
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/384379E85CCE11F089A4EE7FDAE4EC9C.roa
File: 384379E85CCE11F089A4EE7FDAE4EC9C.roa (raw, json)
Hash identifier: 5f77BcWNakaDI1bU9WQxgm2j1SupQ4SdEzmVtXx8tYI=
Subject key identifier: 42:85:68:B0:78:0B:A0:56:D4:8B:C4:C9:04:DF:BF:2F:39:3D:F0:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CDE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/384379E85CCE11F089A4EE7FDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 14:08:43 +0000
ROA not before: Wed 09 Jul 2025 14:08:38 +0000
ROA not after: Mon 11 Aug 2025 14:08:38 +0000
asID: 214143
IP address blocks: 154.197.60.0/23 maxlen: 24
154.197.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101598 (0x18cde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 14:08:38 2025 GMT
Not After : Aug 11 14:08:38 2025 GMT
Subject: CN=686e77eb-b5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:83:c5:95:1f:6a:d3:68:73:37:39:a8:52:92:
99:7b:bc:72:d5:a7:e4:a6:4b:3d:34:92:9e:05:b5:
89:ff:da:75:cc:19:74:2d:8c:a5:74:ad:c9:db:ce:
e8:53:a6:41:20:cd:8b:97:05:fe:9c:15:5e:5b:d6:
67:54:27:9c:52:24:a9:8f:54:ed:51:55:2b:cd:84:
9e:92:d6:7f:7f:93:95:0a:0e:21:27:12:5a:20:db:
38:9a:c7:44:29:b6:83:4a:9a:ee:ef:34:53:96:2c:
da:e6:47:f5:5f:d7:1c:3a:a8:ad:68:06:bd:b4:45:
c3:f3:a5:6e:c8:d3:e8:71:3b:dd:7d:c9:1c:64:d3:
7f:83:29:38:a2:39:a5:16:18:94:40:76:5f:3a:0f:
d4:7d:2b:d2:cf:ea:1c:0b:0b:f2:ab:a5:c1:96:5a:
bf:9e:4d:1e:9a:00:13:66:eb:4f:22:a2:eb:65:bb:
4f:63:88:60:1a:f0:15:53:96:1e:25:75:b3:05:24:
25:38:85:9d:fb:b7:26:05:4f:b5:42:1f:d0:52:6b:
4c:17:29:49:7e:29:70:50:85:47:ff:6a:86:4e:3d:
99:ee:86:a9:0e:2d:4d:9f:23:34:23:44:29:5c:f6:
e0:24:ba:87:74:db:ff:25:67:3f:89:2e:50:22:11:
ec:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:85:68:B0:78:0B:A0:56:D4:8B:C4:C9:04:DF:BF:2F:39:3D:F0:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/384379E85CCE11F089A4EE7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.60.0/23
154.197.86.0/23
Signature Algorithm: sha256WithRSAEncryption
d3:f1:eb:ef:c9:0b:54:76:2f:62:b3:44:30:c1:23:8a:12:e1:
cd:f5:8a:e9:7c:67:ad:e9:02:21:71:89:44:0a:c3:35:b1:77:
76:3e:eb:b5:52:1b:9f:bf:a3:8b:d6:4a:be:2d:c5:f0:84:ee:
b7:7b:57:e6:34:9a:29:a3:26:a2:79:07:42:d7:6d:ec:f3:54:
86:db:4c:0b:45:df:2c:75:d7:8a:d4:76:fd:4d:fb:c5:db:24:
8e:c9:62:29:75:92:12:ba:af:2c:64:36:f7:78:c0:62:34:4e:
09:a5:3c:6b:89:a0:a2:e3:48:5b:22:cf:7e:e2:1f:bf:a5:93:
f5:2c:4d:03:63:fa:93:58:f3:ec:2d:de:3b:ed:e5:4b:77:71:
24:20:c3:11:bc:86:1d:71:95:a6:46:a6:78:f2:07:10:7a:92:
a5:85:f5:6a:4a:3c:64:1a:9f:b7:80:70:a3:58:4e:17:2f:3e:
72:fa:e8:dd:d4:ad:af:99:5c:f3:a2:78:cd:96:b9:76:30:8a:
31:82:9c:cd:de:c7:8d:75:0a:c4:d2:85:2e:69:fa:d6:a1:54:
d3:15:bd:7a:66:ba:9d:a0:7e:15:50:da:ea:6a:a4:ae:63:e2:
83:25:b9:52:ca:cc:59:03:db:44:68:8c:2d:88:80:af:a3:2e:
21:e7:0f:29
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYzeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTQwODM4WhcNMjUwODExMTQwODM4WjAYMRYw
FAYDVQQDEw02ODZlNzdlYi1iNWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAooPFlR9q02hzNzmoUpKZe7xy1afkpks9NJKeBbWJ/9p1zBl0LYyldK3J
287oU6ZBIM2LlwX+nBVeW9ZnVCecUiSpj1TtUVUrzYSektZ/f5OVCg4hJxJaINs4
msdEKbaDSpru7zRTliza5kf1X9ccOqitaAa9tEXD86VuyNPocTvdfckcZNN/gyk4
ojmlFhiUQHZfOg/UfSvSz+ocCwvyq6XBllq/nk0emgATZutPIqLrZbtPY4hgGvAV
U5YeJXWzBSQlOIWd+7cmBU+1Qh/QUmtMFylJfilwUIVH/2qGTj2Z7oapDi1NnyM0
I0QpXPbgJLqHdNv/JWc/iS5QIhHsDQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFEKF
aLB4C6BW1IvEyQTfvy85PfB7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODQzNzlFODVDQ0UxMUYwODlBNEVFN0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsU8AwQBmsVWMA0GCSqG
SIb3DQEBCwUAA4IBAQDT8evvyQtUdi9is0QwwSOKEuHN9YrpfGet6QIhcYlECsM1
sXd2Puu1Uhufv6OL1kq+LcXwhO63e1fmNJopoyaieQdC123s81SG20wLRd8sddeK
1Hb9TfvF2ySOyWIpdZISuq8sZDb3eMBiNE4JpTxriaCi40hbIs9+4h+/pZP1LE0D
Y/qTWPPsLd477eVLd3EkIMMRvIYdcZWmRqZ48gcQepKlhfVqSjxkGp+3gHCjWE4X
Lz5y+ujd1K2vmVzzonjNlrl2MIoxgpzN3seNdQrE0oUuafrWoVTTFb16ZrqdoH4V
UNrqaqSuY+KDJblSysxZA9tEaIwtiICvoy4h5w8p
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:38:28 2025 by rpki-client