Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9BF62CA737411F0A82978E5DAE4EC9C.roa
File: D9BF62CA737411F0A82978E5DAE4EC9C.roa (raw, json)
Hash identifier: JufZshzRaufLk4MYRMjuEP9eiiVwBmn3NQmkwtNBKFA=
Subject key identifier: AD:E2:2F:82:37:91:7F:16:D1:B0:1A:15:BF:39:F7:0D:D2:0E:FD:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0190F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9BF62CA737411F0A82978E5DAE4EC9C.roa
Signing time: Thu 07 Aug 2025 09:56:56 +0000
ROA not before: Thu 07 Aug 2025 09:56:50 +0000
ROA not after: Thu 11 Sep 2025 09:56:50 +0000
asID: 214143
IP address blocks: 154.81.132.0/22 maxlen: 24
154.81.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102640 (0x190f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 7 09:56:50 2025 GMT
Not After : Sep 11 09:56:50 2025 GMT
Subject: CN=68947868-618d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:03:9c:72:7b:dc:79:26:f2:cb:07:49:f1:7e:
33:74:cf:aa:e4:23:b8:68:9b:75:78:5a:b7:f1:51:
72:2d:7b:b0:09:4a:1e:df:5b:35:99:fa:53:37:8e:
ac:cc:db:2a:ce:65:4d:f3:20:0d:7a:e0:ad:77:04:
1b:c5:af:9d:a5:db:d0:ae:bc:3c:d6:11:5c:ed:fa:
e4:7f:8c:84:b1:14:9c:7d:18:71:e5:4e:50:1c:43:
c9:3a:96:f3:c9:ab:9d:c6:ca:f6:d6:6d:b8:9a:df:
f9:1a:be:27:cd:1f:71:09:dc:10:2f:c7:ab:9a:60:
12:90:74:04:67:3f:5f:a1:2f:8f:c8:f1:70:1b:84:
b9:dc:52:29:3e:ed:2b:6e:99:14:6d:1f:89:ef:7e:
60:f3:b1:84:22:fb:31:aa:0b:29:2d:7d:05:60:72:
70:c6:79:53:22:7b:63:f2:96:e3:27:b3:56:3a:f1:
bc:98:72:e9:1d:bc:3f:40:02:06:1c:70:ab:ab:17:
25:ba:1a:a4:f2:8f:fd:37:b4:84:77:f2:40:5d:e3:
7a:67:3a:b4:ee:21:9f:10:19:b3:1a:ca:98:69:8c:
d7:bb:0f:cf:6a:aa:df:25:23:34:85:04:ee:0c:76:
28:16:d0:b8:e8:99:00:ef:db:08:d2:e2:1d:01:c7:
c6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E2:2F:82:37:91:7F:16:D1:B0:1A:15:BF:39:F7:0D:D2:0E:FD:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9BF62CA737411F0A82978E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.132.0/22
154.81.138.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:d4:3e:76:cf:38:a1:11:06:64:c1:ab:ca:5a:34:21:75:ec:
91:b9:a0:2e:c9:9a:5c:77:57:d5:18:b0:f5:1a:78:c0:1a:c3:
29:d7:66:7e:bf:06:ea:c9:10:8d:79:c1:24:9e:b1:e8:3c:52:
78:05:54:0d:95:c6:85:e2:64:e4:a3:af:d8:9d:45:e9:94:41:
10:45:c0:d0:99:93:cc:64:93:08:84:a2:00:2a:e9:13:cd:e9:
85:4f:ce:2c:d2:51:78:c0:8d:59:9a:dd:d2:77:66:c4:7a:81:
7d:5f:f8:f6:01:29:92:24:ce:33:9b:39:fd:9c:64:f3:5e:a1:
48:33:c9:d4:44:82:11:48:76:ed:cc:3c:c4:ca:23:bc:fe:f9:
54:af:8e:b1:a8:e8:aa:5c:69:6d:38:89:8f:19:ab:e7:96:a3:
bd:ae:b5:23:5b:84:2f:a8:6e:54:60:40:5d:17:1b:84:20:03:
45:33:59:cc:48:f6:ea:29:37:7c:36:e0:52:bf:6e:59:e0:57:
8d:ed:70:c3:9d:27:05:98:dd:95:e4:83:56:df:2c:f9:ff:fb:
cb:90:fe:ed:58:94:ca:98:d8:53:be:53:92:8c:ad:47:4e:8f:
74:8f:eb:21:d3:c5:01:48:c4:62:7a:06:7c:e9:b1:39:c1:4f:
ac:b8:ea:36
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZDwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODA3MDk1NjUwWhcNMjUwOTExMDk1NjUwWjAYMRYw
FAYDVQQDEw02ODk0Nzg2OC02MThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvAOccnvceSbyywdJ8X4zdM+q5CO4aJt1eFq38VFyLXuwCUoe31s1mfpT
N46szNsqzmVN8yANeuCtdwQbxa+dpdvQrrw81hFc7frkf4yEsRScfRhx5U5QHEPJ
Opbzyaudxsr21m24mt/5Gr4nzR9xCdwQL8ermmASkHQEZz9foS+PyPFwG4S53FIp
Pu0rbpkUbR+J735g87GEIvsxqgspLX0FYHJwxnlTIntj8pbjJ7NWOvG8mHLpHbw/
QAIGHHCrqxcluhqk8o/9N7SEd/JAXeN6Zzq07iGfEBmzGsqYaYzXuw/PaqrfJSM0
hQTuDHYoFtC46JkA79sI0uIdAcfGkQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFK3i
L4I3kX8W0bAaFb859w3SDv0YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUJGNjJDQTczNzQxMUYwQTgyOTc4RTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlGEAwQBmlGKMA0GCSqG
SIb3DQEBCwUAA4IBAQCe1D52zzihEQZkwavKWjQhdeyRuaAuyZpcd1fVGLD1GnjA
GsMp12Z+vwbqyRCNecEknrHoPFJ4BVQNlcaF4mTko6/YnUXplEEQRcDQmZPMZJMI
hKIAKukTzemFT84s0lF4wI1Zmt3Sd2bEeoF9X/j2ASmSJM4zmzn9nGTzXqFIM8nU
RIIRSHbtzDzEyiO8/vlUr46xqOiqXGltOImPGavnlqO9rrUjW4QvqG5UYEBdFxuE
IANFM1nMSPbqKTd8NuBSv25Z4FeN7XDDnScFmN2V5INW3yz5//vLkP7tWJTKmNhT
vlOSjK1HTo90j+sh08UBSMRiegZ86bE5wU+suOo2
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:52:09 2025 by rpki-client