Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E29DB3EA7CDB11F0AFEAEAB4DAE4EC9C.roa
File: E29DB3EA7CDB11F0AFEAEAB4DAE4EC9C.roa (raw, json)
Hash identifier: nsnJoST/nLiGPGDChBcmWDxuNZCA6LwRnryt72WPC58=
Subject key identifier: 2D:4B:3F:38:98:9D:23:5C:A2:E9:F1:ED:78:F6:F8:F6:E3:DC:76:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019234
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E29DB3EA7CDB11F0AFEAEAB4DAE4EC9C.roa
Signing time: Tue 19 Aug 2025 09:07:09 +0000
ROA not before: Tue 19 Aug 2025 09:07:04 +0000
ROA not after: Tue 09 Sep 2025 09:07:04 +0000
asID: 138915
IP address blocks: 154.95.72.0/22 maxlen: 24
154.95.96.0/22 maxlen: 24
154.95.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102964 (0x19234)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 19 09:07:04 2025 GMT
Not After : Sep 9 09:07:04 2025 GMT
Subject: CN=68a43ebd-a203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:06:c7:24:5a:b7:a6:f9:9f:cd:58:40:ed:fc:
50:d4:78:e0:d9:78:10:51:84:87:6e:3e:5b:6f:9f:
fd:cf:98:0b:9e:b6:1e:e4:2d:16:1d:ee:e3:3f:5e:
56:79:b9:82:8b:e4:0a:f8:fe:3d:47:86:80:b7:a9:
ea:04:ca:c0:79:c5:23:49:e3:41:89:f1:b6:93:82:
36:44:8a:9c:7a:63:d7:fb:9c:80:b3:f2:1e:05:ed:
fc:97:ef:fd:0d:c5:1d:5b:9b:cc:60:93:7a:78:bb:
61:59:0e:80:18:e8:b9:38:49:41:41:f9:33:2c:03:
ac:34:76:2a:58:9b:af:93:d4:64:03:56:c0:d3:65:
3a:b4:81:9e:77:ec:7c:ad:8d:e3:73:15:e7:68:ea:
76:b9:5a:da:13:ea:0d:01:94:8b:75:06:b8:d6:9d:
3b:29:b2:b0:0e:5d:e3:4c:a0:1e:3d:0e:86:33:8f:
79:17:77:f3:e6:1f:93:d0:c5:19:4c:10:51:01:bb:
53:d0:b1:16:d3:1c:e7:8c:6d:29:19:5d:bf:c9:08:
51:4c:79:f8:76:77:b7:7b:bf:de:ba:82:6e:50:02:
87:ba:56:6a:b4:0f:ab:95:d0:8a:56:0f:c8:82:ca:
41:80:c6:b5:af:a7:7b:54:76:a0:8a:3b:38:e7:e8:
48:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4B:3F:38:98:9D:23:5C:A2:E9:F1:ED:78:F6:F8:F6:E3:DC:76:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E29DB3EA7CDB11F0AFEAEAB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.72.0/22
154.95.96.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:61:1e:8e:eb:55:5d:1f:c0:6b:8f:a8:8c:df:d8:28:60:88:
be:d2:d1:92:b6:44:46:d4:fd:41:91:d8:23:fd:e8:06:bd:82:
47:d1:37:75:ce:8a:78:7c:4c:23:93:6a:a9:8b:33:13:93:20:
e9:be:aa:be:1e:6e:dc:b1:76:4d:e3:95:48:10:ff:0c:da:f2:
e2:99:0f:97:ef:da:e8:d3:14:92:30:8a:a8:27:f0:9a:96:eb:
7a:60:8a:57:cc:b8:51:01:20:86:7b:17:9c:b6:6d:04:ea:ff:
31:8a:15:4d:7f:0b:e2:ca:b2:e1:45:be:68:7d:19:6e:77:a7:
86:67:19:ec:3d:61:9e:79:48:74:b8:83:e5:90:cd:e3:df:2c:
c3:b6:d5:09:11:38:d0:1b:a2:0b:31:17:ea:1b:0d:92:01:79:
8f:54:ab:1c:0e:a9:88:8a:a8:43:5d:13:de:f1:d3:f8:dd:0b:
14:83:7c:65:bb:fc:ba:56:88:b9:41:26:41:20:46:4f:d4:b8:
ce:94:ef:b1:3d:c2:ba:ec:85:8a:29:97:42:1c:c3:56:d5:6b:
af:38:4a:0e:5c:04:a1:d6:8e:52:14:6e:27:1d:60:df:26:fa:
4d:48:f1:5c:dd:e6:13:6e:30:cb:2f:85:72:55:55:d3:46:9c:
61:0b:f5:75
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZI0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE5MDkwNzA0WhcNMjUwOTA5MDkwNzA0WjAYMRYw
FAYDVQQDEw02OGE0M2ViZC1hMjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+QbHJFq3pvmfzVhA7fxQ1Hjg2XgQUYSHbj5bb5/9z5gLnrYe5C0WHe7j
P15WebmCi+QK+P49R4aAt6nqBMrAecUjSeNBifG2k4I2RIqcemPX+5yAs/IeBe38
l+/9DcUdW5vMYJN6eLthWQ6AGOi5OElBQfkzLAOsNHYqWJuvk9RkA1bA02U6tIGe
d+x8rY3jcxXnaOp2uVraE+oNAZSLdQa41p07KbKwDl3jTKAePQ6GM495F3fz5h+T
0MUZTBBRAbtT0LEW0xznjG0pGV2/yQhRTHn4dne3e7/euoJuUAKHulZqtA+rldCK
Vg/IgspBgMa1r6d7VHagijs45+hIQQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFC1L
PziYnSNcounx7Xj2+Pbj3HZ9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMjlEQjNFQTdDREIxMUYwQUZFQUVBQjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCml9IAwQDml9gMA0GCSqG
SIb3DQEBCwUAA4IBAQBfYR6O61VdH8Brj6iM39goYIi+0tGStkRG1P1Bkdgj/egG
vYJH0Td1zop4fEwjk2qpizMTkyDpvqq+Hm7csXZN45VIEP8M2vLimQ+X79ro0xSS
MIqoJ/Calut6YIpXzLhRASCGexectm0E6v8xihVNfwviyrLhRb5ofRlud6eGZxns
PWGeeUh0uIPlkM3j3yzDttUJETjQG6ILMRfqGw2SAXmPVKscDqmIiqhDXRPe8dP4
3QsUg3xlu/y6Voi5QSZBIEZP1LjOlO+xPcK67IWKKZdCHMNW1WuvOEoOXASh1o5S
FG4nHWDfJvpNSPFc3eYTbjDLL4VyVVXTRpxhC/V1
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:45 2025 by rpki-client