Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BF32A02737511F090A70CEADAE4EC9C.roa
File: 9BF32A02737511F090A70CEADAE4EC9C.roa (raw, json)
Hash identifier: /ASh916gXGrN6EkXFY/97fgr6Oc/1mNOpm0+6zx+XwI=
Subject key identifier: 89:6C:7A:9A:EB:BE:98:29:AE:CB:23:F3:8B:7A:FF:D8:21:06:2A:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0190F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BF32A02737511F090A70CEADAE4EC9C.roa
Signing time: Thu 07 Aug 2025 10:02:22 +0000
ROA not before: Thu 07 Aug 2025 10:02:17 +0000
ROA not after: Thu 11 Sep 2025 10:02:17 +0000
asID: 401615
IP address blocks: 154.82.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102642 (0x190f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 7 10:02:17 2025 GMT
Not After : Sep 11 10:02:17 2025 GMT
Subject: CN=689479ae-d96d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:12:cd:ef:23:7f:d2:dc:07:c4:5b:52:fb:44:
f6:fa:0b:c8:ed:13:c5:64:2a:7a:e5:85:c3:7a:ff:
d1:5c:2f:09:1b:af:d3:1e:b4:fe:84:9c:a7:a1:9f:
6f:5c:90:c6:f6:12:48:29:3f:ba:e1:62:ad:d9:05:
10:e7:d0:ee:39:7c:09:2f:68:25:61:a8:f5:17:04:
03:ab:a7:3d:52:ba:b1:67:c7:78:9e:c9:dd:b3:20:
13:a2:0b:23:68:96:ee:1a:c6:61:b8:b3:71:70:60:
af:90:6b:f2:8f:fd:56:28:f8:e3:47:93:b8:02:3e:
ef:4e:bb:e6:ec:c7:02:8c:2b:e9:98:7e:5d:5a:2a:
7f:20:f9:54:9d:15:14:0e:a2:0d:1d:4a:c8:d2:eb:
f8:be:6b:25:bb:84:f2:2e:e0:3d:61:b0:7b:c0:76:
ac:4b:f4:5c:41:f2:5b:fb:d0:6a:c0:f0:11:70:b4:
30:d1:9e:08:bb:07:2d:26:6c:7c:6d:59:40:6f:dd:
44:97:f8:ff:97:0c:a5:59:f2:e8:3f:ea:3f:57:ff:
86:08:6c:2e:2d:45:46:80:e8:77:c0:03:3d:af:9e:
67:e9:f4:b9:1e:5b:6b:2f:9b:c6:01:c8:0a:69:30:
c8:dd:71:42:07:9b:d6:9d:c2:59:e4:5a:46:93:0c:
f5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6C:7A:9A:EB:BE:98:29:AE:CB:23:F3:8B:7A:FF:D8:21:06:2A:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BF32A02737511F090A70CEADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.136.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:e1:e3:e2:57:15:4b:f8:1e:e6:8a:6f:fb:4b:73:2a:ae:32:
bc:83:d7:73:ef:04:cb:c4:63:95:f6:66:3c:f2:48:60:a6:9f:
93:03:98:53:95:1b:b2:a7:cb:80:d6:42:f2:51:b5:68:15:60:
b2:62:62:47:54:a3:32:a4:a5:89:25:b9:db:91:4e:92:9a:18:
55:eb:c8:69:3f:3f:78:46:fb:a5:ac:5f:48:17:09:ee:bc:cb:
5c:cb:a6:b2:17:75:97:de:fa:0a:d8:aa:3c:fc:ce:3a:9c:1c:
07:86:df:76:5a:1d:0f:30:7f:ca:cb:a4:b7:c8:53:2a:ea:9c:
48:36:9c:68:d7:ee:b4:10:06:77:eb:b1:70:cc:1f:ce:d7:d4:
8c:c6:c0:fc:ea:e7:fd:e4:aa:36:cb:c5:51:5f:c0:37:df:d1:
e4:6a:3b:53:96:8e:d7:7b:ae:56:ca:35:27:e3:a0:38:48:ba:
c0:e7:71:0b:ca:28:8a:35:57:60:dc:53:23:28:d0:07:15:fc:
ed:24:79:23:49:e6:59:9d:b5:82:62:b4:02:26:46:0a:35:97:
99:f5:36:e7:89:c9:a2:c7:27:cc:63:24:d1:43:85:bc:44:e7:
3d:17:a8:bc:41:ea:3b:5f:fd:9b:1b:5d:a9:79:6e:a0:62:89:
c1:c8:da:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZDyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODA3MTAwMjE3WhcNMjUwOTExMTAwMjE3WjAYMRYw
FAYDVQQDEw02ODk0NzlhZS1kOTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArhLN7yN/0twHxFtS+0T2+gvI7RPFZCp65YXDev/RXC8JG6/THrT+hJyn
oZ9vXJDG9hJIKT+64WKt2QUQ59DuOXwJL2glYaj1FwQDq6c9UrqxZ8d4nsndsyAT
ogsjaJbuGsZhuLNxcGCvkGvyj/1WKPjjR5O4Aj7vTrvm7McCjCvpmH5dWip/IPlU
nRUUDqINHUrI0uv4vmslu4TyLuA9YbB7wHasS/RcQfJb+9BqwPARcLQw0Z4Iuwct
Jmx8bVlAb91El/j/lwylWfLoP+o/V/+GCGwuLUVGgOh3wAM9r55n6fS5HltrL5vG
AcgKaTDI3XFCB5vWncJZ5FpGkwz1HwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIls
eprrvpgprssj84t6/9ghBiorMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QkYzMkEwMjczNzUxMUYwOTBBNzBDRUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlKIMA0GCSqGSIb3DQEB
CwUAA4IBAQC/4ePiVxVL+B7mim/7S3MqrjK8g9dz7wTLxGOV9mY88khgpp+TA5hT
lRuyp8uA1kLyUbVoFWCyYmJHVKMypKWJJbnbkU6SmhhV68hpPz94RvulrF9IFwnu
vMtcy6ayF3WX3voK2Ko8/M46nBwHht92Wh0PMH/Ky6S3yFMq6pxINpxo1+60EAZ3
67FwzB/O19SMxsD86uf95Ko2y8VRX8A339HkajtTlo7Xe65WyjUn46A4SLrA53EL
yiiKNVdg3FMjKNAHFfztJHkjSeZZnbWCYrQCJkYKNZeZ9TbnicmixyfMYyTRQ4W8
ROc9F6i8Qeo7X/2bG12peW6gYonByNrL
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:09:27 2025 by rpki-client