Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/822E9B16624911F0B1569482DAE4EC9C.roa
File: 822E9B16624911F0B1569482DAE4EC9C.roa (raw, json)
Hash identifier: oCVBukc4wuMDx04D7DzvwXNF8EbiEtoUDcOY9bzlC1c=
Subject key identifier: C3:95:6B:E1:1C:05:1C:98:98:D9:CE:0F:A2:74:52:5B:46:B0:66:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E03
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/822E9B16624911F0B1569482DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 13:33:51 +0000
ROA not before: Wed 16 Jul 2025 13:33:46 +0000
ROA not after: Fri 25 Jul 2025 13:33:46 +0000
asID: 3561
IP address blocks: 154.197.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101891 (0x18e03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 16 13:33:46 2025 GMT
Not After : Jul 25 13:33:46 2025 GMT
Subject: CN=6877aa3f-c46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:34:e0:6e:3e:5a:0e:66:19:8e:06:49:19:6d:
ff:b0:83:30:d0:99:56:2f:f9:09:3c:48:0a:4f:d9:
e5:a8:6d:bb:a8:0e:36:42:51:90:7d:c2:5d:f6:02:
af:48:26:96:41:4c:8b:aa:69:7b:ea:16:37:32:ee:
2b:85:0c:5a:1d:ed:05:ac:f2:02:0a:a6:0e:99:16:
c4:e2:67:e5:f5:1c:c4:1a:50:c5:3e:ad:22:b3:bc:
96:64:b7:bf:75:c8:d8:98:97:d5:9b:5a:8a:d0:94:
cf:96:ac:d9:5d:27:48:1d:72:0f:db:72:f8:2e:4f:
65:3b:4e:57:54:a9:d2:7e:5c:e6:8e:c1:1d:48:28:
c0:c5:92:f9:7f:9a:60:02:18:e9:52:0b:c1:95:20:
be:db:59:fa:cf:0a:7c:b3:b7:33:7c:e6:57:57:b3:
1d:a1:8e:6b:bd:f3:41:1c:fa:23:db:fb:f9:fe:f8:
8c:56:dc:1d:d9:fa:f8:57:95:ed:65:33:9a:24:c3:
c1:94:49:98:4e:91:47:31:21:96:37:53:98:69:20:
3e:0a:66:7d:98:a8:c7:c3:ed:f3:ef:bc:a4:3b:51:
db:5c:73:4b:bd:23:ae:9e:c8:39:e6:ab:b3:80:66:
0e:06:5e:70:72:c1:5a:b6:43:7f:f1:76:2a:de:c6:
61:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:95:6B:E1:1C:05:1C:98:98:D9:CE:0F:A2:74:52:5B:46:B0:66:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/822E9B16624911F0B1569482DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.8.0/22
Signature Algorithm: sha256WithRSAEncryption
89:4f:32:68:5b:14:70:41:b2:03:06:54:b4:a0:1b:af:f1:e3:
71:61:57:2f:ac:b8:7a:07:bd:f9:46:7a:30:a2:10:4a:68:93:
93:4b:56:49:d3:16:99:d5:6c:de:02:1b:69:e0:be:06:c1:21:
25:bb:b8:da:92:fe:ff:db:41:79:8d:02:5e:78:cd:ff:e3:fc:
42:a5:22:7c:f2:4a:bc:f0:3d:c2:dc:a9:7d:3e:70:d3:1d:44:
4d:cd:60:a3:0f:b0:ce:cf:4d:87:18:55:45:e6:9e:41:96:8d:
31:6b:51:88:a3:4f:97:10:ed:67:0b:ff:fa:2d:f0:9c:0c:d2:
33:d4:c3:ee:61:3a:eb:8e:43:9e:29:dd:e4:5a:db:70:11:a3:
c6:1c:95:70:a1:0d:7c:10:53:d0:0d:bc:19:72:d5:08:13:e0:
b3:34:ad:5e:b0:04:b9:d1:ba:6e:77:02:f9:b0:00:e5:d0:9e:
8a:0f:9a:ae:c9:62:59:e6:cd:2f:31:32:87:c2:a8:e8:55:0d:
3a:e0:33:1f:8d:81:6a:4b:9d:89:aa:9f:44:7f:45:78:7b:89:
98:2e:7b:a0:13:6d:ee:47:0b:85:f5:13:1c:b7:1b:db:95:e0:
56:2b:72:fd:27:ae:c6:b4:9b:75:2b:03:48:d2:93:10:24:b8:
e2:2a:08:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY4DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE2MTMzMzQ2WhcNMjUwNzI1MTMzMzQ2WjAYMRYw
FAYDVQQDEw02ODc3YWEzZi1jNDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqTTgbj5aDmYZjgZJGW3/sIMw0JlWL/kJPEgKT9nlqG27qA42QlGQfcJd
9gKvSCaWQUyLqml76hY3Mu4rhQxaHe0FrPICCqYOmRbE4mfl9RzEGlDFPq0is7yW
ZLe/dcjYmJfVm1qK0JTPlqzZXSdIHXIP23L4Lk9lO05XVKnSflzmjsEdSCjAxZL5
f5pgAhjpUgvBlSC+21n6zwp8s7czfOZXV7MdoY5rvfNBHPoj2/v5/viMVtwd2fr4
V5XtZTOaJMPBlEmYTpFHMSGWN1OYaSA+CmZ9mKjHw+3z77ykO1HbXHNLvSOunsg5
5quzgGYOBl5wcsFatkN/8XYq3sZhIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMOV
a+EcBRyYmNnOD6J0UltGsGaKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MjJFOUIxNjYyNDkxMUYwQjE1Njk0ODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsUIMA0GCSqGSIb3DQEB
CwUAA4IBAQCJTzJoWxRwQbIDBlS0oBuv8eNxYVcvrLh6B735RnowohBKaJOTS1ZJ
0xaZ1WzeAhtp4L4GwSElu7jakv7/20F5jQJeeM3/4/xCpSJ88kq88D3C3Kl9PnDT
HURNzWCjD7DOz02HGFVF5p5Blo0xa1GIo0+XEO1nC//6LfCcDNIz1MPuYTrrjkOe
Kd3kWttwEaPGHJVwoQ18EFPQDbwZctUIE+CzNK1esAS50bpudwL5sADl0J6KD5qu
yWJZ5s0vMTKHwqjoVQ064DMfjYFqS52Jqp9Ef0V4e4mYLnugE23uRwuF9RMctxvb
leBWK3L9J67GtJt1KwNI0pMQJLjiKgjk
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:33:10 2025 by rpki-client