Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09B0085662FC11F089AB6B9BDAE4EC9C.roa
File: 09B0085662FC11F089AB6B9BDAE4EC9C.roa (raw, json)
Hash identifier: cpL6prpoLT3yxg/aVhJ2rT1jMdE3e28wdR+H4+onNfY=
Subject key identifier: 49:DC:79:E1:AB:47:61:5A:2C:3E:91:25:FD:7E:2E:58:AA:14:46:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E1A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09B0085662FC11F089AB6B9BDAE4EC9C.roa
Signing time: Thu 17 Jul 2025 10:51:49 +0000
ROA not before: Thu 17 Jul 2025 10:51:43 +0000
ROA not after: Wed 27 Aug 2025 10:51:43 +0000
asID: 401696
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101914 (0x18e1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 10:51:43 2025 GMT
Not After : Aug 27 10:51:43 2025 GMT
Subject: CN=6878d5c4-503c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:76:51:58:41:80:42:93:27:63:e1:d4:5e:f6:
6c:28:b4:be:04:37:f9:6d:73:a5:e4:86:67:ad:cb:
16:43:0a:6d:71:53:17:53:b7:2b:74:c2:3d:38:55:
31:b8:59:a3:45:50:a9:0d:d6:50:c4:98:c9:ea:e8:
2a:bb:4e:eb:b9:76:13:0e:f0:7c:aa:65:7c:73:64:
7b:90:c6:fa:dd:e6:b0:36:a4:b2:34:bb:09:39:94:
bb:6e:e4:54:6e:d8:46:79:54:30:d4:65:a5:a8:3a:
64:7d:80:4f:09:11:ef:1c:ad:e7:5b:93:40:aa:fc:
0b:72:22:36:e1:2c:1b:64:1d:38:d5:b6:95:57:03:
53:4f:a0:b6:19:36:54:50:c1:8f:28:97:a0:59:5c:
68:9a:90:01:4a:25:d9:ac:7d:ef:e7:c6:14:26:e3:
be:36:7d:9e:8b:65:f0:b3:3f:2f:46:3f:64:74:77:
c8:df:7f:6e:4c:05:b8:dd:72:1c:9c:67:5b:b5:1f:
3c:38:75:d9:82:78:1a:67:aa:6b:72:25:6d:17:96:
3a:f5:cd:ca:80:72:3f:fe:dd:15:53:6a:45:66:11:
e9:63:c1:f1:5d:3f:86:11:e5:e4:9b:3b:e9:67:fc:
41:53:5c:3d:eb:5e:da:aa:11:6b:54:b0:f6:9a:d5:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DC:79:E1:AB:47:61:5A:2C:3E:91:25:FD:7E:2E:58:AA:14:46:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09B0085662FC11F089AB6B9BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:91:a0:ca:65:11:6c:13:ac:4b:2a:c8:68:a1:bd:ae:65:4f:
d1:4a:4f:3f:9b:3f:03:80:1e:4f:20:87:b2:1a:79:c1:2f:35:
17:75:5d:0d:f5:d2:03:44:44:af:53:f0:7a:b9:af:94:d7:29:
35:b7:08:59:70:ce:f5:cc:09:4d:5e:ab:60:39:cd:24:8a:fc:
2b:0a:71:8b:0b:9f:97:98:ad:3e:88:35:56:9d:b1:d5:11:e8:
5e:ee:a7:d1:2d:14:7f:91:cb:97:20:2e:45:56:79:a3:2a:92:
47:54:d6:2b:e6:81:6e:75:06:12:64:33:42:63:0b:0b:e1:21:
68:b4:70:45:0e:a1:b6:6f:46:77:df:b6:9e:d5:d5:3b:2c:5c:
6d:d9:68:0f:f0:dc:a6:69:a8:fe:bb:c7:4f:b3:40:83:9b:e7:
52:91:56:49:12:df:19:78:8f:6b:b0:9e:92:eb:51:df:81:04:
10:49:b5:c1:00:fd:c3:37:4a:ad:11:e4:4e:dc:b3:fe:af:51:
2f:f8:63:32:42:e0:db:1e:c2:c7:39:11:06:ff:ce:a1:e6:2d:
6b:78:f3:8a:28:cc:a5:15:0f:b7:21:b7:3b:06:36:7f:a1:10:
7c:b5:64:ce:fe:e8:ab:d8:4b:d0:d1:1a:f3:48:3f:99:00:da:
5a:e1:81:05
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY4aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTA1MTQzWhcNMjUwODI3MTA1MTQzWjAYMRYw
FAYDVQQDEw02ODc4ZDVjNC01MDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzXZRWEGAQpMnY+HUXvZsKLS+BDf5bXOl5IZnrcsWQwptcVMXU7crdMI9
OFUxuFmjRVCpDdZQxJjJ6ugqu07ruXYTDvB8qmV8c2R7kMb63eawNqSyNLsJOZS7
buRUbthGeVQw1GWlqDpkfYBPCRHvHK3nW5NAqvwLciI24SwbZB041baVVwNTT6C2
GTZUUMGPKJegWVxompABSiXZrH3v58YUJuO+Nn2ei2Xwsz8vRj9kdHfI339uTAW4
3XIcnGdbtR88OHXZgngaZ6prciVtF5Y69c3KgHI//t0VU2pFZhHpY8HxXT+GEeXk
mzvpZ/xBU1w9617aqhFrVLD2mtV+lQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEnc
eeGrR2FaLD6RJf1+LliqFEagMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOUIwMDg1NjYyRkMxMUYwODlBQjZCOUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQAvkaDKZRFsE6xLKshoob2uZU/RSk8/mz8DgB5PIIeyGnnBLzUXdV0N
9dIDRESvU/B6ua+U1yk1twhZcM71zAlNXqtgOc0kivwrCnGLC5+XmK0+iDVWnbHV
Eehe7qfRLRR/kcuXIC5FVnmjKpJHVNYr5oFudQYSZDNCYwsL4SFotHBFDqG2b0Z3
37ae1dU7LFxt2WgP8Nymaaj+u8dPs0CDm+dSkVZJEt8ZeI9rsJ6S61HfgQQQSbXB
AP3DN0qtEeRO3LP+r1Ev+GMyQuDbHsLHOREG/86h5i1rePOKKMylFQ+3Ibc7BjZ/
oRB8tWTO/uir2EvQ0RrzSD+ZANpa4YEF
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:49 2025 by rpki-client