Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/589F4E9E7CD911F0A46B4BA7DAE4EC9C.roa
File: 589F4E9E7CD911F0A46B4BA7DAE4EC9C.roa (raw, json)
Hash identifier: +j3IM7y92sHCoVwVOn1YKwfMezXPjALAp9MCnl6FvwU=
Subject key identifier: 28:D7:B7:62:39:E3:08:EE:7E:80:ED:AD:C9:B7:AA:61:80:DE:1A:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01922E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/589F4E9E7CD911F0A46B4BA7DAE4EC9C.roa
Signing time: Tue 19 Aug 2025 08:48:59 +0000
ROA not before: Tue 19 Aug 2025 08:48:54 +0000
ROA not after: Thu 28 Aug 2025 08:48:54 +0000
asID: 209242
IP address blocks: 154.219.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102958 (0x1922e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 19 08:48:54 2025 GMT
Not After : Aug 28 08:48:54 2025 GMT
Subject: CN=68a43a7b-f171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:10:14:5d:b4:f8:61:d5:a6:ad:d8:50:d0:70:
ea:b1:a7:e1:c2:b9:04:f9:f5:8e:d7:fa:4c:b1:b4:
47:ca:31:86:21:c6:fe:90:73:a9:47:8d:e8:2a:c4:
f7:32:10:30:b8:97:99:cb:b3:a0:cb:93:6d:a3:87:
75:6d:cb:ed:db:2e:a9:1b:c6:44:a7:9d:68:a3:b9:
31:4b:a0:97:65:91:18:6c:69:3d:36:4b:54:57:c1:
3f:3a:67:1f:c6:66:28:53:ea:bc:47:5b:6b:ae:50:
76:e7:ba:7d:4d:5f:fa:ac:60:43:56:63:87:1f:72:
21:89:8f:91:55:58:ef:dc:d9:93:1d:9c:1b:67:e2:
23:9b:05:e8:00:56:95:73:f7:37:09:34:19:92:e4:
76:d1:a5:3d:ac:91:e2:3d:64:ff:1a:21:f1:80:64:
62:92:5a:5f:8f:c1:04:86:b3:7f:91:02:41:65:c4:
9c:1d:a3:75:14:b2:01:e4:f1:09:d2:b2:2d:93:d7:
17:91:5c:96:20:c5:bc:24:5b:46:fe:76:48:45:cd:
b6:61:8a:a7:2c:9a:67:1e:82:20:90:d6:56:0e:ee:
e4:fa:eb:b1:01:79:f7:1b:fe:89:d3:53:fb:7e:d2:
e8:d5:b7:7b:3d:68:3f:f6:af:e1:47:9e:25:3a:5c:
b9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D7:B7:62:39:E3:08:EE:7E:80:ED:AD:C9:B7:AA:61:80:DE:1A:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/589F4E9E7CD911F0A46B4BA7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.2.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:01:9c:77:3f:6d:63:48:b7:ab:da:e1:b4:f5:b5:83:88:2a:
35:f8:69:a9:33:07:f1:3f:d5:cf:b9:e4:6b:79:26:be:8e:b0:
98:61:74:a1:5f:c8:32:e1:50:29:37:35:c1:78:ed:9c:d3:a0:
84:83:0a:ab:57:39:41:6b:29:d4:16:3b:d5:c2:25:ee:52:6e:
fa:cc:94:54:49:21:08:3c:71:2b:57:ab:c7:14:68:12:43:df:
c6:06:9c:26:55:05:6f:45:08:29:76:90:84:1e:2c:3d:e4:ec:
2e:ff:ab:94:13:ff:f6:4c:a4:2e:3e:cc:dd:17:d9:06:bd:2c:
81:63:b7:70:92:01:9d:4b:a0:69:55:f7:77:42:1b:d6:29:31:
33:0b:49:32:a6:15:7f:0e:6c:fe:24:e4:fd:8a:2e:fa:bb:74:
57:2f:a7:62:9c:b0:23:12:d0:41:c8:26:d3:45:70:89:69:e0:
d7:22:a9:0b:18:30:61:d2:30:a9:d9:15:be:84:81:25:40:a5:
a2:6c:10:c5:4e:57:f4:4e:5e:a9:ca:7f:7c:16:c4:78:53:5c:
b7:71:84:2b:73:d7:5f:2a:39:6b:a2:fa:a3:1b:9e:d5:c9:cb:
c3:1d:77:dc:20:72:51:99:a3:9f:71:04:a4:58:7e:68:b8:8f:
ba:66:4e:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZIuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE5MDg0ODU0WhcNMjUwODI4MDg0ODU0WjAYMRYw
FAYDVQQDEw02OGE0M2E3Yi1mMTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyBAUXbT4YdWmrdhQ0HDqsafhwrkE+fWO1/pMsbRHyjGGIcb+kHOpR43o
KsT3MhAwuJeZy7Ogy5Nto4d1bcvt2y6pG8ZEp51oo7kxS6CXZZEYbGk9NktUV8E/
OmcfxmYoU+q8R1trrlB257p9TV/6rGBDVmOHH3IhiY+RVVjv3NmTHZwbZ+IjmwXo
AFaVc/c3CTQZkuR20aU9rJHiPWT/GiHxgGRiklpfj8EEhrN/kQJBZcScHaN1FLIB
5PEJ0rItk9cXkVyWIMW8JFtG/nZIRc22YYqnLJpnHoIgkNZWDu7k+uuxAXn3G/6J
01P7ftLo1bd7PWg/9q/hR54lOly5eQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCjX
t2I54wjufoDtrcm3qmGA3hqkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81ODlGNEU5RTdDRDkxMUYwQTQ2QjRCQTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtsCMA0GCSqGSIb3DQEB
CwUAA4IBAQAfAZx3P21jSLer2uG09bWDiCo1+GmpMwfxP9XPueRreSa+jrCYYXSh
X8gy4VApNzXBeO2c06CEgwqrVzlBaynUFjvVwiXuUm76zJRUSSEIPHErV6vHFGgS
Q9/GBpwmVQVvRQgpdpCEHiw95Owu/6uUE//2TKQuPszdF9kGvSyBY7dwkgGdS6Bp
Vfd3QhvWKTEzC0kyphV/Dmz+JOT9ii76u3RXL6dinLAjEtBByCbTRXCJaeDXIqkL
GDBh0jCp2RW+hIElQKWibBDFTlf0Tl6pyn98FsR4U1y3cYQrc9dfKjlrovqjG57V
ycvDHXfcIHJRmaOfcQSkWH5ouI+6Zk76
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:34:03 2025 by rpki-client