Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFAD8EC2573D11F08DF414BEDAE4EC9C.roa
File: CFAD8EC2573D11F08DF414BEDAE4EC9C.roa (raw, json)
Hash identifier: hVPm8T63rsdAmER/VEPb6k7mwl8rFLtbBxw98VL3tes=
Subject key identifier: 1A:23:6E:32:96:EE:65:61:93:B0:6D:D2:4F:F8:B4:8E:04:1D:8D:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0189BC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFAD8EC2573D11F08DF414BEDAE4EC9C.roa
Signing time: Wed 02 Jul 2025 12:12:24 +0000
ROA not before: Wed 02 Jul 2025 12:12:18 +0000
ROA not after: Wed 13 Aug 2025 12:12:18 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100796 (0x189bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 2 12:12:18 2025 GMT
Not After : Aug 13 12:12:18 2025 GMT
Subject: CN=68652228-69bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:37:ea:46:ee:54:a5:48:2d:e2:b6:90:47:55:
bd:3b:dd:2d:af:da:c2:ec:fa:98:7f:a6:b3:18:ab:
66:8a:cc:e4:79:44:dc:0c:f7:52:0d:f2:31:0d:ea:
26:ae:f0:9d:49:4b:f3:42:91:61:4d:06:b1:39:d8:
8d:cb:96:18:f1:4f:60:78:83:59:8e:1e:15:d7:12:
52:93:12:57:01:e2:77:59:44:52:26:e9:86:3a:f9:
08:68:04:0e:55:c7:1f:01:29:91:62:f6:7b:59:74:
87:7b:eb:f6:ee:26:8e:52:62:00:d5:24:53:62:04:
7f:22:5a:c6:b9:09:b0:36:10:24:44:41:e5:9b:c7:
ef:e3:22:bc:df:fb:ec:4a:c4:5b:d7:18:be:84:4a:
13:87:de:a0:8d:86:5d:be:4a:6c:da:a3:61:63:81:
8a:d7:bd:57:d0:1d:d1:52:b0:98:33:38:10:8b:0e:
e3:dd:a0:8e:f2:74:62:8c:f8:5d:d0:eb:3d:c3:b6:
d5:71:99:98:b3:f9:de:c6:1e:f0:d3:69:36:f4:ff:
2a:d2:93:b1:41:92:6e:3b:42:d3:a5:8d:67:2f:6c:
40:bc:a2:7a:45:02:67:08:40:12:73:91:be:45:f4:
7e:2d:cc:a3:84:2f:9a:5d:4e:06:5d:a4:1d:8e:7a:
f6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:23:6E:32:96:EE:65:61:93:B0:6D:D2:4F:F8:B4:8E:04:1D:8D:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFAD8EC2573D11F08DF414BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3e:25:9f:24:71:a8:a7:64:e4:fe:64:ec:68:95:a8:23:f7:
83:f9:e3:6b:0c:dd:fa:f6:6c:50:ab:f3:12:d5:7f:c0:65:f1:
d3:74:ae:6a:2c:19:b4:02:d8:15:1c:c1:3e:b8:46:ba:bf:01:
7d:0f:de:47:c8:9d:e2:bc:1b:1a:ae:12:97:92:1b:40:d2:05:
92:1a:bf:09:e8:10:ec:40:f2:db:3a:5e:d7:73:37:38:86:46:
f6:b7:1f:06:5d:de:52:29:be:ea:c1:c5:6e:e7:ca:4b:24:f5:
a1:08:4d:80:51:cd:79:85:82:6d:9e:b1:f5:43:2c:bf:07:f7:
f0:d4:49:06:ca:f1:b4:96:c9:5a:af:a1:6f:d5:88:15:b9:57:
c1:33:41:12:9d:61:a0:dc:c2:da:81:5e:f4:c8:ea:d2:69:c0:
98:92:ea:52:c8:8b:f0:55:87:2d:46:dc:10:b9:f3:c9:23:b2:
1a:cd:53:c4:9d:e9:ae:f7:91:02:50:c3:50:99:86:cf:86:32:
48:4d:20:39:8e:4f:48:dd:15:bd:c1:07:14:32:2a:e0:ea:5f:
84:cf:c0:39:fd:f1:47:93:7b:a3:65:1f:0c:6a:6a:ab:9a:c2:
e4:4e:23:2c:ca:0d:c2:c7:4b:d8:95:fb:58:11:34:5c:d7:70:
e0:27:f7:6d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYm8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzAyMTIxMjE4WhcNMjUwODEzMTIxMjE4WjAYMRYw
FAYDVQQDEw02ODY1MjIyOC02OWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuzfqRu5UpUgt4raQR1W9O90tr9rC7PqYf6azGKtmiszkeUTcDPdSDfIx
DeomrvCdSUvzQpFhTQaxOdiNy5YY8U9geINZjh4V1xJSkxJXAeJ3WURSJumGOvkI
aAQOVccfASmRYvZ7WXSHe+v27iaOUmIA1SRTYgR/IlrGuQmwNhAkREHlm8fv4yK8
3/vsSsRb1xi+hEoTh96gjYZdvkps2qNhY4GK171X0B3RUrCYMzgQiw7j3aCO8nRi
jPhd0Os9w7bVcZmYs/nexh7w02k29P8q0pOxQZJuO0LTpY1nL2xAvKJ6RQJnCEAS
c5G+RfR+LcyjhC+aXU4GXaQdjnr2nQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBoj
bjKW7mVhk7Bt0k/4tI4EHY02MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRkFEOEVDMjU3M0QxMUYwOERGNDE0QkVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQAcPiWfJHGop2Tk/mTsaJWoI/eD+eNrDN369mxQq/MS1X/A
ZfHTdK5qLBm0AtgVHME+uEa6vwF9D95HyJ3ivBsarhKXkhtA0gWSGr8J6BDsQPLb
Ol7Xczc4hkb2tx8GXd5SKb7qwcVu58pLJPWhCE2AUc15hYJtnrH1Qyy/B/fw1EkG
yvG0lslar6Fv1YgVuVfBM0ESnWGg3MLagV70yOrSacCYkupSyIvwVYctRtwQufPJ
I7IazVPEnemu95ECUMNQmYbPhjJITSA5jk9I3RW9wQcUMirg6l+Ez8A5/fFHk3uj
ZR8MamqrmsLkTiMsyg3Cx0vYlftYETRc13DgJ/dt
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:01:53 2025 by rpki-client