Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/219A3F3063A711F097819079DAE4EC9C.roa
File: 219A3F3063A711F097819079DAE4EC9C.roa (raw, json)
Hash identifier: QrgTxJ4fC2o5GiFvA4tvHzhTQQoMCXGmDaSMCHnR5tk=
Subject key identifier: 97:DD:6A:60:2D:DE:3B:B3:92:38:49:FC:12:8D:3C:BA:23:9D:15:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E58
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/219A3F3063A711F097819079DAE4EC9C.roa
Signing time: Fri 18 Jul 2025 07:16:33 +0000
ROA not before: Fri 18 Jul 2025 07:16:28 +0000
ROA not after: Fri 24 Oct 2025 07:16:28 +0000
asID: 328608
IP address blocks: 154.198.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101976 (0x18e58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 18 07:16:28 2025 GMT
Not After : Oct 24 07:16:28 2025 GMT
Subject: CN=6879f4d1-36f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:da:6b:72:39:3e:30:63:af:63:fd:36:a2:b9:
ad:5f:7b:da:e5:e9:70:f5:d0:80:f2:1d:21:ed:90:
30:99:60:54:34:e2:86:4d:dc:0b:3e:ef:ee:ba:32:
57:c0:0d:07:03:0b:b7:5a:70:56:e6:06:db:7c:a6:
7d:b7:ea:5b:59:ce:91:5b:62:1d:73:91:9d:74:91:
9d:1d:41:48:a3:f5:fd:d0:a2:d6:d9:19:35:86:27:
22:44:a5:18:13:1b:d4:b3:c9:a8:76:55:54:c2:d8:
6b:33:3d:96:45:ca:2c:41:fc:e6:ac:3f:60:f6:b8:
fd:6d:35:29:69:db:a4:bd:9b:da:54:09:dd:48:7c:
3a:a2:eb:c7:3a:aa:ae:92:19:08:37:e5:28:90:a2:
29:9f:5b:17:36:60:46:7a:da:2d:77:a1:1f:21:f2:
f3:bc:94:12:bd:52:5c:bb:75:7d:25:d7:95:a3:59:
c3:b2:94:9a:ec:d2:da:03:aa:ff:f7:49:6b:80:23:
e7:44:75:cf:b9:c7:ce:92:19:e2:8e:15:e0:6a:89:
a6:e5:74:dd:e8:25:71:73:0e:94:47:ae:99:4c:da:
cc:a7:55:cf:54:63:2a:28:79:d4:5a:9b:53:c7:1b:
77:33:f8:d2:37:73:4f:59:69:4e:0b:23:0b:11:77:
3c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DD:6A:60:2D:DE:3B:B3:92:38:49:FC:12:8D:3C:BA:23:9D:15:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/219A3F3063A711F097819079DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.168.0/22
Signature Algorithm: sha256WithRSAEncryption
87:ef:fd:bd:e7:a4:34:d2:a4:08:c6:6b:b9:1b:77:f4:3e:8e:
64:f1:8d:be:d0:0b:f0:e7:65:fc:71:c0:74:61:1b:5f:db:61:
f6:97:57:07:66:9b:1e:0b:b4:c5:2a:d2:0f:63:dc:93:d9:04:
1c:4e:02:63:ce:4b:79:a6:19:01:e7:0b:78:b1:dd:95:6f:16:
cd:d7:1e:89:32:4c:82:dd:99:55:5c:c4:b4:61:ca:4d:a6:78:
4c:1d:5d:ae:24:ab:38:88:21:cd:31:3f:be:9c:45:af:fe:f2:
44:75:a1:bc:81:b0:71:51:35:bf:bd:8d:cc:b6:81:1d:57:2a:
5c:23:d6:24:08:58:2d:fe:a1:fb:bd:10:cc:42:18:43:7c:a9:
38:b6:74:cb:a3:18:11:b1:2f:8c:4f:92:41:12:f5:1d:e4:99:
72:0d:75:46:f5:ef:c6:98:23:f6:7f:bd:5f:76:60:53:aa:28:
f2:3b:a6:47:03:90:c8:ef:ac:cf:7c:af:6a:6c:94:a8:f6:b7:
68:c1:a1:90:30:f0:07:3c:ae:bf:7e:5b:1b:15:0d:57:9f:72:
0a:22:55:01:09:7a:c0:f6:49:62:b9:f5:8c:88:a5:79:69:9f:
31:04:ae:63:d1:bd:1f:9b:01:ff:1d:21:90:8d:e3:0c:13:87:
c3:c5:4c:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY5YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE4MDcxNjI4WhcNMjUxMDI0MDcxNjI4WjAYMRYw
FAYDVQQDEw02ODc5ZjRkMS0zNmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Nprcjk+MGOvY/02ormtX3va5elw9dCA8h0h7ZAwmWBUNOKGTdwLPu/u
ujJXwA0HAwu3WnBW5gbbfKZ9t+pbWc6RW2Idc5GddJGdHUFIo/X90KLW2Rk1hici
RKUYExvUs8modlVUwthrMz2WRcosQfzmrD9g9rj9bTUpadukvZvaVAndSHw6ouvH
OqqukhkIN+UokKIpn1sXNmBGetotd6EfIfLzvJQSvVJcu3V9JdeVo1nDspSa7NLa
A6r/90lrgCPnRHXPucfOkhnijhXgaomm5XTd6CVxcw6UR66ZTNrMp1XPVGMqKHnU
WptTxxt3M/jSN3NPWWlOCyMLEXc8BQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJfd
amAt3juzkjhJ/BKNPLojnRWJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTlBM0YzMDYzQTcxMUYwOTc4MTkwNzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsaoMA0GCSqGSIb3DQEB
CwUAA4IBAQCH7/2956Q00qQIxmu5G3f0Po5k8Y2+0Avw52X8ccB0YRtf22H2l1cH
ZpseC7TFKtIPY9yT2QQcTgJjzkt5phkB5wt4sd2VbxbN1x6JMkyC3ZlVXMS0YcpN
pnhMHV2uJKs4iCHNMT++nEWv/vJEdaG8gbBxUTW/vY3MtoEdVypcI9YkCFgt/qH7
vRDMQhhDfKk4tnTLoxgRsS+MT5JBEvUd5JlyDXVG9e/GmCP2f71fdmBTqijyO6ZH
A5DI76zPfK9qbJSo9rdowaGQMPAHPK6/flsbFQ1Xn3IKIlUBCXrA9kliufWMiKV5
aZ8xBK5j0b0fmwH/HSGQjeMME4fDxUwE
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:41:44 2025 by rpki-client