Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D36B84647EA311F094596AE1DAE4EC9C.roa
File: D36B84647EA311F094596AE1DAE4EC9C.roa (raw, json)
Hash identifier: MidP/he8GerFMe9AXEb8oErq3k5/PZyRYSCmN1BYe+E=
Subject key identifier: 1E:08:A7:D2:8E:7D:B9:54:D3:35:E8:77:AE:01:E6:2C:BF:10:7F:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0193C0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D36B84647EA311F094596AE1DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 15:30:54 +0000
ROA not before: Thu 21 Aug 2025 15:30:50 +0000
ROA not after: Wed 21 Aug 2030 15:30:50 +0000
asID: 17561
IP address blocks: 154.204.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103360 (0x193c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 21 15:30:50 2025 GMT
Not After : Aug 21 15:30:50 2030 GMT
Subject: CN=68a73bae-3582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:1e:15:19:42:d8:e8:22:46:92:dc:13:00:
bb:09:87:64:05:cb:b9:3f:7b:f4:c1:35:f6:1e:a0:
59:2e:4e:4c:6d:90:be:19:32:75:d2:33:8e:7e:71:
bf:d6:26:5f:f8:b2:76:07:64:ad:e1:09:96:92:d8:
45:f9:f6:2a:27:4a:4b:33:ee:f1:ed:67:93:4c:cb:
24:bb:cb:9a:10:ae:7a:4a:ff:d4:fc:fc:26:33:94:
3b:0d:e1:77:c1:65:ef:4c:2e:25:28:ff:12:4e:98:
4c:0c:e4:8a:56:e7:60:b6:1d:0d:c7:61:98:c8:8d:
dd:8c:e6:e9:65:6d:14:9e:cf:b0:7c:38:94:c3:d7:
e1:d3:23:74:39:75:29:8b:2c:d9:eb:7e:e0:5d:22:
21:41:92:5d:31:69:fa:7f:19:e3:9d:bd:99:70:c7:
3b:68:c5:ef:87:6a:e1:1d:24:90:a5:1d:4f:a8:cf:
4a:e0:64:c8:16:80:8f:fc:a8:5b:52:7c:ad:f1:db:
da:1b:af:52:9e:4d:31:61:5d:5a:2f:7c:69:61:e9:
22:5b:a2:89:3e:9d:3d:53:b9:d9:26:d3:80:4d:3c:
e1:c6:81:3a:c3:d9:9d:71:4a:d7:e0:bf:df:df:c9:
1b:39:b4:26:57:4e:70:cf:bd:8e:91:82:f2:e1:f4:
98:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:08:A7:D2:8E:7D:B9:54:D3:35:E8:77:AE:01:E6:2C:BF:10:7F:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D36B84647EA311F094596AE1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.64.0/18
Signature Algorithm: sha256WithRSAEncryption
45:9d:7e:c2:21:b3:5f:cd:4c:af:94:bd:df:e5:a3:8a:f2:c0:
eb:f2:f4:b6:6d:a8:4a:6a:dc:05:08:25:6c:ad:4a:a3:09:b7:
b1:f7:e2:e7:17:a1:f8:5f:c5:f4:0d:ce:9b:e9:1b:eb:e6:a4:
97:1e:5e:74:cf:1a:9c:f4:c6:c3:9a:e4:92:ae:7f:52:95:8c:
20:e8:9d:68:4f:7c:00:9a:b7:49:7c:40:48:67:7d:75:bb:89:
c7:b8:1b:36:26:68:1c:a7:05:94:a5:fd:b0:28:f1:6b:8e:d6:
84:03:04:d9:49:dd:06:35:96:c9:7e:95:fe:09:ec:ce:11:43:
c2:c6:c8:3a:e8:66:9d:c2:da:39:96:8b:d0:12:4a:c5:3e:f7:
28:8d:84:f9:90:c2:21:c2:e4:21:81:77:91:9a:09:f1:0b:89:
93:95:ba:68:8a:48:f0:c7:5a:aa:7c:2a:c7:12:5d:f0:35:22:
bb:6e:75:c7:bd:7a:c0:89:71:1e:e6:a2:f2:d1:92:25:9b:45:
8b:82:79:8b:ea:27:27:b9:9d:62:46:12:ad:36:ec:b9:71:d2:
dc:00:4c:10:a7:32:4e:1b:71:fe:d5:35:90:9d:ee:4c:fb:07:
e8:db:c7:7f:79:1e:8f:95:40:c5:33:bc:9d:a5:20:ab:0a:c5:
0e:3f:49:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZPAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIxMTUzMDUwWhcNMzAwODIxMTUzMDUwWjAYMRYw
FAYDVQQDEw02OGE3M2JhZS0zNTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/ceFRlC2OgiRpLcEwC7CYdkBcu5P3v0wTX2HqBZLk5MbZC+GTJ10jOO
fnG/1iZf+LJ2B2St4QmWkthF+fYqJ0pLM+7x7WeTTMsku8uaEK56Sv/U/PwmM5Q7
DeF3wWXvTC4lKP8STphMDOSKVudgth0Nx2GYyI3djObpZW0Uns+wfDiUw9fh0yN0
OXUpiyzZ637gXSIhQZJdMWn6fxnjnb2ZcMc7aMXvh2rhHSSQpR1PqM9K4GTIFoCP
/KhbUnyt8dvaG69Snk0xYV1aL3xpYekiW6KJPp09U7nZJtOATTzhxoE6w9mdcUrX
4L/f38kbObQmV05wz72OkYLy4fSYFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB4I
p9KOfblU0zXod64B5iy/EH/CMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzZCODQ2NDdFQTMxMUYwOTQ1OTZBRTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsxAMA0GCSqGSIb3DQEB
CwUAA4IBAQBFnX7CIbNfzUyvlL3f5aOK8sDr8vS2bahKatwFCCVsrUqjCbex9+Ln
F6H4X8X0Dc6b6Rvr5qSXHl50zxqc9MbDmuSSrn9SlYwg6J1oT3wAmrdJfEBIZ311
u4nHuBs2JmgcpwWUpf2wKPFrjtaEAwTZSd0GNZbJfpX+CezOEUPCxsg66Gadwto5
lovQEkrFPvcojYT5kMIhwuQhgXeRmgnxC4mTlbpoikjwx1qqfCrHEl3wNSK7bnXH
vXrAiXEe5qLy0ZIlm0WLgnmL6icnuZ1iRhKtNuy5cdLcAEwQpzJOG3H+1TWQne5M
+wfo28d/eR6PlUDFM7ydpSCrCsUOP0mk
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:25:46 2025 by rpki-client