Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/618A25167E5911F0B4CF987BDAE4EC9C.roa
File: 618A25167E5911F0B4CF987BDAE4EC9C.roa (raw, json)
Hash identifier: n6/3oXSvMpC2tYTAruI8dXhd/VqufslvNQ4clbiq0yg=
Subject key identifier: 28:30:18:2A:AB:84:F9:5B:B5:DB:C5:67:2F:07:4B:A9:C1:7A:59:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0192BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/618A25167E5911F0B4CF987BDAE4EC9C.roa
Signing time: Thu 21 Aug 2025 06:38:01 +0000
ROA not before: Thu 21 Aug 2025 06:37:56 +0000
ROA not after: Sat 01 Nov 2025 06:37:56 +0000
asID: 150706
IP address blocks: 154.223.181.0/24 maxlen: 24
154.223.190.0/24 maxlen: 24
154.223.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103102 (0x192be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 21 06:37:56 2025 GMT
Not After : Nov 1 06:37:56 2025 GMT
Subject: CN=68a6bec8-27ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2a:0d:eb:2b:60:52:3f:fb:47:8e:7d:07:19:
42:26:1f:c6:2e:ef:b2:d2:30:b8:ea:c9:8c:c7:98:
a2:0b:2f:79:0b:cd:d7:4a:dc:95:4a:25:25:82:29:
75:a5:47:6e:8b:83:7f:89:bd:26:94:30:42:64:16:
91:e3:c4:84:f5:cf:2e:23:df:97:2c:7f:f2:ed:9c:
10:a8:e4:c8:d4:07:06:49:50:df:17:90:1a:2d:1c:
9b:10:3c:59:69:dc:10:ba:cc:8f:58:85:59:aa:2e:
b5:57:a1:f2:8e:fb:fa:4a:f0:60:2a:14:d6:8f:d8:
33:49:9b:aa:45:36:51:41:69:e3:75:d8:37:6a:b7:
b4:c2:00:39:94:2c:fc:21:2d:8c:3e:45:9c:fd:5b:
5d:ef:a0:9f:f7:7d:0a:ad:ab:e4:54:82:5a:a5:ec:
9f:aa:ca:5f:5d:42:0d:16:fe:a5:1a:fc:fa:f8:a8:
62:dc:0a:19:05:c9:89:07:fc:42:7e:b0:c9:18:ba:
79:39:35:79:c3:ab:9a:99:4a:28:65:be:fc:01:d0:
b9:35:dd:dd:45:cb:d4:ec:36:56:52:0a:9f:77:ad:
26:58:44:5d:63:17:6b:d7:96:6f:bb:36:e0:5f:44:
9f:1c:fc:a3:5c:63:20:c7:14:17:64:dc:24:3d:5e:
f3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:30:18:2A:AB:84:F9:5B:B5:DB:C5:67:2F:07:4B:A9:C1:7A:59:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/618A25167E5911F0B4CF987BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.181.0/24
154.223.190.0/23
Signature Algorithm: sha256WithRSAEncryption
40:3a:b0:28:0d:3d:fc:5a:35:6e:72:04:c2:a5:1b:e8:02:ee:
54:c7:32:c8:b7:57:e9:21:a1:9c:ba:41:b0:3a:a4:48:cd:4f:
3d:ff:a9:97:91:15:88:80:bc:e8:28:da:73:86:1e:7d:38:26:
95:ea:f9:85:c5:f2:ed:69:2d:d4:56:83:ec:4b:0c:f6:84:d4:
64:dd:29:30:43:ab:c9:2c:93:00:34:b9:e7:8c:95:d2:6a:75:
13:5f:a0:16:19:87:33:69:ce:6d:18:c3:9b:58:ef:e6:5b:20:
7d:83:72:92:c3:ef:03:14:df:54:0a:bf:be:38:1a:6f:60:89:
c9:8c:45:67:3e:46:4e:1e:b3:b6:b2:48:9a:b4:26:64:62:37:
88:f3:36:06:90:fe:2c:4c:ed:23:50:5d:dd:13:f3:34:bf:24:
f3:14:2f:b0:d7:c6:69:f4:67:74:01:3a:a2:87:20:3b:bf:fa:
c3:e9:12:ee:80:c8:b2:cf:b8:e2:f0:c8:1e:0b:04:4e:5b:0a:
c9:30:7f:ba:5f:04:d4:45:2a:75:27:aa:26:5b:4c:66:65:9d:
4c:a5:2a:e5:c3:aa:b7:3d:b5:06:f0:48:a8:1b:83:af:45:d8:
36:34:b1:37:88:f9:42:22:d2:82:63:c9:e2:bd:e2:97:b1:3e:
23:1c:f0:7d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZK+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIxMDYzNzU2WhcNMjUxMTAxMDYzNzU2WjAYMRYw
FAYDVQQDEw02OGE2YmVjOC0yN2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqyoN6ytgUj/7R459BxlCJh/GLu+y0jC46smMx5iiCy95C83XStyVSiUl
gil1pUdui4N/ib0mlDBCZBaR48SE9c8uI9+XLH/y7ZwQqOTI1AcGSVDfF5AaLRyb
EDxZadwQusyPWIVZqi61V6Hyjvv6SvBgKhTWj9gzSZuqRTZRQWnjddg3are0wgA5
lCz8IS2MPkWc/Vtd76Cf930KravkVIJapeyfqspfXUINFv6lGvz6+Khi3AoZBcmJ
B/xCfrDJGLp5OTV5w6uamUooZb78AdC5Nd3dRcvU7DZWUgqfd60mWERdYxdr15Zv
uzbgX0SfHPyjXGMgxxQXZNwkPV7zuQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCgw
GCqrhPlbtdvFZy8HS6nBelnRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MThBMjUxNjdFNTkxMUYwQjRDRjk4N0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmt+1AwQBmt++MA0GCSqG
SIb3DQEBCwUAA4IBAQBAOrAoDT38WjVucgTCpRvoAu5UxzLIt1fpIaGcukGwOqRI
zU89/6mXkRWIgLzoKNpzhh59OCaV6vmFxfLtaS3UVoPsSwz2hNRk3SkwQ6vJLJMA
NLnnjJXSanUTX6AWGYczac5tGMObWO/mWyB9g3KSw+8DFN9UCr++OBpvYInJjEVn
PkZOHrO2skiatCZkYjeI8zYGkP4sTO0jUF3dE/M0vyTzFC+w18Zp9Gd0ATqihyA7
v/rD6RLugMiyz7ji8MgeCwROWwrJMH+6XwTURSp1J6omW0xmZZ1MpSrlw6q3PbUG
8EioG4OvRdg2NLE3iPlCItKCY8niveKXsT4jHPB9
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:45:35 2025 by rpki-client