Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE0D774C79BE11F0B1D63EE4DAE4EC9C.roa
File: BE0D774C79BE11F0B1D63EE4DAE4EC9C.roa (raw, json)
Hash identifier: OUxKlW7/XZ0ihl/szRgok42j6FZYxzXzeSJdLUu1MSs=
Subject key identifier: 61:7A:3B:68:EA:6F:C8:48:12:DD:E4:90:40:DD:92:36:E0:2C:14:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0191DA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE0D774C79BE11F0B1D63EE4DAE4EC9C.roa
Signing time: Fri 15 Aug 2025 10:00:59 +0000
ROA not before: Fri 15 Aug 2025 10:00:54 +0000
ROA not after: Tue 23 Sep 2025 10:00:54 +0000
asID: 63969
IP address blocks: 154.89.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102874 (0x191da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 15 10:00:54 2025 GMT
Not After : Sep 23 10:00:54 2025 GMT
Subject: CN=689f055b-a13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:19:ab:ce:f5:f4:25:b4:5c:10:bd:fe:bc:65:
8e:7c:1e:af:d9:5c:52:ee:4e:fc:40:90:6c:eb:25:
53:10:f1:e8:68:31:bd:f2:26:65:55:6a:99:1a:be:
3b:35:d4:5e:12:3a:fe:40:af:96:4f:36:a0:0f:16:
d8:eb:f6:56:8e:22:b7:ee:19:15:77:a2:9f:ee:d4:
29:44:e2:54:9d:87:07:21:b1:0f:61:b5:8c:27:88:
92:9b:d3:6f:be:7a:46:61:75:ff:7a:51:25:41:1a:
3e:2e:fc:1c:56:26:c7:94:1e:8c:c2:6d:d5:7d:b5:
e3:f1:de:f1:0c:67:4d:df:42:85:5e:c6:9d:1e:ac:
d6:8a:c1:39:32:6b:fa:0f:38:f4:03:9b:ff:9b:c9:
24:fe:c4:60:70:16:9d:f1:83:40:06:d2:5b:84:d1:
5d:8a:63:ca:dd:16:b5:df:a5:55:cc:b9:1b:9e:ec:
83:d5:ae:ce:17:25:9d:b1:85:77:ef:b5:03:a4:42:
ec:04:b8:d4:04:84:d4:55:ff:f7:f5:f5:12:ce:2d:
fd:10:51:fc:cc:b5:75:41:18:67:4b:f4:be:3e:70:
c6:97:e1:be:42:ab:34:86:ba:cd:ff:7f:51:f5:6e:
0c:8f:97:cd:04:a3:1b:a9:18:f7:af:c6:5c:ac:89:
7f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:7A:3B:68:EA:6F:C8:48:12:DD:E4:90:40:DD:92:36:E0:2C:14:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE0D774C79BE11F0B1D63EE4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.7.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:40:64:53:38:0b:4a:09:cc:5e:18:97:6d:20:04:24:48:7f:
96:d4:a3:b6:d1:d4:93:4d:df:93:69:44:8b:a8:8d:b2:d6:3b:
16:1f:e5:e4:74:f5:62:c6:66:17:bc:f4:b6:74:82:e8:59:29:
67:f2:99:99:7d:9c:cd:7a:3d:ec:de:61:c6:e4:1e:69:47:33:
6b:ea:19:5a:30:5e:b0:69:e2:d4:7a:8c:90:50:fd:9c:83:38:
f0:fc:b8:fc:12:3a:39:ea:d3:64:0c:e3:ba:b9:35:02:ce:8f:
96:85:12:52:5d:72:4e:0c:88:0f:97:9b:e9:32:ac:f1:85:ee:
12:3f:8e:ae:04:4f:ce:d2:f3:52:6c:12:43:2e:41:8c:16:be:
04:72:03:ae:d2:5d:1d:6c:84:0f:61:65:b2:ba:2f:2e:11:fb:
4d:97:bf:81:c6:d1:94:d8:ab:9b:14:c1:b6:55:c6:a2:89:f3:
79:73:46:8d:ce:4c:3a:59:a0:bd:7e:d3:dd:2e:2f:90:b7:35:
61:0b:50:7d:06:22:5c:5d:f6:c7:62:5c:6a:b9:a1:37:14:ef:
44:cd:ee:44:6c:2f:3f:b5:a7:ec:43:20:5e:fe:f4:1c:dd:a0:
4c:19:c4:bd:80:76:1b:48:fe:48:fd:ec:ee:53:91:3b:d2:a9:
ca:50:97:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZHaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE1MTAwMDU0WhcNMjUwOTIzMTAwMDU0WjAYMRYw
FAYDVQQDEw02ODlmMDU1Yi1hMTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApxmrzvX0JbRcEL3+vGWOfB6v2VxS7k78QJBs6yVTEPHoaDG98iZlVWqZ
Gr47NdReEjr+QK+WTzagDxbY6/ZWjiK37hkVd6Kf7tQpROJUnYcHIbEPYbWMJ4iS
m9NvvnpGYXX/elElQRo+LvwcVibHlB6Mwm3VfbXj8d7xDGdN30KFXsadHqzWisE5
Mmv6Dzj0A5v/m8kk/sRgcBad8YNABtJbhNFdimPK3Ra136VVzLkbnuyD1a7OFyWd
sYV377UDpELsBLjUBITUVf/39fUSzi39EFH8zLV1QRhnS/S+PnDGl+G+Qqs0hrrN
/39R9W4Mj5fNBKMbqRj3r8ZcrIl/VwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGF6
O2jqb8hIEt3kkEDdkjbgLBRFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTBENzc0Qzc5QkUxMUYwQjFENjNFRTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkHMA0GCSqGSIb3DQEB
CwUAA4IBAQCeQGRTOAtKCcxeGJdtIAQkSH+W1KO20dSTTd+TaUSLqI2y1jsWH+Xk
dPVixmYXvPS2dILoWSln8pmZfZzNej3s3mHG5B5pRzNr6hlaMF6waeLUeoyQUP2c
gzjw/Lj8Ejo56tNkDOO6uTUCzo+WhRJSXXJODIgPl5vpMqzxhe4SP46uBE/O0vNS
bBJDLkGMFr4EcgOu0l0dbIQPYWWyui8uEftNl7+BxtGU2KubFMG2VcaiifN5c0aN
zkw6WaC9ftPdLi+QtzVhC1B9BiJcXfbHYlxquaE3FO9Eze5EbC8/tafsQyBe/vQc
3aBMGcS9gHYbSP5I/ezuU5E70qnKUJez
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:14:51 2025 by rpki-client