Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E82AF3B47E6F11F096B1FE8FDAE4EC9C.roa
File: E82AF3B47E6F11F096B1FE8FDAE4EC9C.roa (raw, json)
Hash identifier: eCpsE1JQNeEuvbs4lIS0/vOZCMaurUuFYTseODbLJl8=
Subject key identifier: 38:95:D6:4F:5C:B3:3C:BA:64:65:21:DA:5B:DE:C0:64:FD:09:F9:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019303
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E82AF3B47E6F11F096B1FE8FDAE4EC9C.roa
Signing time: Thu 21 Aug 2025 09:19:15 +0000
ROA not before: Thu 21 Aug 2025 09:19:11 +0000
ROA not after: Sat 08 Nov 2025 09:19:11 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103171 (0x19303)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 21 09:19:11 2025 GMT
Not After : Nov 8 09:19:11 2025 GMT
Subject: CN=68a6e493-25d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b9:d5:ae:50:d4:92:a5:d6:1b:d6:1b:c3:83:
c7:74:fb:11:3a:f9:88:dc:a7:04:6b:07:7a:d2:22:
1f:3d:1a:d3:06:55:cb:4a:95:12:d0:85:d6:0c:8c:
64:04:23:a9:5a:ce:7e:0c:99:0a:fd:11:b8:ea:90:
8a:ef:02:ea:f3:fe:65:1a:9c:5e:a5:b8:8d:10:e2:
df:0e:e6:35:4e:b6:fa:71:53:bf:c7:61:33:2f:34:
cc:5d:99:18:86:32:08:27:0e:14:01:b7:fe:b4:af:
5d:61:36:f7:22:9c:4a:97:3b:5b:17:bb:f2:5e:53:
68:a9:c4:69:cc:f4:93:80:e6:2e:c3:8e:d9:23:20:
4b:60:5c:ea:dc:dc:a3:00:4f:2d:4d:01:cb:65:ea:
6e:b5:46:2f:ed:e8:c2:a7:8a:c7:97:c2:e8:ef:cb:
46:b7:3d:75:97:7a:25:cf:18:7a:ef:70:46:58:ed:
46:55:2d:e3:43:36:cb:7f:c9:91:1b:80:a0:ea:59:
39:31:5f:ab:23:79:f3:a3:ce:e8:4d:e2:c8:80:85:
0b:1f:7e:74:01:9e:03:0b:ee:78:fa:4e:68:6c:57:
ad:31:54:ed:c8:69:1f:8a:36:2c:1d:b2:17:f2:15:
a2:ed:b7:2e:08:23:f1:7e:58:b0:96:fd:2e:15:05:
45:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:95:D6:4F:5C:B3:3C:BA:64:65:21:DA:5B:DE:C0:64:FD:09:F9:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E82AF3B47E6F11F096B1FE8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
52:de:a6:8a:74:7b:a6:64:3a:bf:13:00:ad:f2:40:99:06:e7:
b3:ae:32:be:a8:20:71:63:64:9e:71:19:4b:08:45:18:e5:5a:
bb:bf:be:2b:4a:75:e2:a9:a8:ae:47:dc:3e:85:1b:d1:86:f3:
78:85:57:81:4c:af:95:86:ed:54:67:93:1b:3b:44:70:89:70:
a6:6f:6d:f2:22:f7:59:1f:8c:ff:d7:d5:46:9e:82:e1:2f:31:
30:23:79:2a:04:b1:21:ae:d3:01:06:bd:6d:a7:04:6d:d2:0b:
25:be:49:d5:cd:72:d1:6b:48:66:8f:bd:0b:e6:3a:39:be:bc:
25:f3:5b:5a:62:2b:a8:4e:84:22:88:8a:97:85:d0:4f:ca:eb:
59:bf:00:c3:a3:fd:26:fa:16:a4:fe:76:73:bc:08:a0:ce:08:
12:14:22:7b:f7:4c:75:cf:0e:c9:c6:71:82:58:d9:73:31:be:
05:94:5a:bc:1e:55:96:4f:06:7e:23:1d:ac:77:32:09:70:33:
0b:53:b3:69:dd:32:bb:be:3d:b6:f6:19:aa:16:60:83:2f:7a:
45:21:03:92:5a:0f:e8:f1:be:b2:dd:be:6d:84:7d:a4:05:32:
7d:50:8a:d8:cb:fc:b1:de:a7:37:dd:82:9c:3b:fc:7c:a2:2d:
27:67:10:54
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAZMDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIxMDkxOTExWhcNMjUxMTA4MDkxOTExWjAYMRYw
FAYDVQQDEw02OGE2ZTQ5My0yNWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3bnVrlDUkqXWG9Ybw4PHdPsROvmI3KcEawd60iIfPRrTBlXLSpUS0IXW
DIxkBCOpWs5+DJkK/RG46pCK7wLq8/5lGpxepbiNEOLfDuY1Trb6cVO/x2EzLzTM
XZkYhjIIJw4UAbf+tK9dYTb3IpxKlztbF7vyXlNoqcRpzPSTgOYuw47ZIyBLYFzq
3NyjAE8tTQHLZeputUYv7ejCp4rHl8Lo78tGtz11l3olzxh673BGWO1GVS3jQzbL
f8mRG4Cg6lk5MV+rI3nzo87oTeLIgIULH350AZ4DC+54+k5obFetMVTtyGkfijYs
HbIX8hWi7bcuCCPxfliwlv0uFQVFJQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFDiV
1k9cszy6ZGUh2lvewGT9CfktMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODJBRjNCNDdFNkYxMUYwOTZCMUZFOEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQBS3qaKdHumZDq/EwCt8kCZBuezrjK+qCBxY2Se
cRlLCEUY5Vq7v74rSnXiqaiuR9w+hRvRhvN4hVeBTK+Vhu1UZ5MbO0RwiXCmb23y
IvdZH4z/19VGnoLhLzEwI3kqBLEhrtMBBr1tpwRt0gslvknVzXLRa0hmj70L5jo5
vrwl81taYiuoToQiiIqXhdBPyutZvwDDo/0m+hak/nZzvAigzggSFCJ790x1zw7J
xnGCWNlzMb4FlFq8HlWWTwZ+Ix2sdzIJcDMLU7Np3TK7vj229hmqFmCDL3pFIQOS
Wg/o8b6y3b5thH2kBTJ9UIrYy/yx3qc33YKcO/x8oi0nZxBU
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:41 2025 by rpki-client