MD
9bDxYBWtuKA7tpUuczdiFbivxV6jgJILh8oPXtpC+WvGLgcBlttjs71Pa79sZl3/
W1gERCEN+cEG3tWXddJONhUcg0ot6t725GMvLgray3h/SyUP
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:55:48 2025 by rpki-client