Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC0A11F8751D11F09D4273B1DAE4EC9C.roa
File: BC0A11F8751D11F09D4273B1DAE4EC9C.roa (raw, json)
Hash identifier: hQ6wygTBLTpCJGqsgPQa7K3dQ51aIjVbgIzmGQB/wJQ=
Subject key identifier: BD:ED:E3:6A:64:F3:27:C1:54:00:95:61:F6:E0:BB:27:05:5A:CC:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01910B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC0A11F8751D11F09D4273B1DAE4EC9C.roa
Signing time: Sat 09 Aug 2025 12:38:23 +0000
ROA not before: Sat 09 Aug 2025 12:38:16 +0000
ROA not after: Sun 16 Aug 2026 12:38:16 +0000
asID: 141109
IP address blocks: 154.81.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102667 (0x1910b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 9 12:38:16 2025 GMT
Not After : Aug 16 12:38:16 2026 GMT
Subject: CN=6897413e-e278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:64:9e:fe:0a:95:2c:68:56:0a:d7:df:e2:
aa:d1:29:6c:9c:76:e5:1d:6d:35:c7:20:ea:60:24:
c0:6f:39:fd:0e:6c:57:f9:64:6b:59:50:a9:d3:b3:
5b:88:42:86:a3:1a:b1:70:52:67:41:35:96:c3:08:
f0:70:79:18:30:df:2c:0f:b8:c5:cf:59:0d:37:66:
70:fb:4a:9b:fb:bc:43:db:9f:4a:ec:b4:af:f8:ac:
c9:87:7e:ec:b8:a6:6f:eb:3e:98:8e:6b:b2:1e:7f:
68:0b:bc:83:12:19:48:df:d4:7e:d2:12:72:a1:2b:
1f:e6:ed:97:1e:bd:d9:ef:3f:86:af:fb:f8:0a:e8:
f4:1c:c3:8d:85:39:91:b2:12:01:ed:82:02:4f:b5:
fd:86:d5:97:ce:3a:67:be:12:b8:2c:09:fb:d0:5a:
49:43:5d:9c:27:44:76:2b:14:64:6b:be:0a:61:5f:
04:da:e9:6d:a0:fa:6b:31:15:20:f2:04:42:0e:9e:
30:da:bf:d1:80:60:1c:af:c3:8f:43:64:a9:1e:4a:
19:a9:8b:a4:b8:e2:51:56:a2:b0:1e:cd:4d:09:72:
dc:8a:18:23:51:2a:34:fe:4a:67:a0:a5:67:ce:06:
ab:9c:01:b2:26:1c:ee:81:92:f9:ea:66:c0:33:54:
6f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:ED:E3:6A:64:F3:27:C1:54:00:95:61:F6:E0:BB:27:05:5A:CC:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC0A11F8751D11F09D4273B1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.158.0/24
Signature Algorithm: sha256WithRSAEncryption
16:36:0d:ec:83:35:bd:2d:1a:2f:98:a1:04:a7:7d:f9:1b:6f:
53:de:df:34:89:58:5e:1b:00:be:31:19:c1:30:b8:24:82:2c:
78:6b:8a:cc:bb:3d:bd:ea:b7:de:7f:59:02:df:f5:1f:8f:e1:
6b:89:d2:b4:e0:a9:47:12:84:95:91:77:cf:8e:84:80:da:e3:
fd:a1:20:44:8c:dc:22:bf:47:f1:38:7b:af:ab:4b:b9:9c:14:
38:b3:b6:ce:25:4f:2f:3f:ee:b7:1b:5d:b6:51:ae:f8:42:cf:
1b:41:e6:34:8d:dd:ce:fa:2c:0b:09:2e:15:60:aa:1b:05:1a:
24:55:83:25:54:3e:98:60:f5:5b:6b:ef:cd:a1:fb:28:2b:a4:
e8:de:3e:a9:ab:3b:47:62:cd:a1:ff:6a:59:21:4e:01:50:97:
30:dd:cb:1e:1f:26:07:db:01:52:75:f3:c6:37:4e:86:19:3d:
d1:71:0d:bc:b4:5b:b0:79:3b:64:a1:95:75:f3:4a:fd:1d:5b:
2c:d3:1d:61:17:f7:9a:35:4a:43:70:bd:54:da:a7:67:f7:aa:
3c:31:d3:bb:7d:29:9e:a2:49:4a:82:f3:e5:31:1a:c2:52:e9:
58:c6:59:49:c0:20:b2:fc:a5:98:35:eb:4a:93:f5:81:0f:cd:
76:16:52:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZELMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODA5MTIzODE2WhcNMjYwODE2MTIzODE2WjAYMRYw
FAYDVQQDEw02ODk3NDEzZS1lMjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu51knv4KlSxoVgrX3+Kq0SlsnHblHW01xyDqYCTAbzn9DmxX+WRrWVCp
07NbiEKGoxqxcFJnQTWWwwjwcHkYMN8sD7jFz1kNN2Zw+0qb+7xD259K7LSv+KzJ
h37suKZv6z6YjmuyHn9oC7yDEhlI39R+0hJyoSsf5u2XHr3Z7z+Gr/v4Cuj0HMON
hTmRshIB7YICT7X9htWXzjpnvhK4LAn70FpJQ12cJ0R2KxRka74KYV8E2ultoPpr
MRUg8gRCDp4w2r/RgGAcr8OPQ2SpHkoZqYukuOJRVqKwHs1NCXLcihgjUSo0/kpn
oKVnzgarnAGyJhzugZL56mbAM1RvfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL3t
42pk8yfBVACVYfbguycFWsy4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQzBBMTFGODc1MUQxMUYwOUQ0MjczQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGeMA0GCSqGSIb3DQEB
CwUAA4IBAQAWNg3sgzW9LRovmKEEp335G29T3t80iVheGwC+MRnBMLgkgix4a4rM
uz296rfef1kC3/Ufj+FridK04KlHEoSVkXfPjoSA2uP9oSBEjNwiv0fxOHuvq0u5
nBQ4s7bOJU8vP+63G122Ua74Qs8bQeY0jd3O+iwLCS4VYKobBRokVYMlVD6YYPVb
a+/NofsoK6To3j6pqztHYs2h/2pZIU4BUJcw3cseHyYH2wFSdfPGN06GGT3RcQ28
tFuweTtkoZV180r9HVss0x1hF/eaNUpDcL1U2qdn96o8MdO7fSmeoklKgvPlMRrC
UulYxllJwCCy/KWYNetKk/WBD812FlJV
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:22:19 2025 by rpki-client