Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3682A0276CF11F0938A04BBDAE4EC9C.roa
File: D3682A0276CF11F0938A04BBDAE4EC9C.roa (raw, json)
Hash identifier: 435sxwNUELdu2tue7ddQtV25IIPKdupJ3T9Umkv/1+8=
Subject key identifier: DD:20:E4:CF:0F:EC:3D:D7:24:54:91:39:C4:CD:8B:58:1C:06:37:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019165
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3682A0276CF11F0938A04BBDAE4EC9C.roa
Signing time: Mon 11 Aug 2025 16:25:43 +0000
ROA not before: Mon 11 Aug 2025 16:25:38 +0000
ROA not after: Tue 16 Sep 2025 16:25:38 +0000
asID: 29066
IP address blocks: 154.194.224.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102757 (0x19165)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 11 16:25:38 2025 GMT
Not After : Sep 16 16:25:38 2025 GMT
Subject: CN=689a1987-6cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c2:ed:43:b7:8c:5c:58:2d:df:d8:45:5c:ae:
1e:b7:8a:90:b8:01:a1:f1:3b:d6:e4:d8:fe:ed:2b:
ee:1f:af:74:4c:d0:bd:5c:8d:8f:74:c8:95:21:43:
b0:28:6c:32:24:b0:6c:84:cc:e0:d5:19:17:4e:09:
ad:be:1f:8c:dc:ae:85:81:af:d5:6f:da:8e:c9:e5:
7e:56:7f:9b:19:55:55:79:85:8c:d1:bf:e9:0f:12:
02:8f:ce:cb:29:3b:7b:f3:7b:b2:7e:f8:ad:97:1a:
d4:58:7d:98:80:ce:7b:e1:14:0b:55:fd:e6:33:87:
a6:64:8a:7b:99:6b:4a:51:d1:62:09:42:1d:4c:5e:
7d:79:d3:1e:89:5d:79:c2:e2:ed:28:2e:71:50:84:
00:34:06:2c:4a:75:ee:2d:30:13:bf:92:92:62:21:
08:90:93:4d:36:96:8b:1f:64:e2:00:ac:5c:f6:d1:
bd:51:d0:0d:02:85:25:12:65:3c:b1:41:1c:73:aa:
88:8f:f4:ec:6c:fc:c9:9e:86:6f:1d:d1:3b:3f:26:
6d:bb:da:f9:d4:3c:52:2b:e3:71:7e:be:ee:36:9a:
39:77:70:57:18:8c:32:a1:2c:f2:de:84:c8:d2:09:
3c:09:2a:1a:27:a6:be:13:c7:a6:a2:7b:4c:a6:cd:
78:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:20:E4:CF:0F:EC:3D:D7:24:54:91:39:C4:CD:8B:58:1C:06:37:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3682A0276CF11F0938A04BBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.224.0/23
Signature Algorithm: sha256WithRSAEncryption
99:80:ac:07:62:77:0c:96:9c:d5:90:ac:ff:24:5a:22:6a:b1:
23:5a:ab:2f:51:49:7f:09:bb:b7:12:45:b2:fb:84:84:2c:3e:
12:93:2d:06:d9:de:c1:e5:97:e8:f6:78:0f:bf:b3:88:4f:35:
b5:c9:31:a3:96:7b:fd:e0:c6:84:f7:40:3a:76:00:3e:60:54:
5e:e6:55:44:19:1b:49:d1:25:6a:65:64:25:45:d3:05:a8:10:
49:5b:e3:3b:9c:b7:db:d3:a9:d6:a6:8d:b5:52:6c:aa:a9:be:
60:b3:f7:64:c8:32:f2:ec:35:db:e5:80:98:24:59:68:6b:35:
91:c1:a4:30:29:e1:42:f9:57:6e:68:56:83:65:83:aa:85:91:
c6:60:59:c2:a3:5e:e2:61:33:7e:95:d1:aa:dc:48:6e:e4:dd:
28:bc:8e:dd:9f:9e:88:6e:fb:31:34:76:72:f1:af:9c:78:fe:
d2:2e:fe:e3:97:3f:39:ca:33:f1:a6:53:f2:90:42:e6:ad:e7:
ca:04:ba:5f:71:2a:41:18:14:08:f9:96:8f:ca:7b:a4:27:0b:
2a:8a:8c:10:09:fc:b6:37:2f:56:c0:5f:89:b6:52:40:11:fb:
4e:63:d3:99:72:0f:a4:d7:98:80:71:67:e0:62:12:2b:5f:53:
b1:3d:21:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZFlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODExMTYyNTM4WhcNMjUwOTE2MTYyNTM4WjAYMRYw
FAYDVQQDEw02ODlhMTk4Ny02Y2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2MLtQ7eMXFgt39hFXK4et4qQuAGh8TvW5Nj+7SvuH690TNC9XI2PdMiV
IUOwKGwyJLBshMzg1RkXTgmtvh+M3K6Fga/Vb9qOyeV+Vn+bGVVVeYWM0b/pDxIC
j87LKTt783uyfvitlxrUWH2YgM574RQLVf3mM4emZIp7mWtKUdFiCUIdTF59edMe
iV15wuLtKC5xUIQANAYsSnXuLTATv5KSYiEIkJNNNpaLH2TiAKxc9tG9UdANAoUl
EmU8sUEcc6qIj/TsbPzJnoZvHdE7PyZtu9r51DxSK+Nxfr7uNpo5d3BXGIwyoSzy
3oTI0gk8CSoaJ6a+E8emontMps148QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN0g
5M8P7D3XJFSROcTNi1gcBjf4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzY4MkEwMjc2Q0YxMUYwOTM4QTA0QkJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsLgMA0GCSqGSIb3DQEB
CwUAA4IBAQCZgKwHYncMlpzVkKz/JFoiarEjWqsvUUl/Cbu3EkWy+4SELD4Sky0G
2d7B5Zfo9ngPv7OITzW1yTGjlnv94MaE90A6dgA+YFRe5lVEGRtJ0SVqZWQlRdMF
qBBJW+M7nLfb06nWpo21Umyqqb5gs/dkyDLy7DXb5YCYJFloazWRwaQwKeFC+Vdu
aFaDZYOqhZHGYFnCo17iYTN+ldGq3Ehu5N0ovI7dn56IbvsxNHZy8a+ceP7SLv7j
lz85yjPxplPykELmrefKBLpfcSpBGBQI+ZaPynukJwsqiowQCfy2Ny9WwF+JtlJA
EftOY9OZcg+k15iAcWfgYhIrX1OxPSEW
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:43:18 2025 by rpki-client