Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08D21A925B2611F092DC5AB2DAE4EC9C.roa
File: 08D21A925B2611F092DC5AB2DAE4EC9C.roa (raw, json)
Hash identifier: G7UZ55ElxRwu6xSa8yyKVE55cVHuLgm4x/0U0ZbPYdg=
Subject key identifier: 28:78:3E:62:A9:8E:1D:05:4E:FA:D7:FE:15:B1:C9:E3:E4:19:45:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C0E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08D21A925B2611F092DC5AB2DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 11:32:17 +0000
ROA not before: Mon 07 Jul 2025 11:32:11 +0000
ROA not after: Sun 10 Aug 2025 11:32:11 +0000
asID: 395886
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101390 (0x18c0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 11:32:11 2025 GMT
Not After : Aug 10 11:32:11 2025 GMT
Subject: CN=686bb041-79f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:65:ac:52:da:69:62:dd:cf:7a:5c:1c:fd:01:
99:57:33:e3:97:e3:ac:5a:d4:00:a9:65:ed:7a:46:
49:35:97:cb:7f:41:69:1b:22:c0:27:f1:f8:78:c4:
b6:cd:a9:d4:e1:63:d9:d8:a6:03:2d:37:e1:ab:ce:
75:8e:51:f9:ee:0a:4e:3f:47:d9:74:56:1e:7a:93:
84:fa:4f:7a:4b:ef:bb:05:e6:c0:fa:cb:2f:da:11:
d7:7f:4c:c5:5e:c6:6a:82:1f:31:4a:43:73:ca:ea:
18:ef:60:b8:05:b6:d1:b7:9c:0d:d5:dd:60:a9:17:
81:f8:1b:6f:1a:96:e4:72:a9:62:83:30:b7:b3:0b:
5c:a3:de:b3:a5:6c:6c:2f:34:9a:4d:ed:2d:fe:22:
5e:03:c1:50:68:38:42:72:6e:32:1c:9d:71:e7:3c:
10:85:f8:3c:6f:fa:29:67:a1:2f:b4:1a:61:cc:da:
8c:b5:ed:f8:ea:6c:34:ba:0d:bb:44:a3:e5:f2:b5:
2b:b0:89:71:a0:c6:a5:59:f7:57:95:d1:46:3c:4b:
13:af:41:dd:7b:39:de:a4:03:2a:09:cd:c3:c9:8b:
d0:fc:26:58:c0:ed:5a:59:86:a2:4a:13:21:ff:c4:
b0:dd:ed:db:00:4c:07:2b:15:42:0a:d4:86:01:ad:
5d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:78:3E:62:A9:8E:1D:05:4E:FA:D7:FE:15:B1:C9:E3:E4:19:45:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08D21A925B2611F092DC5AB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
51:30:9d:55:47:74:19:80:4d:33:26:15:67:0d:0d:0a:d2:3d:
89:0b:de:7c:bf:90:b2:78:39:50:12:bf:28:03:9c:8a:28:cb:
3d:ed:90:c6:a8:eb:e8:71:e3:6a:a8:91:5a:22:fb:ac:07:ed:
7b:51:fc:73:f8:9f:84:0a:19:70:7d:97:8b:50:cd:bd:03:03:
94:10:09:49:76:9e:62:58:ef:06:a1:09:20:e7:c0:d2:13:07:
b0:ee:0b:8c:6d:98:b5:75:b9:40:7b:ca:b6:d6:cf:7c:da:c8:
7c:35:9f:1a:b6:e6:f1:a5:4f:71:11:09:25:9d:2e:ec:04:e8:
53:f6:d8:a8:b9:86:d6:c5:0c:a9:04:dc:55:13:d9:82:42:20:
37:cd:62:59:08:d8:bf:65:f2:53:9d:a2:fb:f0:f1:2a:ac:31:
b3:ba:7f:95:84:9f:41:ca:5f:a7:6d:e6:99:46:da:f9:e6:65:
d7:93:89:8a:ac:04:c9:5a:b5:a3:94:91:2e:80:ff:ef:09:c7:
97:b1:d7:a9:ba:26:b4:7e:81:26:9a:6e:41:8f:5c:6b:fa:a8:
7d:e0:d7:e3:0e:d4:5c:6b:1f:38:b5:df:be:a9:88:5f:ea:ff:
ff:f8:88:89:19:9a:22:1e:5f:2c:6c:e7:f1:f0:4d:6c:3d:a1:
89:f4:d4:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTEzMjExWhcNMjUwODEwMTEzMjExWjAYMRYw
FAYDVQQDEw02ODZiYjA0MS03OWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0WWsUtppYt3Pelwc/QGZVzPjl+OsWtQAqWXtekZJNZfLf0FpGyLAJ/H4
eMS2zanU4WPZ2KYDLTfhq851jlH57gpOP0fZdFYeepOE+k96S++7BebA+ssv2hHX
f0zFXsZqgh8xSkNzyuoY72C4BbbRt5wN1d1gqReB+BtvGpbkcqligzC3swtco96z
pWxsLzSaTe0t/iJeA8FQaDhCcm4yHJ1x5zwQhfg8b/opZ6EvtBphzNqMte346mw0
ug27RKPl8rUrsIlxoMalWfdXldFGPEsTr0HdeznepAMqCc3DyYvQ/CZYwO1aWYai
ShMh/8Sw3e3bAEwHKxVCCtSGAa1dqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCh4
PmKpjh0FTvrX/hWxyePkGUUzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOEQyMUE5MjVCMjYxMUYwOTJEQzVBQjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBRMJ1VR3QZgE0zJhVnDQ0K0j2JC958v5CyeDlQEr8oA5yKKMs97ZDG
qOvoceNqqJFaIvusB+17Ufxz+J+EChlwfZeLUM29AwOUEAlJdp5iWO8GoQkg58DS
Ewew7guMbZi1dblAe8q21s982sh8NZ8atubxpU9xEQklnS7sBOhT9tiouYbWxQyp
BNxVE9mCQiA3zWJZCNi/ZfJTnaL78PEqrDGzun+VhJ9Byl+nbeaZRtr55mXXk4mK
rATJWrWjlJEugP/vCceXsdepuia0foEmmm5Bj1xr+qh94NfjDtRcax84td++qYhf
6v//+IiJGZoiHl8sbOfx8E1sPaGJ9NQM
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:43 2025 by rpki-client