Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CB5A28065F611F09616A382DAE4EC9C.roa
File: 4CB5A28065F611F09616A382DAE4EC9C.roa (raw, json)
Hash identifier: j9NX3iVSV/SI32rgdSeNAZV+PqL+BtvfJvVBPMxrKw8=
Subject key identifier: 98:21:69:58:0A:ED:79:0F:3A:46:B9:0F:80:63:1F:73:77:62:2D:AA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E6B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CB5A28065F611F09616A382DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 05:48:18 +0000
ROA not before: Mon 21 Jul 2025 05:48:12 +0000
ROA not after: Sun 24 Aug 2025 05:48:12 +0000
asID: 214238
IP address blocks: 154.81.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 25 Jul 2025 00:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101995 (0x18e6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 21 05:48:12 2025 GMT
Not After : Aug 24 05:48:12 2025 GMT
Subject: CN=687dd4a1-c024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fd:45:24:b9:eb:d3:7f:7b:81:b2:a2:96:b8:
82:de:90:c1:eb:38:4f:b0:c8:b7:94:f5:1f:a1:2e:
1a:51:d9:4d:37:08:83:bf:77:12:1e:05:da:aa:67:
92:5e:fd:eb:2b:98:8d:75:6f:65:15:96:93:78:ad:
71:4b:45:96:1e:96:a0:cd:6e:41:03:7e:32:31:ae:
cf:61:c6:11:f9:20:a3:3d:fe:c4:a4:fb:3c:66:2e:
27:3d:d6:89:81:69:1c:df:bc:36:dd:d6:d7:c6:89:
57:21:c3:42:bf:65:c8:e8:28:43:85:c9:38:34:6f:
85:6c:e0:41:7a:af:e5:7f:f8:35:13:b6:e6:e2:8c:
c2:8d:55:2b:17:9a:a6:07:03:89:57:89:3c:a0:6f:
47:62:16:13:87:8b:03:b2:c8:6b:7b:b9:83:81:a8:
6e:29:38:6b:b2:72:f0:1f:82:ce:5a:ea:32:03:25:
e6:17:aa:18:fc:56:17:b4:dc:68:39:3a:88:42:96:
37:b8:0b:aa:bf:96:58:f6:e6:93:eb:58:3c:05:e0:
21:11:ac:60:8d:3c:05:36:58:d5:bd:c6:37:86:3d:
dc:60:e3:54:74:66:aa:83:2a:0c:98:5f:07:cc:a8:
18:d4:a0:31:3a:c3:23:11:24:b7:08:eb:63:47:08:
5b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:21:69:58:0A:ED:79:0F:3A:46:B9:0F:80:63:1F:73:77:62:2D:AA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CB5A28065F611F09616A382DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.193.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e9:54:6b:f3:69:7c:b6:24:6f:00:cc:67:23:19:4f:d3:10:
5a:81:18:0d:d0:22:02:2f:73:8e:0e:c9:7e:ef:db:c3:65:40:
bc:c8:0b:0f:e6:a1:a6:37:ca:44:85:91:35:66:b4:56:d1:18:
f9:2a:c8:d5:04:68:4d:d5:26:f0:99:0a:87:15:c9:09:d1:39:
f9:3e:7c:3e:ac:6f:77:47:70:a5:4c:94:d4:3c:1a:32:54:47:
63:20:3e:3b:0f:ed:ee:98:78:63:ac:8c:78:fe:58:06:4b:83:
28:83:2d:39:81:2e:1d:d5:42:ab:46:96:4b:b1:5f:c9:f1:88:
69:2a:d7:6a:75:36:f5:1b:dc:92:e2:89:ed:c9:83:aa:37:58:
2d:a5:89:d7:36:67:d0:09:2d:8d:47:99:04:f3:8e:b2:29:dd:
49:03:3f:16:0d:d5:2f:13:ef:83:63:8a:72:7f:37:bf:4e:aa:
2d:41:58:24:ee:21:71:0e:83:68:17:59:27:2f:c0:d2:b0:8d:
14:0d:67:75:22:15:b0:74:62:3a:01:c9:ec:0b:ed:40:fb:08:
90:75:6b:24:76:4d:db:20:7c:70:63:a9:0b:fd:8c:6b:2a:b9:
e7:9c:ac:57:37:01:68:23:78:8d:cd:59:42:d5:91:ee:29:44:
8f:e5:81:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY5rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIxMDU0ODEyWhcNMjUwODI0MDU0ODEyWjAYMRYw
FAYDVQQDEw02ODdkZDRhMS1jMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApv1FJLnr0397gbKilriC3pDB6zhPsMi3lPUfoS4aUdlNNwiDv3cSHgXa
qmeSXv3rK5iNdW9lFZaTeK1xS0WWHpagzW5BA34yMa7PYcYR+SCjPf7EpPs8Zi4n
PdaJgWkc37w23dbXxolXIcNCv2XI6ChDhck4NG+FbOBBeq/lf/g1E7bm4ozCjVUr
F5qmBwOJV4k8oG9HYhYTh4sDsshre7mDgahuKThrsnLwH4LOWuoyAyXmF6oY/FYX
tNxoOTqIQpY3uAuqv5ZY9uaT61g8BeAhEaxgjTwFNljVvcY3hj3cYONUdGaqgyoM
mF8HzKgY1KAxOsMjESS3COtjRwhbIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJgh
aVgK7XkPOka5D4BjH3N3Yi2qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Q0I1QTI4MDY1RjYxMUYwOTYxNkEzODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlHBMA0GCSqGSIb3DQEB
CwUAA4IBAQCP6VRr82l8tiRvAMxnIxlP0xBagRgN0CICL3OODsl+79vDZUC8yAsP
5qGmN8pEhZE1ZrRW0Rj5KsjVBGhN1SbwmQqHFckJ0Tn5Pnw+rG93R3ClTJTUPBoy
VEdjID47D+3umHhjrIx4/lgGS4Mogy05gS4d1UKrRpZLsV/J8YhpKtdqdTb1G9yS
4ontyYOqN1gtpYnXNmfQCS2NR5kE846yKd1JAz8WDdUvE++DY4pyfze/TqotQVgk
7iFxDoNoF1knL8DSsI0UDWd1IhWwdGI6AcnsC+1A+wiQdWskdk3bIHxwY6kL/Yxr
KrnnnKxXNwFoI3iNzVlC1ZHuKUSP5YFZ
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:47:36 2025 by rpki-client