Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99738DE07C6611F0A3A34EADDAE4EC9C.roa
File: 99738DE07C6611F0A3A34EADDAE4EC9C.roa (raw, json)
Hash identifier: 5CsbIjgubjtT0tt3PDpZUtCPXf71RCinPtXigM1x/oo=
Subject key identifier: 7C:41:2E:ED:0B:C0:84:D4:5E:54:F2:5A:D7:97:CE:50:D4:5E:BB:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019229
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99738DE07C6611F0A3A34EADDAE4EC9C.roa
Signing time: Mon 18 Aug 2025 19:07:35 +0000
ROA not before: Mon 18 Aug 2025 19:07:30 +0000
ROA not after: Fri 28 Apr 2028 19:07:30 +0000
asID: 17561
IP address blocks: 154.84.126.0/24 maxlen: 24
154.84.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102953 (0x19229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 18 19:07:30 2025 GMT
Not After : Apr 28 19:07:30 2028 GMT
Subject: CN=68a379f7-6d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:af:28:7f:0f:0c:01:ae:9a:e0:9c:da:1b:06:
04:8a:9c:c2:42:4f:be:1b:c4:4b:82:4e:e9:0c:f1:
62:7a:37:07:36:74:b6:8a:66:23:83:86:e5:98:bf:
c9:4f:5c:e8:51:3b:78:48:b5:09:7d:5c:7a:b0:e8:
5b:f9:17:51:e6:79:81:9f:c9:22:d1:9a:08:4b:bb:
bc:44:1f:24:1c:ab:47:ba:11:8c:4b:26:bc:20:e0:
57:dd:6e:6f:12:8b:9a:b4:e0:e1:a2:7a:7b:1c:17:
6d:f2:b8:ce:e0:b8:8b:ca:bd:1d:d2:00:c6:eb:80:
f3:f2:7a:12:bb:2a:11:57:61:09:cf:bb:bd:83:3d:
d9:6f:58:8e:8b:58:ff:0d:dd:8b:5e:81:fc:40:ec:
59:4b:92:b1:38:4b:30:e1:a0:04:6e:a4:be:bb:a8:
68:d8:bb:25:7e:13:d1:11:90:12:4b:93:83:65:6c:
e2:5f:b0:ab:16:1a:53:8c:0e:85:7a:ef:75:25:83:
f9:2b:2f:97:c3:20:29:e9:ad:43:d2:83:d4:79:3e:
fd:9d:8d:19:f6:53:68:20:bc:fe:6e:c1:f2:24:e4:
6f:9d:1b:ef:1e:44:17:c2:62:a2:bb:92:53:80:c0:
3a:91:02:bc:ee:ed:cc:be:62:89:0b:e3:27:2e:ec:
f6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:41:2E:ED:0B:C0:84:D4:5E:54:F2:5A:D7:97:CE:50:D4:5E:BB:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99738DE07C6611F0A3A34EADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.126.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:84:fd:8f:c1:39:6a:10:aa:c5:df:10:04:e5:80:f9:51:a2:
21:bd:1c:3a:fb:d4:75:6d:92:6b:d4:bb:ac:7a:fd:f6:8f:d0:
56:91:f7:0c:61:94:68:11:54:ea:d0:90:5d:a2:c0:13:1f:e3:
e5:16:19:1e:8a:0d:65:ab:e2:cc:e9:7a:54:92:93:be:42:56:
17:ca:a6:68:61:88:ae:3a:7c:04:32:45:25:93:c1:f4:4b:85:
70:fe:8d:93:f1:96:e5:67:d2:ce:a8:6f:9b:f2:bd:1e:db:ae:
b2:7e:a7:91:e1:83:ce:b3:c8:b1:6d:c7:6a:58:b2:da:67:1e:
3e:fa:05:59:ed:f8:3d:3a:90:83:ed:16:ab:bc:7e:6a:60:d4:
9b:a2:4a:a2:e4:b6:44:17:25:39:f1:6b:30:9d:38:7d:a5:71:
79:fa:60:c3:64:15:71:38:66:7b:6d:73:87:51:f8:0b:04:32:
73:4a:5b:ec:1e:ba:d4:86:40:95:76:7c:dd:fc:e6:70:d9:13:
7a:d4:90:37:9c:27:c7:26:93:f2:55:fe:42:6f:c1:ec:f1:b0:
c8:c8:ea:bd:2f:27:37:24:58:45:69:c3:52:89:a9:90:cd:ee:
75:38:48:61:b3:84:01:88:cb:65:03:e4:64:fc:32:5a:e5:ff:
79:13:a3:e7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZIpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE4MTkwNzMwWhcNMjgwNDI4MTkwNzMwWjAYMRYw
FAYDVQQDEw02OGEzNzlmNy02ZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyq8ofw8MAa6a4JzaGwYEipzCQk++G8RLgk7pDPFiejcHNnS2imYjg4bl
mL/JT1zoUTt4SLUJfVx6sOhb+RdR5nmBn8ki0ZoIS7u8RB8kHKtHuhGMSya8IOBX
3W5vEouatODhonp7HBdt8rjO4LiLyr0d0gDG64Dz8noSuyoRV2EJz7u9gz3Zb1iO
i1j/Dd2LXoH8QOxZS5KxOEsw4aAEbqS+u6ho2LslfhPREZASS5ODZWziX7CrFhpT
jA6Feu91JYP5Ky+XwyAp6a1D0oPUeT79nY0Z9lNoILz+bsHyJORvnRvvHkQXwmKi
u5JTgMA6kQK87u3MvmKJC+MnLuz2LQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHxB
Lu0LwITUXlTyWteXzlDUXrtlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OTczOERFMDdDNjYxMUYwQTNBMzRFQUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlR+MA0GCSqGSIb3DQEB
CwUAA4IBAQC1hP2PwTlqEKrF3xAE5YD5UaIhvRw6+9R1bZJr1Lusev32j9BWkfcM
YZRoEVTq0JBdosATH+PlFhkeig1lq+LM6XpUkpO+QlYXyqZoYYiuOnwEMkUlk8H0
S4Vw/o2T8ZblZ9LOqG+b8r0e266yfqeR4YPOs8ixbcdqWLLaZx4++gVZ7fg9OpCD
7RarvH5qYNSbokqi5LZEFyU58WswnTh9pXF5+mDDZBVxOGZ7bXOHUfgLBDJzSlvs
HrrUhkCVdnzd/OZw2RN61JA3nCfHJpPyVf5Cb8Hs8bDIyOq9Lyc3JFhFacNSiamQ
ze51OEhhs4QBiMtlA+Rk/DJa5f95E6Pn
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:37 2025 by rpki-client