Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/866D8E7E7E6B11F0B9099EEFDAE4EC9C.roa
File: 866D8E7E7E6B11F0B9099EEFDAE4EC9C.roa (raw, json)
Hash identifier: lKLUS0aFizpqsFjRsyLRU8xBOMlOnitf7mMbY97rfg0=
Subject key identifier: F4:52:6F:80:23:7C:5A:04:D3:2E:80:BA:B1:0A:29:E0:A1:BD:03:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0192F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/866D8E7E7E6B11F0B9099EEFDAE4EC9C.roa
Signing time: Thu 21 Aug 2025 08:47:53 +0000
ROA not before: Thu 21 Aug 2025 08:47:48 +0000
ROA not after: Wed 05 Nov 2025 08:47:48 +0000
asID: 150750
IP address blocks: 154.208.61.0/24 maxlen: 24
154.208.62.0/24 maxlen: 24
154.208.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103158 (0x192f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 21 08:47:48 2025 GMT
Not After : Nov 5 08:47:48 2025 GMT
Subject: CN=68a6dd39-0541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2e:68:36:eb:67:3d:85:76:18:4e:f9:f9:42:
3c:29:2a:76:da:de:d3:97:0a:60:3c:34:73:29:16:
66:9a:01:62:e1:33:32:fe:99:f8:4d:1e:2d:07:27:
1f:69:02:a0:67:24:42:90:a0:6b:3a:74:af:53:04:
e9:32:ea:d8:0f:23:fd:a5:46:89:55:2d:2e:ce:96:
72:3e:df:81:86:bf:90:34:e2:eb:61:3c:d7:2d:2c:
85:7a:01:37:7a:0d:4a:a1:a0:5b:00:6f:df:51:72:
c3:ef:e9:e8:9d:55:6d:07:c1:78:aa:bd:76:c5:2d:
c7:40:69:7f:a2:01:f4:02:13:6c:fd:e6:df:57:c7:
49:be:ee:32:7e:56:86:a0:85:a2:41:c6:e1:0a:e6:
a8:57:ee:60:5b:25:f3:4a:97:73:bf:cf:6f:fd:5c:
aa:f6:ff:28:a0:1a:54:d6:18:0e:2f:3e:9d:74:2f:
37:22:dd:26:6f:6f:c8:1b:31:01:47:ef:c3:dd:71:
34:6e:0e:82:30:e6:ce:da:f8:f0:ab:1e:e5:29:81:
d6:26:6e:f3:ba:45:c9:e0:80:77:8b:8b:ba:65:72:
c5:6f:73:d8:45:e4:07:47:de:bd:73:9b:6c:a8:5e:
f9:86:d2:21:33:71:af:d2:ac:6c:ca:5c:00:06:bb:
83:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:52:6F:80:23:7C:5A:04:D3:2E:80:BA:B1:0A:29:E0:A1:BD:03:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/866D8E7E7E6B11F0B9099EEFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.61.0-154.208.63.255
Signature Algorithm: sha256WithRSAEncryption
9e:97:40:00:2c:58:b8:86:33:af:ac:6d:e2:ac:31:2e:98:f9:
90:67:c5:df:69:23:e3:5a:84:ce:4d:8a:0a:68:03:13:7a:0f:
d7:c2:53:e7:1a:6f:2d:3a:aa:25:27:69:fe:7b:4d:8d:b7:06:
97:74:48:c7:b3:fc:7f:ac:06:15:f3:16:a8:3a:0d:c1:81:7c:
1a:9a:4c:fd:93:df:21:03:b1:2f:aa:e7:c8:63:f3:30:0c:93:
28:5d:64:94:a8:b9:84:56:cd:27:c4:08:3d:78:02:06:ad:d7:
58:1b:bb:26:5b:5c:39:43:66:67:b4:6e:f9:79:b9:ba:fc:1d:
b5:5a:41:56:1c:97:b7:0d:48:e2:96:25:72:17:fe:76:91:f7:
c1:02:bd:d3:ad:cc:fc:1d:0c:ef:80:d2:56:b1:c2:8c:c3:da:
5e:44:11:cf:ae:69:d2:59:49:7a:8d:b4:32:68:c2:f8:74:3a:
06:b1:4c:4e:d6:12:91:1b:d5:bc:4d:c3:11:eb:a9:b1:0b:ad:
49:fd:bf:5d:d6:c7:8b:00:5a:de:95:a7:96:e0:99:77:db:6b:
18:0f:9c:d7:89:80:3d:99:21:65:a6:43:54:7a:71:f3:ef:e2:
38:62:c3:46:4d:26:b9:f5:40:03:14:16:54:df:4b:be:d1:e3:
0e:71:7e:a9
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAZL2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIxMDg0NzQ4WhcNMjUxMTA1MDg0NzQ4WjAYMRYw
FAYDVQQDEw02OGE2ZGQzOS0wNTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAri5oNutnPYV2GE75+UI8KSp22t7TlwpgPDRzKRZmmgFi4TMy/pn4TR4t
BycfaQKgZyRCkKBrOnSvUwTpMurYDyP9pUaJVS0uzpZyPt+Bhr+QNOLrYTzXLSyF
egE3eg1KoaBbAG/fUXLD7+nonVVtB8F4qr12xS3HQGl/ogH0AhNs/ebfV8dJvu4y
flaGoIWiQcbhCuaoV+5gWyXzSpdzv89v/Vyq9v8ooBpU1hgOLz6ddC83It0mb2/I
GzEBR+/D3XE0bg6CMObO2vjwqx7lKYHWJm7zukXJ4IB3i4u6ZXLFb3PYReQHR969
c5tsqF75htIhM3Gv0qxsylwABruDUwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPRS
b4AjfFoE0y6AurEKKeChvQOhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjZEOEU3RTdFNkIxMUYwQjkwOTlFRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACa0D0DBAaa0AAwDQYJ
KoZIhvcNAQELBQADggEBAJ6XQAAsWLiGM6+sbeKsMS6Y+ZBnxd9pI+NahM5Nigpo
AxN6D9fCU+caby06qiUnaf57TY23Bpd0SMez/H+sBhXzFqg6DcGBfBqaTP2T3yED
sS+q58hj8zAMkyhdZJSouYRWzSfECD14Agat11gbuyZbXDlDZme0bvl5ubr8HbVa
QVYcl7cNSOKWJXIX/naR98ECvdOtzPwdDO+A0laxwozD2l5EEc+uadJZSXqNtDJo
wvh0OgaxTE7WEpEb1bxNwxHrqbELrUn9v13Wx4sAWt6Vp5bgmXfbaxgPnNeJgD2Z
IWWmQ1R6cfPv4jhiw0ZNJrn1QAMUFlTfS77R4w5xfqk=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:46:59 2025 by rpki-client