Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEC15EE7EAB11F086815394DAE4EC9C.roa
File: 7AEC15EE7EAB11F086815394DAE4EC9C.roa (raw, json)
Hash identifier: LHPDrvhRlyWr+2UtlrlRRXE51mMJvCbdJ+QSiT1Ll90=
Subject key identifier: CC:AF:D2:E2:B9:FF:83:BF:C7:25:10:85:C4:0A:D7:3C:66:D2:56:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0193E0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEC15EE7EAB11F086815394DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 16:25:42 +0000
ROA not before: Thu 21 Aug 2025 16:25:37 +0000
ROA not after: Wed 21 Aug 2030 16:25:37 +0000
asID: 17561
IP address blocks: 154.90.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103392 (0x193e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 21 16:25:37 2025 GMT
Not After : Aug 21 16:25:37 2030 GMT
Subject: CN=68a74886-32a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:29:bf:48:bf:63:07:d5:1e:b2:1d:f9:a2:a5:
94:e8:26:b2:49:73:c8:b7:76:73:61:4a:3e:d7:1d:
b8:ef:c2:bd:44:2a:35:1f:14:37:83:dc:ca:1f:18:
7d:63:cf:af:b2:5e:f7:3d:80:f2:2c:70:94:de:0a:
13:cf:ef:fa:7d:2a:d5:c0:46:1f:57:04:78:99:09:
4a:0c:c5:1a:f2:51:e2:44:cd:9b:75:a8:df:ac:9f:
04:47:c5:08:5f:e5:84:86:28:f9:47:a1:d9:36:bf:
ec:ce:d6:46:e2:9d:e7:9d:23:9e:ce:28:90:6f:0d:
b1:a0:2f:2f:a1:f8:3d:b4:18:a0:39:ac:71:ec:33:
33:6f:be:96:04:ab:63:cb:66:d4:3c:98:ec:bd:6e:
15:77:15:93:c0:b7:84:31:98:7a:6b:cf:82:6f:69:
5d:fe:75:79:cd:28:5e:94:d8:8d:6e:72:5f:a9:d0:
2d:00:88:70:34:f1:12:d1:b1:65:e3:54:9c:d4:5f:
bd:a7:c4:f2:5f:01:4a:97:14:5b:38:5f:88:19:e5:
17:b6:00:b1:c0:4b:93:ad:a8:65:2e:ec:77:24:85:
63:5d:5e:c2:7a:65:f6:60:f0:6c:de:95:11:3b:8a:
c1:90:9e:12:d8:aa:4a:20:5c:a2:33:f3:6d:3b:ca:
7a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AF:D2:E2:B9:FF:83:BF:C7:25:10:85:C4:0A:D7:3C:66:D2:56:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEC15EE7EAB11F086815394DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.128.0/17
Signature Algorithm: sha256WithRSAEncryption
47:98:d7:ba:f0:b9:86:4a:31:c1:24:28:41:4c:95:2d:dd:15:
8a:91:40:ba:ce:7b:24:0e:91:00:f1:c8:06:03:6f:eb:7c:d5:
35:d6:17:a1:67:ca:3c:f5:93:90:5f:9c:2b:40:90:a3:bc:11:
dd:3c:7d:1d:2b:8f:e7:fd:95:ef:05:ad:d5:44:21:47:95:f6:
b6:61:3c:26:2f:8e:bd:7c:3b:17:8b:a3:81:1c:e1:2d:42:d5:
f2:f9:f6:77:6d:da:55:25:39:a8:3d:75:85:96:ff:5c:ba:4f:
02:81:75:90:2b:d0:bd:d3:1f:7a:4f:d6:8f:44:14:a4:bf:02:
53:51:16:ee:cd:f2:e4:fc:cc:c0:88:a9:6a:0b:f0:b5:14:bc:
04:b8:46:97:fb:62:ea:6c:cd:21:a9:e6:5d:eb:c1:9c:74:73:
da:19:39:1e:84:0c:bd:91:92:d6:1a:dc:1f:81:27:e0:6f:ca:
a7:bb:c9:62:f6:e4:45:e4:29:48:65:e8:2a:de:0b:45:68:90:
ea:9b:c4:45:11:5c:c7:f1:b8:be:c4:20:d6:13:88:a7:1d:8d:
79:f7:4b:71:39:c0:bb:fe:eb:d0:6d:9e:aa:d1:fd:f0:e0:69:
96:67:34:b1:1c:6b:2d:75:f9:77:15:b1:cb:cc:1a:0f:8c:6e:
69:dc:84:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZPgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIxMTYyNTM3WhcNMzAwODIxMTYyNTM3WjAYMRYw
FAYDVQQDEw02OGE3NDg4Ni0zMmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+Cm/SL9jB9Uesh35oqWU6CaySXPIt3ZzYUo+1x2478K9RCo1HxQ3g9zK
Hxh9Y8+vsl73PYDyLHCU3goTz+/6fSrVwEYfVwR4mQlKDMUa8lHiRM2bdajfrJ8E
R8UIX+WEhij5R6HZNr/sztZG4p3nnSOeziiQbw2xoC8vofg9tBigOaxx7DMzb76W
BKtjy2bUPJjsvW4VdxWTwLeEMZh6a8+Cb2ld/nV5zShelNiNbnJfqdAtAIhwNPES
0bFl41Sc1F+9p8TyXwFKlxRbOF+IGeUXtgCxwEuTrahlLux3JIVjXV7CemX2YPBs
3pURO4rBkJ4S2KpKIFyiM/NtO8p6xwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMyv
0uK5/4O/xyUQhcQK1zxm0lbfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QUVDMTVFRTdFQUIxMUYwODY4MTUzOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHmlqAMA0GCSqGSIb3DQEB
CwUAA4IBAQBHmNe68LmGSjHBJChBTJUt3RWKkUC6znskDpEA8cgGA2/rfNU11heh
Z8o89ZOQX5wrQJCjvBHdPH0dK4/n/ZXvBa3VRCFHlfa2YTwmL469fDsXi6OBHOEt
QtXy+fZ3bdpVJTmoPXWFlv9cuk8CgXWQK9C90x96T9aPRBSkvwJTURbuzfLk/MzA
iKlqC/C1FLwEuEaX+2LqbM0hqeZd68GcdHPaGTkehAy9kZLWGtwfgSfgb8qnu8li
9uRF5ClIZegq3gtFaJDqm8RFEVzH8bi+xCDWE4inHY1590txOcC7/uvQbZ6q0f3w
4GmWZzSxHGstdfl3FbHLzBoPjG5p3IQb
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:59:08 2025 by rpki-client