Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B011795C7ACE11F0B6E8E9C5DAE4EC9C.roa
File: B011795C7ACE11F0B6E8E9C5DAE4EC9C.roa (raw, json)
Hash identifier: aTNUJyexDnur4ezk1Wxd4nimchjZdqgQBJEKo5kjhi8=
Subject key identifier: 87:61:1B:72:31:41:0D:17:2A:39:78:3B:B7:2C:9F:9D:32:42:96:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0191F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B011795C7ACE11F0B6E8E9C5DAE4EC9C.roa
Signing time: Sat 16 Aug 2025 18:27:39 +0000
ROA not before: Sat 16 Aug 2025 18:27:34 +0000
ROA not after: Sat 23 Aug 2025 18:27:34 +0000
asID: 150750
IP address blocks: 154.208.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Aug 2025 18:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102899 (0x191f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 16 18:27:34 2025 GMT
Not After : Aug 23 18:27:34 2025 GMT
Subject: CN=68a0cd9b-535c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:de:21:25:3d:32:4d:6f:b7:8a:16:93:5d:
37:9d:b4:e2:01:71:25:56:44:f4:b0:2e:fb:9a:f4:
7a:85:f1:ac:07:67:6d:1f:68:6c:bd:75:54:d8:a0:
e8:92:15:b8:b0:12:87:c9:45:f7:0b:df:94:25:30:
38:e8:59:95:3d:b6:54:f1:69:b6:02:03:54:dc:9b:
5e:b5:4c:55:61:bd:56:13:68:32:6a:9b:65:6a:e0:
f0:ba:e0:40:d2:54:c1:94:64:4b:5b:01:3e:26:2a:
26:36:d8:b0:e7:2b:8a:23:44:8e:70:29:45:f6:bd:
82:6b:8f:d4:83:f3:c5:34:f6:a5:42:81:bd:30:c5:
52:72:6e:0a:2e:36:b0:c5:73:1a:ee:52:d0:b5:d0:
4d:8c:e7:12:bd:44:60:4e:a2:f9:b1:16:d8:b3:7b:
75:ce:86:1c:43:dd:8f:25:d3:ee:10:c2:78:ab:05:
f0:a2:86:9c:19:e6:2a:fe:89:13:a4:c4:8e:66:14:
27:71:90:f9:b7:9a:56:35:2f:74:7c:48:b9:ea:93:
b4:40:1b:02:d7:6f:13:de:0a:16:bd:37:b0:f3:3e:
a8:3e:76:21:39:5f:c9:38:20:27:36:7c:9d:b9:f0:
25:0e:b6:71:36:43:9d:8d:e5:26:c0:49:2e:36:4e:
aa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:61:1B:72:31:41:0D:17:2A:39:78:3B:B7:2C:9F:9D:32:42:96:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B011795C7ACE11F0B6E8E9C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
15:76:fa:e3:2e:59:e7:34:f5:af:f7:f5:8e:33:6c:a0:47:a4:
83:ea:d4:1b:19:eb:f9:c4:48:be:1a:52:d7:ba:57:91:27:63:
0d:65:4b:bc:f8:df:c1:ac:4e:f6:14:33:d1:33:ba:f0:f7:cb:
64:9a:38:9d:0d:ee:1e:09:3a:14:ca:b2:69:43:fb:23:19:a4:
f3:dc:70:68:25:8f:ae:30:7e:12:5e:c8:86:fd:ec:b6:c8:7d:
3e:d7:cb:12:db:fd:35:c2:54:fb:7f:11:5d:f0:ca:7d:98:07:
08:32:f4:18:b0:99:90:b3:4b:c6:bf:04:cb:e5:f0:ab:e6:cc:
d2:9b:99:4b:9a:d4:5e:8c:62:63:76:e2:66:70:40:3f:05:d8:
36:ea:be:b9:37:dd:45:92:33:7b:b3:cf:7d:24:80:79:ef:ab:
ab:45:44:d7:7c:ea:f1:49:65:2e:47:05:48:9a:b2:05:c5:62:
66:ac:1b:97:dd:a7:5c:24:e5:82:dd:ef:0f:e0:42:ed:3b:ea:
34:fa:d4:ab:48:6d:7a:76:9c:18:64:de:54:dc:3c:be:93:2e:
9d:47:e4:fc:2d:49:06:55:5c:15:d5:48:f3:ee:92:53:1a:b3:
c5:bb:62:05:bb:57:29:bd:88:71:df:c5:60:fa:38:63:3e:b1:
d4:78:f9:d0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZHzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE2MTgyNzM0WhcNMjUwODIzMTgyNzM0WjAYMRYw
FAYDVQQDEw02OGEwY2Q5Yi01MzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA18reISU9Mk1vt4oWk103nbTiAXElVkT0sC77mvR6hfGsB2dtH2hsvXVU
2KDokhW4sBKHyUX3C9+UJTA46FmVPbZU8Wm2AgNU3JtetUxVYb1WE2gyaptlauDw
uuBA0lTBlGRLWwE+JiomNtiw5yuKI0SOcClF9r2Ca4/Ug/PFNPalQoG9MMVScm4K
LjawxXMa7lLQtdBNjOcSvURgTqL5sRbYs3t1zoYcQ92PJdPuEMJ4qwXwooacGeYq
/okTpMSOZhQncZD5t5pWNS90fEi56pO0QBsC128T3goWvTew8z6oPnYhOV/JOCAn
NnydufAlDrZxNkOdjeUmwEkuNk6qGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIdh
G3IxQQ0XKjl4O7csn50yQpZAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMDExNzk1QzdBQ0UxMUYwQjZFOEU5QzVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtAgMA0GCSqGSIb3DQEB
CwUAA4IBAQAVdvrjLlnnNPWv9/WOM2ygR6SD6tQbGev5xEi+GlLXuleRJ2MNZUu8
+N/BrE72FDPRM7rw98tkmjidDe4eCToUyrJpQ/sjGaTz3HBoJY+uMH4SXsiG/ey2
yH0+18sS2/01wlT7fxFd8Mp9mAcIMvQYsJmQs0vGvwTL5fCr5szSm5lLmtRejGJj
duJmcEA/Bdg26r65N91FkjN7s899JIB576urRUTXfOrxSWUuRwVImrIFxWJmrBuX
3adcJOWC3e8P4ELtO+o0+tSrSG16dpwYZN5U3Dy+ky6dR+T8LUkGVVwV1Ujz7pJT
GrPFu2IFu1cpvYhx38Vg+jhjPrHUePnQ
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:21:32 2025 by rpki-client