Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA0EC51879D311F09E7CFEE9DAE4EC9C.roa
File: CA0EC51879D311F09E7CFEE9DAE4EC9C.roa (raw, json)
Hash identifier: 8gLPcV0siYxtjN7vZnlnoRYYpKgOjN07/L4BCTva+sY=
Subject key identifier: D2:46:33:34:C4:8F:A6:FB:D7:70:DD:AF:98:59:E9:0A:3E:9D:D5:71
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0191E4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA0EC51879D311F09E7CFEE9DAE4EC9C.roa
Signing time: Fri 15 Aug 2025 12:31:39 +0000
ROA not before: Fri 15 Aug 2025 12:31:33 +0000
ROA not after: Sun 05 Oct 2025 12:31:33 +0000
asID: 20326
IP address blocks: 154.193.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102884 (0x191e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 15 12:31:33 2025 GMT
Not After : Oct 5 12:31:33 2025 GMT
Subject: CN=689f28ab-9f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f7:30:a0:cb:0e:a0:8f:17:9e:f0:fa:ca:ea:
9b:02:81:e5:89:9d:76:4b:31:3e:83:71:3c:4c:6c:
ef:8b:83:75:6c:55:52:18:25:b9:4a:63:a0:97:09:
10:f0:8f:49:f7:f7:ff:2c:77:d4:34:61:fd:23:97:
81:af:de:44:db:de:ae:2b:1d:d1:6b:eb:4a:d9:9a:
a9:bd:7f:38:cb:64:15:6b:e1:ba:74:cb:af:3e:fe:
49:3f:79:78:ec:61:08:a9:52:5c:1f:9a:c3:fc:1a:
c1:69:4d:45:f2:02:ae:e1:0e:8b:27:65:53:4e:21:
a1:40:68:c3:c3:1d:82:1e:60:8f:66:6a:54:8b:29:
49:33:25:1b:c9:1c:fa:e6:2f:52:af:94:02:a4:de:
cc:c0:85:ff:4a:f7:52:c2:09:57:f1:f1:cc:0b:8a:
eb:6e:90:dd:c2:da:1e:66:f9:aa:53:93:ec:50:2a:
4a:f3:ad:fa:de:1e:24:80:fe:d9:88:bc:1c:6d:ab:
4c:17:78:3d:93:78:04:8e:08:8f:aa:5f:4a:73:19:
65:6f:13:f4:50:22:e3:e5:c8:da:bc:ea:a9:7d:a4:
a3:ec:c6:fd:ae:b0:36:93:6c:a6:9a:9e:7a:07:4d:
5e:3c:37:b5:98:d1:15:dc:83:aa:7a:01:42:d8:96:
8c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:46:33:34:C4:8F:A6:FB:D7:70:DD:AF:98:59:E9:0A:3E:9D:D5:71
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA0EC51879D311F09E7CFEE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.163.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ad:fd:25:1d:e2:fc:fa:62:ab:70:3c:ba:ff:98:2f:a2:e6:
2b:48:30:10:70:b3:2c:c9:db:92:7c:65:cf:e1:f3:4a:09:be:
bf:01:0c:c1:cd:d0:a0:4a:62:76:43:65:53:e6:2e:95:43:16:
1a:3d:60:dc:94:f6:36:e1:8d:f6:8a:58:2e:b5:05:c8:09:08:
cf:97:06:c6:fa:99:43:6c:db:9b:88:79:a3:65:2f:38:c4:49:
a6:f7:ee:93:e2:ed:27:52:27:e9:13:64:48:9f:c7:7c:a9:9f:
b0:7a:1b:d3:83:58:df:b8:40:e2:35:d9:db:40:f3:3f:43:1d:
a2:bc:16:c9:65:3b:74:36:29:f7:b5:80:b0:29:dd:1f:7f:60:
17:47:27:c3:54:15:1c:7f:80:ab:74:c8:9a:cb:75:30:1a:47:
87:d3:80:63:bc:b2:38:3a:87:61:be:e7:e5:bc:e2:08:06:3d:
72:94:5e:bd:33:79:29:26:06:4b:eb:d3:e8:ae:44:96:79:91:
5a:43:0e:55:cf:9d:46:3f:68:c5:2a:ab:31:f5:29:a8:3c:55:
a2:01:0d:04:c5:14:a0:15:5d:12:66:83:0d:b2:83:8d:2a:de:
34:f3:fa:5e:3c:70:f7:2f:6c:da:5b:e7:31:4c:4f:32:a3:9e:
ba:eb:60:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZHkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE1MTIzMTMzWhcNMjUxMDA1MTIzMTMzWjAYMRYw
FAYDVQQDEw02ODlmMjhhYi05ZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2/cwoMsOoI8XnvD6yuqbAoHliZ12SzE+g3E8TGzvi4N1bFVSGCW5SmOg
lwkQ8I9J9/f/LHfUNGH9I5eBr95E296uKx3Ra+tK2ZqpvX84y2QVa+G6dMuvPv5J
P3l47GEIqVJcH5rD/BrBaU1F8gKu4Q6LJ2VTTiGhQGjDwx2CHmCPZmpUiylJMyUb
yRz65i9Sr5QCpN7MwIX/SvdSwglX8fHMC4rrbpDdwtoeZvmqU5PsUCpK86363h4k
gP7ZiLwcbatMF3g9k3gEjgiPql9KcxllbxP0UCLj5cjavOqpfaSj7Mb9rrA2k2ym
mp56B01ePDe1mNEV3IOqegFC2JaMTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNJG
MzTEj6b713Ddr5hZ6Qo+ndVxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTBFQzUxODc5RDMxMUYwOUU3Q0ZFRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGjMA0GCSqGSIb3DQEB
CwUAA4IBAQCWrf0lHeL8+mKrcDy6/5gvouYrSDAQcLMsyduSfGXP4fNKCb6/AQzB
zdCgSmJ2Q2VT5i6VQxYaPWDclPY24Y32ilgutQXICQjPlwbG+plDbNubiHmjZS84
xEmm9+6T4u0nUifpE2RIn8d8qZ+wehvTg1jfuEDiNdnbQPM/Qx2ivBbJZTt0Nin3
tYCwKd0ff2AXRyfDVBUcf4CrdMiay3UwGkeH04BjvLI4OodhvuflvOIIBj1ylF69
M3kpJgZL69PorkSWeZFaQw5Vz51GP2jFKqsx9SmoPFWiAQ0ExRSgFV0SZoMNsoON
Kt408/pePHD3L2zaW+cxTE8yo56662DH
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:31 2025 by rpki-client