Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F31ED3E6781911F0A89C4DB1DAE4EC9C.roa
File: F31ED3E6781911F0A89C4DB1DAE4EC9C.roa (raw, json)
Hash identifier: 4EqFsByC1+2Sl4SNbQ+jKYrg+EoCZLdsBTUhMnDoAPc=
Subject key identifier: 8D:F6:C9:D4:73:DB:0E:3D:5B:CC:12:22:CD:ED:80:29:97:C8:12:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01918E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F31ED3E6781911F0A89C4DB1DAE4EC9C.roa
Signing time: Wed 13 Aug 2025 07:48:50 +0000
ROA not before: Wed 13 Aug 2025 07:48:45 +0000
ROA not after: Sat 04 Oct 2025 07:48:45 +0000
asID: 203020
IP address blocks: 154.200.213.0/24 maxlen: 24
154.200.220.0/24 maxlen: 24
154.201.37.0/24 maxlen: 24
154.201.38.0/24 maxlen: 24
154.202.91.0/24 maxlen: 24
154.202.101.0/24 maxlen: 24
154.202.103.0/24 maxlen: 24
154.202.104.0/24 maxlen: 24
154.202.106.0/24 maxlen: 24
154.207.32.0/20 maxlen: 24
154.207.48.0/22 maxlen: 24
154.207.52.0/23 maxlen: 24
154.207.54.0/24 maxlen: 24
154.207.56.0/23 maxlen: 24
154.207.59.0/24 maxlen: 24
154.207.60.0/22 maxlen: 24
154.209.224.0/20 maxlen: 24
154.209.240.0/21 maxlen: 24
154.209.248.0/23 maxlen: 24
154.209.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102798 (0x1918e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 13 07:48:45 2025 GMT
Not After : Oct 4 07:48:45 2025 GMT
Subject: CN=689c4362-4008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:96:18:9c:bd:fc:9b:e6:7c:78:d5:58:a5:f7:
e0:09:9b:07:12:cf:f9:04:84:f8:20:66:2a:43:0d:
b4:5a:1c:f3:bb:7c:87:8e:3a:3b:4b:65:ee:51:9f:
75:c6:1e:ab:2c:85:95:5b:57:a1:51:17:72:b8:b2:
c9:2b:11:5a:c6:90:4d:ce:c9:a0:18:36:ee:9b:2d:
37:d5:87:75:8b:2f:e2:06:c3:1b:c4:5d:94:db:bb:
f2:7b:32:f9:ba:a9:5c:e9:ee:6f:86:81:71:d4:74:
ac:11:42:f6:f7:8c:2b:75:91:a7:21:20:d6:69:87:
ad:c2:1a:16:2e:8c:9e:65:f3:30:fe:48:87:6f:48:
ad:2b:0b:be:be:ad:b5:7f:6d:44:bc:19:5e:49:a6:
b1:25:16:aa:52:40:92:5b:71:9c:30:2f:a8:51:b2:
fd:47:20:47:41:df:b8:9f:56:0c:40:eb:8c:3d:8f:
e7:3d:08:40:79:75:5a:ea:59:bd:3d:9a:30:86:13:
51:72:20:b9:f4:09:e6:23:60:71:25:dd:d7:7a:24:
bc:d4:db:7a:5b:d2:01:bb:3e:4f:02:44:af:3f:72:
42:a7:10:96:54:1f:d8:2d:ca:7c:2e:00:ee:c2:c9:
16:2a:ab:b1:6e:2a:55:03:f7:ec:d2:bd:ae:2f:9f:
9d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F6:C9:D4:73:DB:0E:3D:5B:CC:12:22:CD:ED:80:29:97:C8:12:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F31ED3E6781911F0A89C4DB1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.213.0/24
154.200.220.0/24
