Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BFABA5E599711F0B3986390DAE4EC9C.roa
File: 8BFABA5E599711F0B3986390DAE4EC9C.roa (raw, json)
Hash identifier: GKwydQNq4K+xAP2AQsoKCo8d6Smt132vzgBIzJ3cJuI=
Subject key identifier: 2E:C3:F3:DE:99:42:18:3F:F2:EF:B7:2C:03:56:85:0A:04:A2:56:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018AEC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BFABA5E599711F0B3986390DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 11:59:47 +0000
ROA not before: Sat 05 Jul 2025 11:59:42 +0000
ROA not after: Wed 13 Aug 2025 11:59:42 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101100 (0x18aec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 11:59:42 2025 GMT
Not After : Aug 13 11:59:42 2025 GMT
Subject: CN=686913b3-7b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:93:2f:a6:91:d8:66:85:92:8f:8a:0b:ae:
3b:0c:05:5e:33:78:48:c0:68:36:54:bb:d5:df:bb:
52:23:69:01:2a:e3:ec:aa:b5:eb:92:dc:e9:db:6c:
9d:af:2a:6d:a0:5a:1c:25:65:7c:01:3a:09:4f:a2:
79:0d:5a:27:95:3a:45:1a:4b:9d:75:39:d7:c0:65:
30:d8:bc:95:40:be:7d:fe:53:f0:ea:bf:e7:0d:02:
0f:b2:9f:0c:41:b7:5b:6c:39:c7:d6:a4:62:ef:b7:
61:90:30:fc:74:59:24:ce:09:c5:b8:92:b4:71:aa:
e7:ae:82:47:1a:94:de:d8:42:2c:1e:27:b1:91:24:
95:92:c1:d0:77:8d:f5:dd:3c:f8:ae:08:92:51:d9:
64:bc:56:e1:2b:ff:3e:a8:f8:d2:bb:8d:47:a0:28:
c2:b4:20:6a:b4:4e:49:e0:31:d7:34:c7:6c:39:09:
f2:2c:57:e5:93:c1:6c:3f:f9:c2:a9:63:db:55:bd:
62:64:8e:1e:ae:da:3f:19:92:73:90:a4:73:cc:e0:
36:e3:0b:4f:2e:4b:20:d8:b7:f9:ac:70:f9:ce:10:
f1:d5:d9:36:26:63:d9:21:d9:e4:b1:a5:05:3b:67:
7c:f2:e4:eb:11:75:09:9c:66:01:66:0d:ca:e5:bd:
29:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C3:F3:DE:99:42:18:3F:F2:EF:B7:2C:03:56:85:0A:04:A2:56:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BFABA5E599711F0B3986390DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
59:34:ec:d3:77:e7:da:84:3a:e3:3f:61:71:10:21:c4:fd:e5:
0b:32:69:9e:b9:ec:02:00:3d:28:21:22:00:b7:fd:cb:e6:97:
90:b4:b9:04:3f:1a:99:57:a0:cd:41:c6:6f:ce:5a:9d:b9:df:
ff:d7:8a:d1:79:6f:d1:c5:ac:43:f3:fb:41:36:40:0c:6c:4e:
a5:76:92:3e:30:0e:ab:28:c5:72:74:94:88:97:ca:1e:db:53:
62:80:27:13:df:81:ea:82:79:7c:cf:a8:85:89:42:4b:3c:2f:
11:63:f1:b7:ef:dd:fd:40:4a:41:17:cb:7e:00:00:d7:ab:65:
e2:28:73:ba:a9:71:40:78:5f:39:ec:71:8a:13:3a:71:79:4c:
4d:9f:54:58:9f:94:d5:8b:78:9f:6b:ca:50:88:46:2b:58:b4:
00:48:0b:65:91:72:7b:d8:4a:6c:0b:e4:95:56:a6:0a:16:f7:
7d:03:ef:b9:d2:2f:ac:34:93:de:13:90:7f:b5:6a:d1:46:fc:
21:f1:3b:8a:2f:ec:e3:fb:26:d8:7d:fc:43:77:58:e8:4d:cc:
77:2d:b7:ca:49:38:b6:b5:51:cd:c9:6d:4d:01:b4:f3:92:11:
da:b1:c0:14:70:09:ce:7d:77:51:32:02:44:6b:6b:88:0f:b9:
5d:4b:8c:78
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYrsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTE1OTQyWhcNMjUwODEzMTE1OTQyWjAYMRYw
FAYDVQQDEw02ODY5MTNiMy03YjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsmmTL6aR2GaFko+KC647DAVeM3hIwGg2VLvV37tSI2kBKuPsqrXrktzp
22ydryptoFocJWV8AToJT6J5DVonlTpFGkuddTnXwGUw2LyVQL59/lPw6r/nDQIP
sp8MQbdbbDnH1qRi77dhkDD8dFkkzgnFuJK0carnroJHGpTe2EIsHiexkSSVksHQ
d4313Tz4rgiSUdlkvFbhK/8+qPjSu41HoCjCtCBqtE5J4DHXNMdsOQnyLFflk8Fs
P/nCqWPbVb1iZI4erto/GZJzkKRzzOA24wtPLksg2Lf5rHD5zhDx1dk2JmPZIdnk
saUFO2d88uTrEXUJnGYBZg3K5b0pkQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFC7D
896ZQhg/8u+3LANWhQoEolYOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QkZBQkE1RTU5OTcxMUYwQjM5ODYzOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQBZNOzTd+fahDrjP2FxECHE/eULMmmeuewCAD0oISIAt/3L
5peQtLkEPxqZV6DNQcZvzlqdud//14rReW/RxaxD8/tBNkAMbE6ldpI+MA6rKMVy
dJSIl8oe21NigCcT34Hqgnl8z6iFiUJLPC8RY/G37939QEpBF8t+AADXq2XiKHO6
qXFAeF857HGKEzpxeUxNn1RYn5TVi3ifa8pQiEYrWLQASAtlkXJ72EpsC+SVVqYK
Fvd9A++50i+sNJPeE5B/tWrRRvwh8TuKL+zj+ybYffxDd1joTcx3LbfKSTi2tVHN
yW1NAbTzkhHascAUcAnOfXdRMgJEa2uID7ldS4x4
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:59:02 2025 by rpki-client