Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1AD64AE7EFD11F0B6BEA6AADAE4EC9C.roa
File: C1AD64AE7EFD11F0B6BEA6AADAE4EC9C.roa (raw, json)
Hash identifier: Y6rMUiTt0XYvdGIDNUCijdRBAQeVesgUx28Qy4X+a90=
Subject key identifier: 52:CE:E8:14:21:C5:BC:17:B5:3A:14:DE:C9:8F:E4:7D:7C:B2:72:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019428
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1AD64AE7EFD11F0B6BEA6AADAE4EC9C.roa
Signing time: Fri 22 Aug 2025 02:14:40 +0000
ROA not before: Fri 22 Aug 2025 02:14:35 +0000
ROA not after: Mon 03 Nov 2025 02:14:35 +0000
asID: 150706
IP address blocks: 154.218.6.0/24 maxlen: 24
154.218.7.0/24 maxlen: 24
154.218.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103464 (0x19428)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 22 02:14:35 2025 GMT
Not After : Nov 3 02:14:35 2025 GMT
Subject: CN=68a7d28f-49ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d0:c9:16:1c:cf:11:00:9a:e0:94:e8:b3:ca:
ab:87:45:3b:cd:75:7a:0a:32:12:1a:c6:c4:f3:85:
0f:4a:b5:b2:30:85:bd:b3:bf:3f:b5:2c:7c:25:35:
70:3f:93:c5:84:9e:67:1e:b3:28:e5:ea:88:6c:1b:
4d:c6:a0:53:be:c0:b1:22:78:d5:1f:68:46:04:5d:
3d:80:41:c3:d8:75:91:b6:d3:85:4b:ef:cc:a5:36:
82:32:96:c2:ad:e4:2b:9d:89:e4:4f:09:b8:cc:34:
9b:52:a2:81:3b:78:25:6a:ca:07:4d:23:bf:c7:72:
02:63:a9:27:1f:ec:c8:ea:09:12:0e:cc:e4:cd:01:
48:9b:70:3e:1a:f0:36:c7:1a:a8:eb:39:3c:72:6f:
6f:72:5d:2a:e7:3f:ee:69:00:1b:5e:87:82:15:a2:
80:cf:80:17:21:5a:a1:a6:33:0e:71:28:02:b6:52:
a0:9d:91:5c:e0:6b:74:1b:2c:d3:12:2b:fc:fc:e2:
06:5a:b3:16:38:de:b4:18:8e:ef:e0:1d:cc:8d:d8:
c5:b4:3c:9e:e1:34:25:4d:52:1f:ab:88:fd:51:50:
59:03:20:f8:21:82:c2:1e:9f:ce:d9:50:55:88:d9:
f1:55:23:5b:d2:6a:71:ee:1e:ab:8c:63:bc:00:33:
da:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CE:E8:14:21:C5:BC:17:B5:3A:14:DE:C9:8F:E4:7D:7C:B2:72:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1AD64AE7EFD11F0B6BEA6AADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.6.0-154.218.8.255
Signature Algorithm: sha256WithRSAEncryption
14:99:b3:39:6c:23:be:42:a2:9e:f6:05:a1:8c:b0:0d:72:a7:
cb:4d:09:03:2c:cb:11:bd:4a:33:97:aa:2c:eb:f0:bb:db:17:
a8:98:b4:8c:21:49:27:83:ba:f6:2d:f2:41:79:d5:53:e0:12:
00:fe:cf:4c:2b:65:e7:3b:c0:ee:3a:9b:86:eb:02:cb:3a:78:
b2:3e:af:02:25:96:bc:a6:39:bc:3e:78:9f:48:27:06:cb:66:
c8:44:d0:0c:fe:c2:3d:1b:08:92:de:24:27:69:f3:b6:3f:9e:
6d:91:9c:a8:f1:b3:33:21:65:35:22:a0:29:89:b6:5a:39:23:
fc:9c:2d:51:d0:d7:cc:b1:5a:72:d7:fc:17:25:3b:86:39:5b:
6c:dc:44:59:94:4d:48:bf:29:8c:83:f6:6a:f6:52:03:cf:64:
8d:f1:f0:47:9d:42:ed:a7:2e:6b:eb:61:76:8d:96:42:cb:1d:
fe:b9:c5:58:49:cd:d0:f3:fb:44:d4:88:7d:77:f5:9e:99:cb:
61:24:26:07:70:17:24:73:cb:4d:3e:29:03:88:5d:8e:6a:be:
4c:e4:38:0c:77:6a:81:cc:2a:dc:59:88:f3:43:d1:7b:59:bc:
b4:56:94:7c:37:c8:02:7f:a3:39:ac:21:78:3e:9d:76:46:f7:
56:7a:65:e7
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAZQoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIyMDIxNDM1WhcNMjUxMTAzMDIxNDM1WjAYMRYw
FAYDVQQDEw02OGE3ZDI4Zi00OWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy9DJFhzPEQCa4JTos8qrh0U7zXV6CjISGsbE84UPSrWyMIW9s78/tSx8
JTVwP5PFhJ5nHrMo5eqIbBtNxqBTvsCxInjVH2hGBF09gEHD2HWRttOFS+/MpTaC
MpbCreQrnYnkTwm4zDSbUqKBO3glasoHTSO/x3ICY6knH+zI6gkSDszkzQFIm3A+
GvA2xxqo6zk8cm9vcl0q5z/uaQAbXoeCFaKAz4AXIVqhpjMOcSgCtlKgnZFc4Gt0
GyzTEiv8/OIGWrMWON60GI7v4B3MjdjFtDye4TQlTVIfq4j9UVBZAyD4IYLCHp/O
2VBViNnxVSNb0mpx7h6rjGO8ADPaawIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFLO
6BQhxbwXtToU3smP5H18snKmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMUFENjRBRTdFRkQxMUYwQjZCRUE2QUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGa2gYDBACa2ggwDQYJ
KoZIhvcNAQELBQADggEBABSZszlsI75Cop72BaGMsA1yp8tNCQMsyxG9SjOXqizr
8LvbF6iYtIwhSSeDuvYt8kF51VPgEgD+z0wrZec7wO46m4brAss6eLI+rwIllrym
Obw+eJ9IJwbLZshE0Az+wj0bCJLeJCdp87Y/nm2RnKjxszMhZTUioCmJtlo5I/yc
LVHQ18yxWnLX/BclO4Y5W2zcRFmUTUi/KYyD9mr2UgPPZI3x8EedQu2nLmvrYXaN
lkLLHf65xVhJzdDz+0TUiH139Z6Zy2EkJgdwFyRzy00+KQOIXY5qvkzkOAx3aoHM
KtxZiPND0XtZvLRWlHw3yAJ/ozmsIXg+nXZG91Z6Zec=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:18:44 2025 by rpki-client