Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2D47A476D711F0B6FF62EBDAE4EC9C.roa
File: BF2D47A476D711F0B6FF62EBDAE4EC9C.roa (raw, json)
Hash identifier: bkXgQovlxf4oHCMiyljC8NbD1Q6pnFL0SAy431/QOAc=
Subject key identifier: 10:38:1B:82:5E:1A:F6:6E:0A:90:45:D3:99:EF:3E:79:27:A3:93:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01916B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2D47A476D711F0B6FF62EBDAE4EC9C.roa
Signing time: Mon 11 Aug 2025 17:22:25 +0000
ROA not before: Mon 11 Aug 2025 17:22:20 +0000
ROA not after: Thu 25 Sep 2025 17:22:20 +0000
asID: 20326
IP address blocks: 154.193.130.0/24 maxlen: 24
154.193.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102763 (0x1916b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 11 17:22:20 2025 GMT
Not After : Sep 25 17:22:20 2025 GMT
Subject: CN=689a26d1-a02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:eb:17:c5:62:7c:c0:ea:d2:f6:46:43:06:
cb:97:a6:4e:dc:48:81:d2:d7:df:42:5c:9e:38:52:
fc:5b:c7:89:a0:44:49:b5:29:4f:03:cb:fb:15:5b:
3f:22:49:50:da:6a:aa:97:6c:55:0e:64:c4:2d:a9:
20:0c:70:ec:62:bd:8e:07:2f:8d:cc:35:86:d7:55:
da:52:64:4d:1f:d5:39:c5:d7:09:6e:a3:67:65:fc:
91:1b:51:a0:66:5d:a0:95:fe:3e:0b:4d:7c:4b:1f:
bb:f9:95:da:94:73:3d:12:f5:78:6d:0f:79:c8:7c:
63:59:5d:ff:ac:ef:6f:19:23:c6:6b:07:68:e3:20:
82:d9:54:49:5e:a1:b9:9c:f1:56:5b:9c:74:00:98:
08:d6:f9:d6:8d:15:73:56:3a:20:fc:bc:fe:2a:49:
ba:03:bc:dd:72:9e:51:57:87:2b:18:29:2d:bc:a7:
d5:40:41:8d:bb:37:1d:17:d4:4c:2a:a5:27:a7:6b:
ba:e0:1d:a1:41:92:f4:6c:ba:f4:a3:d0:ef:ee:17:
a1:65:41:5c:e7:15:8b:87:c2:40:ba:4d:f0:27:e1:
98:59:14:0c:40:7d:3c:b8:6c:4a:cd:c1:ce:c4:d4:
ed:41:9a:6e:ea:81:c7:da:2a:de:42:64:73:0d:29:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:38:1B:82:5E:1A:F6:6E:0A:90:45:D3:99:EF:3E:79:27:A3:93:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF2D47A476D711F0B6FF62EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.130.0/24
154.193.132.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:53:4f:29:5e:4e:62:21:9f:1d:b7:27:93:e5:eb:34:55:cb:
83:ab:d9:8a:bf:b1:ff:77:17:ef:ca:52:34:f4:d2:5a:d0:1e:
62:8f:e3:41:c0:74:c2:fd:bf:d8:ff:e6:e5:62:84:ef:81:b3:
c3:3b:ca:4d:45:4f:69:c5:6e:81:c1:cb:75:31:7d:10:39:6e:
aa:3d:1e:f0:8f:3a:dd:8c:02:1f:2c:93:7a:b6:a3:c5:46:40:
ff:00:1c:3f:19:15:2d:e3:cf:41:28:56:f0:05:22:4f:56:56:
21:51:77:56:40:c0:6f:63:33:f4:f9:09:8b:78:8c:44:5a:c8:
d1:4d:95:44:c6:b7:1a:7d:6b:1a:45:ef:03:ea:ed:e8:c8:49:
aa:62:7a:b9:19:03:39:39:36:d6:de:45:23:df:c9:7d:6b:3a:
65:b3:76:5d:b7:b0:73:f5:47:13:dd:4d:77:41:a2:90:e5:42:
38:2d:83:13:2c:be:7a:f7:00:36:50:52:bc:78:98:23:44:10:
b2:d0:9a:95:0b:cf:f4:c6:fd:44:d2:ab:b1:bb:79:6b:6a:83:
a6:c5:09:3f:00:8f:96:fb:63:93:64:86:a6:bf:f7:22:88:61:
17:ea:bb:6c:9b:9b:71:9d:26:d3:8c:de:01:dc:4a:9d:1c:9d:
0d:97:04:36
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZFrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODExMTcyMjIwWhcNMjUwOTI1MTcyMjIwWjAYMRYw
FAYDVQQDEw02ODlhMjZkMS1hMDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtPDrF8VifMDq0vZGQwbLl6ZO3EiB0tffQlyeOFL8W8eJoERJtSlPA8v7
FVs/IklQ2mqql2xVDmTELakgDHDsYr2OBy+NzDWG11XaUmRNH9U5xdcJbqNnZfyR
G1GgZl2glf4+C018Sx+7+ZXalHM9EvV4bQ95yHxjWV3/rO9vGSPGawdo4yCC2VRJ
XqG5nPFWW5x0AJgI1vnWjRVzVjog/Lz+Kkm6A7zdcp5RV4crGCktvKfVQEGNuzcd
F9RMKqUnp2u64B2hQZL0bLr0o9Dv7hehZUFc5xWLh8JAuk3wJ+GYWRQMQH08uGxK
zcHOxNTtQZpu6oHH2ireQmRzDSk3EQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBA4
G4JeGvZuCpBF05nvPnkno5OcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjJENDdBNDc2RDcxMUYwQjZGRjYyRUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsGCAwQAmsGEMA0GCSqG
SIb3DQEBCwUAA4IBAQBfU08pXk5iIZ8dtyeT5es0VcuDq9mKv7H/dxfvylI09NJa
0B5ij+NBwHTC/b/Y/+blYoTvgbPDO8pNRU9pxW6Bwct1MX0QOW6qPR7wjzrdjAIf
LJN6tqPFRkD/ABw/GRUt489BKFbwBSJPVlYhUXdWQMBvYzP0+QmLeIxEWsjRTZVE
xrcafWsaRe8D6u3oyEmqYnq5GQM5OTbW3kUj38l9azpls3Zdt7Bz9UcT3U13QaKQ
5UI4LYMTLL569wA2UFK8eJgjRBCy0JqVC8/0xv1E0quxu3lraoOmxQk/AI+W+2OT
ZIamv/ciiGEX6rtsm5txnSbTjN4B3EqdHJ0NlwQ2
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:38 2025 by rpki-client