154.201.37.0-154.201.38.255
154.202.91.0/24
154.202.101.0/24
154.202.103.0-154.202.104.255
154.202.106.0/24
154.207.32.0-154.207.54.255
154.207.56.0/23
154.207.59.0-154.207.63.255
154.209.224.0-154.209.250.255
Signature Algorithm: sha256WithRSAEncryption
97:3b:8e:f6:78:0b:40:b8:36:91:e6:d1:e3:86:d7:d9:9e:88:
34:c9:7d:60:7d:43:f9:70:e2:dd:ae:8e:aa:2c:47:5f:c4:d9:
6e:c5:a8:a8:d7:6e:54:b5:9f:6c:d1:1f:90:94:e7:c8:4a:b6:
03:f6:af:d4:2a:da:2f:d2:57:cf:5a:2a:8c:c2:18:e6:51:9e:
38:dc:07:03:ab:71:98:5c:6a:00:ce:b8:bb:4b:e9:08:5a:db:
e5:8e:ac:ef:d0:5a:e5:d8:53:a6:6b:51:68:8e:47:95:fa:4e:
6b:b7:39:99:6c:e9:c6:65:b1:d7:7b:e2:37:90:f1:bb:48:fd:
6b:9a:9d:1b:b1:a3:2c:80:9a:89:a5:f0:51:c4:c2:8c:2c:de:
f5:b4:2c:0f:00:74:8d:78:24:4b:7d:2c:eb:77:37:75:8a:d9:
f8:6f:1c:56:2b:f2:8e:d7:f8:c0:0e:b4:1d:af:b0:93:63:99:
d6:11:16:de:92:ee:52:10:68:8b:52:a2:35:09:a5:dd:6f:ad:
df:2b:52:2c:74:08:93:b8:b0:bf:03:d1:c9:e3:65:76:aa:27:
bf:20:98:35:40:08:7d:37:e4:d0:d0:35:21:7d:d8:a2:76:44:
55:d3:a5:b6:70:a9:93:d5:d8:c4:1d:38:b1:ae:49:07:78:89:
98:99:d3:e0
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgIDAZGOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODEzMDc0ODQ1WhcNMjUxMDA0MDc0ODQ1WjAYMRYw
FAYDVQQDEw02ODljNDM2Mi00MDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA85YYnL38m+Z8eNVYpffgCZsHEs/5BIT4IGYqQw20Whzzu3yHjjo7S2Xu
UZ91xh6rLIWVW1ehURdyuLLJKxFaxpBNzsmgGDbumy031Yd1iy/iBsMbxF2U27vy
ezL5uqlc6e5vhoFx1HSsEUL294wrdZGnISDWaYetwhoWLoyeZfMw/kiHb0itKwu+
vq21f21EvBleSaaxJRaqUkCSW3GcMC+oUbL9RyBHQd+4n1YMQOuMPY/nPQhAeXVa
6lm9PZowhhNRciC59AnmI2BxJd3XeiS81Nt6W9IBuz5PAkSvP3JCpxCWVB/YLcp8
LgDuwskWKquxbipVA/fs0r2uL5+dHwIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFI32
ydRz2w49W8wSIs3tgCmXyBJpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMzFFRDNFNjc4MTkxMUYwQTg5QzREQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAJrI1QMEAJrI3DAMAwQA
msklAwQAmskmAwQAmspbAwQAmsplMAwDBACaymcDBACaymgDBACaymowDAMEBZrP
IAMEAJrPNgMEAZrPODAMAwQAms87AwQGms8AMAwDBAWa0eADBACa0fowDQYJKoZI
hvcNAQELBQADggEBAJc7jvZ4C0C4NpHm0eOG19meiDTJfWB9Q/lw4t2ujqosR1/E
2W7FqKjXblS1n2zRH5CU58hKtgP2r9Qq2i/SV89aKozCGOZRnjjcBwOrcZhcagDO
uLtL6Qha2+WOrO/QWuXYU6ZrUWiOR5X6Tmu3OZls6cZlsdd74jeQ8btI/WuanRux
oyyAmoml8FHEwows3vW0LA8AdI14JEt9LOt3N3WK2fhvHFYr8o7X+MAOtB2vsJNj
mdYRFt6S7lIQaItSojUJpd1vrd8rUix0CJO4sL8D0cnjZXaqJ78gmDVACH035NDQ
NSF92KJ2RFXTpbZwqZPV2MQdOLGuSQd4iZiZ0+A=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:55:23 2025 by rpki-client