Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9295FA45E4711F08CA99BDDDAE4EC9C.roa
File: A9295FA45E4711F08CA99BDDDAE4EC9C.roa (raw, json)
Hash identifier: nFMD/Nkp4YuoSgMpNwy1Mg9Z4aPygtGqMO+d6ezK1F0=
Subject key identifier: 5F:E1:6B:8B:E7:6B:B8:E8:33:7D:08:B0:22:8C:F5:90:56:94:26:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018D60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9295FA45E4711F08CA99BDDDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 11:10:32 +0000
ROA not before: Fri 11 Jul 2025 11:10:28 +0000
ROA not after: Sun 09 Aug 2026 11:10:28 +0000
asID: 984
IP address blocks: 154.83.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101728 (0x18d60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 11 11:10:28 2025 GMT
Not After : Aug 9 11:10:28 2026 GMT
Subject: CN=6870f128-248b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:22:ac:79:c0:8f:35:4a:65:7e:f9:e5:c4:f5:
85:63:37:b6:aa:fe:80:35:55:7b:52:f8:6c:e3:22:
ea:37:d4:3b:bc:8b:ed:a4:fa:a1:33:49:17:b8:ef:
0c:b7:25:2e:f8:d7:a7:85:fe:c3:d8:4c:9f:bb:a4:
8c:6a:60:b9:cb:05:9d:58:12:81:0b:85:c1:48:61:
dc:0f:e2:51:19:9d:5a:78:03:71:1a:16:d4:34:8e:
ae:42:61:a2:bd:42:f6:40:c7:90:8a:dc:c7:65:b3:
f3:9d:0b:6b:1e:07:ae:a8:5f:67:52:ba:a0:8e:b0:
e5:7d:ee:08:e9:fc:b5:74:8b:44:dc:9c:22:fc:bc:
79:94:49:8f:cb:37:20:cb:cb:05:05:1d:44:84:41:
dd:e4:6c:65:b4:f6:27:33:da:93:fb:f3:d0:aa:07:
d6:53:06:c9:15:83:f4:76:4f:fa:93:fa:a3:a4:49:
48:2b:ff:73:d6:f5:22:b3:32:e0:60:95:ab:ce:4c:
ea:75:9c:35:76:82:99:4c:4d:d0:60:c8:1a:ac:0b:
26:19:6a:77:d3:25:d8:aa:c5:ef:77:93:c8:66:8d:
fe:03:98:fa:2e:7c:be:a5:8d:1b:5c:15:1b:f2:73:
fc:46:98:62:8d:0f:2b:1e:39:d3:22:3f:85:b9:43:
dd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E1:6B:8B:E7:6B:B8:E8:33:7D:08:B0:22:8C:F5:90:56:94:26:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9295FA45E4711F08CA99BDDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.157.0/24
Signature Algorithm: sha256WithRSAEncryption
32:35:d5:1b:e5:dd:e0:e9:de:21:79:b2:8c:f9:a6:88:56:ac:
63:2e:4f:60:a8:51:ca:55:84:98:d8:a0:07:b7:6f:91:ae:83:
45:4a:fa:71:5d:e7:e4:4c:25:60:41:cc:42:ea:b1:36:a7:6d:
df:3b:87:c1:82:49:67:8f:d4:53:bb:8f:48:5b:9a:a1:80:26:
a0:6e:21:48:16:38:f8:b1:5a:44:9b:f3:b0:04:f8:29:1c:27:
d1:d5:39:a7:ce:15:46:56:2c:8f:1e:6e:57:46:54:c6:7f:27:
03:fa:cf:50:81:bb:7b:5b:d0:ab:88:2f:fe:f5:2f:c9:39:46:
4c:3e:37:cc:29:3c:15:70:ea:c6:3e:6c:a8:5c:1b:d7:7c:38:
1a:c2:29:91:c3:af:89:f1:fa:a1:9a:eb:17:fe:c6:ab:45:01:
88:86:92:46:ba:90:92:b4:32:28:e6:4e:8a:4d:aa:6a:f1:c0:
e4:dc:17:78:5e:ff:02:f7:83:a5:fa:5f:84:b9:2a:bb:fa:dc:
a8:5c:23:ed:2b:cd:ba:11:86:c6:4c:3d:b2:1f:78:69:52:fd:
69:fa:3f:51:32:8f:cf:d7:bf:fc:d9:c5:90:a4:62:a2:d1:ac:
4a:5a:31:0d:63:0a:73:23:8b:e5:1c:e1:11:5b:86:21:d5:4f:
a3:b2:96:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY1gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzExMTExMDI4WhcNMjYwODA5MTExMDI4WjAYMRYw
FAYDVQQDEw02ODcwZjEyOC0yNDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9CKsecCPNUplfvnlxPWFYze2qv6ANVV7Uvhs4yLqN9Q7vIvtpPqhM0kX
uO8MtyUu+Nenhf7D2Eyfu6SMamC5ywWdWBKBC4XBSGHcD+JRGZ1aeANxGhbUNI6u
QmGivUL2QMeQitzHZbPznQtrHgeuqF9nUrqgjrDlfe4I6fy1dItE3Jwi/Lx5lEmP
yzcgy8sFBR1EhEHd5GxltPYnM9qT+/PQqgfWUwbJFYP0dk/6k/qjpElIK/9z1vUi
szLgYJWrzkzqdZw1doKZTE3QYMgarAsmGWp30yXYqsXvd5PIZo3+A5j6Lny+pY0b
XBUb8nP8RphijQ8rHjnTIj+FuUPdcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF/h
a4vna7joM30IsCKM9ZBWlCb3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOTI5NUZBNDVFNDcxMUYwOENBOTlCREREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOdMA0GCSqGSIb3DQEB
CwUAA4IBAQAyNdUb5d3g6d4hebKM+aaIVqxjLk9gqFHKVYSY2KAHt2+RroNFSvpx
XefkTCVgQcxC6rE2p23fO4fBgklnj9RTu49IW5qhgCagbiFIFjj4sVpEm/OwBPgp
HCfR1TmnzhVGViyPHm5XRlTGfycD+s9Qgbt7W9CriC/+9S/JOUZMPjfMKTwVcOrG
PmyoXBvXfDgawimRw6+J8fqhmusX/sarRQGIhpJGupCStDIo5k6KTapq8cDk3Bd4
Xv8C94Ol+l+EuSq7+tyoXCPtK826EYbGTD2yH3hpUv1p+j9RMo/P17/82cWQpGKi
0axKWjENYwpzI4vlHOERW4Yh1U+jspZm
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:02:35 2025 by rpki-client