Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/62FF87DA7AC911F080556FA6DAE4EC9C.roa
File: 62FF87DA7AC911F080556FA6DAE4EC9C.roa (raw, json)
Hash identifier: cAUZHa+5+AJgub+9yGvpQL43ozL2YWPNT9JJC0QObGk=
Subject key identifier: 78:14:B1:65:4F:3B:0C:2D:E4:6C:1F:0E:A5:B2:BE:7B:92:25:C5:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0191E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/62FF87DA7AC911F080556FA6DAE4EC9C.roa
Signing time: Sat 16 Aug 2025 17:49:42 +0000
ROA not before: Sat 16 Aug 2025 17:49:37 +0000
ROA not after: Fri 27 Feb 2026 17:49:37 +0000
asID: 138195
IP address blocks: 154.208.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102889 (0x191e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 16 17:49:37 2025 GMT
Not After : Feb 27 17:49:37 2026 GMT
Subject: CN=68a0c4b6-c615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dc:07:b0:8b:e5:89:85:fa:d6:e9:53:8c:19:
9c:95:50:1a:18:7c:5b:5a:29:d1:4d:6c:c2:33:df:
a8:da:f9:2e:77:03:b1:80:b3:7c:7f:84:1a:e2:e8:
eb:a3:84:90:18:e2:0c:b0:d2:c5:70:1a:d2:10:4f:
02:50:58:e7:fb:df:46:84:1b:c3:20:42:ce:3f:44:
aa:33:9b:ed:e5:0a:da:45:14:94:01:5b:e9:84:a9:
83:9c:ad:6b:06:5c:2f:26:b1:ae:6f:f3:90:f9:73:
9c:fc:ee:ed:f7:8e:e8:58:eb:fc:74:9d:4c:80:d9:
12:86:81:43:de:6f:15:d0:79:61:73:14:6d:f0:9d:
30:2b:be:ab:d1:36:4b:33:c0:fc:98:37:2d:f0:2e:
91:9f:3b:21:0a:b6:94:7f:c0:aa:0c:7a:7d:4d:a0:
1d:84:46:73:a3:30:d8:cd:e6:59:8c:a8:6c:56:46:
f6:50:33:54:b4:6d:b8:82:43:95:58:d3:9e:21:ae:
77:4f:4d:22:86:3e:70:77:ab:1e:92:c7:ff:99:76:
db:92:22:f5:03:10:f7:a2:68:72:8d:8c:6d:69:e7:
54:19:03:3c:33:0a:45:b5:b3:fd:86:22:2b:66:19:
fe:dd:8c:bf:61:3c:50:80:80:09:7d:ad:89:99:61:
92:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:14:B1:65:4F:3B:0C:2D:E4:6C:1F:0E:A5:B2:BE:7B:92:25:C5:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/62FF87DA7AC911F080556FA6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.168.0/22
Signature Algorithm: sha256WithRSAEncryption
08:46:93:a3:a6:38:7e:ef:6b:45:b5:6f:1b:b0:e4:e7:8d:fc:
cd:e3:a3:7d:4e:f8:35:12:8f:0e:07:45:f4:37:6a:4d:4a:a5:
47:f3:ce:89:a3:a0:c1:cb:f0:f1:34:14:50:7b:fc:f4:93:50:
a1:e8:69:0a:eb:94:a6:23:5e:f4:b6:58:fb:5c:ab:4e:55:b1:
01:37:6d:f7:78:40:92:20:d0:1c:75:06:e6:72:75:ad:84:32:
10:9c:e2:aa:38:8c:9e:04:4f:24:25:dc:05:d3:34:4a:b2:5c:
9b:46:09:4a:52:95:86:15:7d:6b:79:48:d4:76:b4:dd:72:05:
43:49:e4:89:1d:c3:52:f0:34:4b:d4:ea:7a:19:4f:ec:8a:d6:
7f:98:8b:65:39:20:a1:73:82:03:44:25:27:92:3b:b0:f4:8e:
0a:aa:d3:bd:12:28:e1:c7:31:64:d6:16:38:1d:19:90:6d:e4:
12:e4:5a:27:47:41:dc:83:59:eb:f7:55:f5:b4:09:94:0c:8b:
bf:4f:02:66:1b:e0:ed:f8:86:af:f1:38:36:7f:ad:d1:96:2d:
fc:74:d1:27:c2:07:2c:8c:60:69:33:78:95:10:ff:b2:83:0e:
ce:40:d2:36:59:19:af:e1:35:a1:1e:0e:78:1f:9b:bc:11:97:
56:7e:7e:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZHpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE2MTc0OTM3WhcNMjYwMjI3MTc0OTM3WjAYMRYw
FAYDVQQDEw02OGEwYzRiNi1jNjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNwHsIvliYX61ulTjBmclVAaGHxbWinRTWzCM9+o2vkudwOxgLN8f4Qa
4ujro4SQGOIMsNLFcBrSEE8CUFjn+99GhBvDIELOP0SqM5vt5QraRRSUAVvphKmD
nK1rBlwvJrGub/OQ+XOc/O7t947oWOv8dJ1MgNkShoFD3m8V0HlhcxRt8J0wK76r
0TZLM8D8mDct8C6RnzshCraUf8CqDHp9TaAdhEZzozDYzeZZjKhsVkb2UDNUtG24
gkOVWNOeIa53T00ihj5wd6seksf/mXbbkiL1AxD3omhyjYxtaedUGQM8MwpFtbP9
hiIrZhn+3Yy/YTxQgIAJfa2JmWGSrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHgU
sWVPOwwt5GwfDqWyvnuSJcUoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MkZGODdEQTdBQzkxMUYwODA1NTZGQTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtCoMA0GCSqGSIb3DQEB
CwUAA4IBAQAIRpOjpjh+72tFtW8bsOTnjfzN46N9Tvg1Eo8OB0X0N2pNSqVH886J
o6DBy/DxNBRQe/z0k1Ch6GkK65SmI170tlj7XKtOVbEBN233eECSINAcdQbmcnWt
hDIQnOKqOIyeBE8kJdwF0zRKslybRglKUpWGFX1reUjUdrTdcgVDSeSJHcNS8DRL
1Op6GU/sitZ/mItlOSChc4IDRCUnkjuw9I4KqtO9EijhxzFk1hY4HRmQbeQS5Fon
R0Hcg1nr91X1tAmUDIu/TwJmG+Dt+Iav8Tg2f63Rli38dNEnwgcsjGBpM3iVEP+y
gw7OQNI2WRmv4TWhHg54H5u8EZdWfn7w
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:39 2025 by rpki-client