
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0D9A7B44E9311F0A370F4E8DAE4EC9C.roa
File: A0D9A7B44E9311F0A370F4E8DAE4EC9C.roa (raw, json)
Hash identifier: FtXJKlKXULvfl2kxmdx/Zfj7QV7ni4ygrTeXkbcgn5A=
Subject key identifier: C9:A0:85:40:EE:03:FE:9F:9F:F9:C8:DE:54:46:C6:46:DC:7B:77:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0187BC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0D9A7B44E9311F0A370F4E8DAE4EC9C.roa
Signing time: Sat 21 Jun 2025 11:34:01 +0000
ROA not before: Sat 21 Jun 2025 11:33:57 +0000
ROA not after: Sun 27 Jul 2025 11:33:57 +0000
asID: 395793
IP address blocks: 154.83.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100284 (0x187bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 21 11:33:57 2025 GMT
Not After : Jul 27 11:33:57 2025 GMT
Subject: CN=685698a9-0a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b2:d3:0b:11:ed:a6:79:a8:59:a1:79:36:15:
8a:b1:eb:0e:1e:3a:6c:9f:6f:e4:97:24:e4:86:ba:
cb:9f:5b:a3:17:2d:25:bd:c3:e3:b2:1a:7e:96:d2:
a2:ab:d7:ec:44:a5:77:3b:c5:bb:6f:87:49:b1:ad:
96:08:33:db:07:a4:da:c4:43:db:f8:e8:a3:3e:05:
67:71:01:f0:13:36:95:84:d7:c5:bd:eb:db:19:64:
be:ba:a9:dd:9d:3d:99:15:b9:7d:0d:1e:56:c7:4d:
af:c9:32:71:2f:ee:14:c3:94:ad:7c:e7:a9:8d:ec:
f9:6a:d0:ac:55:aa:ec:5e:2c:75:e0:6e:50:76:d9:
eb:0b:b5:6f:0e:e9:67:e9:d6:27:ea:56:8c:f4:f3:
d1:7d:f1:ee:df:9d:83:72:ec:1d:a0:1d:91:6e:52:
1b:08:15:9f:2d:c4:89:3e:e0:51:c6:46:0f:52:a5:
67:ad:85:c2:b2:c8:2f:2b:66:97:a9:69:4d:ba:bb:
1b:30:bf:35:08:d1:aa:98:2b:d3:08:d5:ea:18:33:
b0:c3:48:5d:e7:b3:f6:48:3b:26:6d:f6:25:f4:ee:
3f:f9:b3:13:d2:ea:27:88:36:4e:42:1c:ab:59:2a:
83:e5:c1:d0:23:db:4a:1c:8b:00:d0:c1:8f:01:cd:
47:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A0:85:40:EE:03:FE:9F:9F:F9:C8:DE:54:46:C6:46:DC:7B:77:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0D9A7B44E9311F0A370F4E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.104.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:83:95:0a:a8:02:99:0f:a6:a5:9a:3c:a8:ee:a5:bf:31:3f:
2e:17:04:e1:89:c1:2f:5a:20:fd:46:38:c4:3d:c0:9d:8e:4b:
2c:6a:cc:57:00:c9:56:a2:3c:3e:bb:65:02:f6:92:ad:e8:57:
27:93:65:58:38:3b:8a:df:c9:df:e4:dd:b9:fd:75:a4:fd:31:
b2:4d:54:d0:02:09:13:31:30:39:65:89:ff:c9:e6:d5:1e:4e:
a9:ad:b5:1b:47:5c:00:80:ea:41:5e:51:0a:75:3f:d8:3a:34:
17:f0:e0:f9:69:a4:eb:20:12:b5:16:c9:97:ab:89:c7:f4:2a:
dd:cc:3f:a8:62:02:09:e0:27:3a:2d:d5:05:81:81:84:0c:13:
6c:f0:df:bc:b9:de:84:db:f1:fc:fd:8a:6a:61:4e:1a:65:d6:
41:a4:96:a4:74:23:44:89:05:8e:8e:57:62:4e:af:87:ea:66:
d8:12:65:a8:5e:51:bf:e0:fb:3f:37:fe:c0:32:66:64:c8:b8:
8d:ce:ba:18:26:6f:f4:25:c7:a3:2b:0f:2a:7f:89:6e:a6:00:
32:1f:2f:af:73:75:90:06:ea:3a:12:f3:f8:c7:aa:34:61:15:
fa:1a:36:45:76:33:a5:0a:7a:ae:75:2d:3f:14:08:58:bd:36:
17:d6:07:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYe8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjIxMTEzMzU3WhcNMjUwNzI3MTEzMzU3WjAYMRYw
FAYDVQQDEw02ODU2OThhOS0wYTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2bLTCxHtpnmoWaF5NhWKsesOHjpsn2/klyTkhrrLn1ujFy0lvcPjshp+
ltKiq9fsRKV3O8W7b4dJsa2WCDPbB6TaxEPb+OijPgVncQHwEzaVhNfFvevbGWS+
uqndnT2ZFbl9DR5Wx02vyTJxL+4Uw5StfOepjez5atCsVarsXix14G5QdtnrC7Vv
Duln6dYn6laM9PPRffHu352DcuwdoB2RblIbCBWfLcSJPuBRxkYPUqVnrYXCssgv
K2aXqWlNursbML81CNGqmCvTCNXqGDOww0hd57P2SDsmbfYl9O4/+bMT0uoniDZO
QhyrWSqD5cHQI9tKHIsA0MGPAc1HVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMmg
hUDuA/6fn/nI3lRGxkbce3cOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMEQ5QTdCNDRFOTMxMUYwQTM3MEY0RThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlNoMA0GCSqGSIb3DQEB
CwUAA4IBAQAvg5UKqAKZD6almjyo7qW/MT8uFwThicEvWiD9RjjEPcCdjkssasxX
AMlWojw+u2UC9pKt6Fcnk2VYODuK38nf5N25/XWk/TGyTVTQAgkTMTA5ZYn/yebV
Hk6prbUbR1wAgOpBXlEKdT/YOjQX8OD5aaTrIBK1FsmXq4nH9CrdzD+oYgIJ4Cc6
LdUFgYGEDBNs8N+8ud6E2/H8/YpqYU4aZdZBpJakdCNEiQWOjldiTq+H6mbYEmWo
XlG/4Ps/N/7AMmZkyLiNzroYJm/0JcejKw8qf4lupgAyHy+vc3WQBuo6EvP4x6o0
YRX6GjZFdjOlCnqudS0/FAhYvTYX1ges
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:57:30 2025 by rpki-client