Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE94F6DA5A9211F0A7CEE7EADAE4EC9C.roa
File: CE94F6DA5A9211F0A7CEE7EADAE4EC9C.roa (raw, json)
Hash identifier: sPjURx1v5sJrpWjOF5d7krvHv5RGd/HPrXYuWmEXnYM=
Subject key identifier: 1F:81:D2:F9:99:F0:DF:E8:DB:BC:D9:87:3C:9B:C7:6B:4E:3B:A0:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018B9E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE94F6DA5A9211F0A7CEE7EADAE4EC9C.roa
Signing time: Sun 06 Jul 2025 17:58:23 +0000
ROA not before: Sun 06 Jul 2025 17:58:18 +0000
ROA not after: Wed 13 Aug 2025 17:58:18 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101278 (0x18b9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 17:58:18 2025 GMT
Not After : Aug 13 17:58:18 2025 GMT
Subject: CN=686ab93f-d12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:83:d5:f2:84:54:8d:37:e1:3b:6f:fa:01:6d:
8f:c6:c1:1b:5a:f9:cf:a5:5f:d8:62:27:99:a5:28:
5e:12:3c:e4:b5:d3:31:32:55:15:01:67:71:81:b9:
70:52:5f:bc:73:89:d0:a3:10:3e:86:a8:fa:fa:37:
cd:c9:d7:17:46:13:b8:fe:f4:05:f4:de:9b:b3:3c:
0c:40:fe:0b:b1:d8:bc:63:2e:e0:8a:96:3e:f7:7d:
da:6c:f3:31:72:40:60:5e:bc:ba:f7:20:90:b2:1e:
5f:45:42:a9:72:a5:65:08:30:22:f7:34:f1:82:82:
b5:36:c9:c9:b3:7f:94:e5:eb:91:9f:64:08:42:d0:
8c:2f:9c:30:ca:5c:f7:76:72:2e:d0:02:7b:fd:55:
ca:d4:05:1f:97:28:c1:b6:c4:c8:4d:68:0e:19:af:
df:cb:2a:8c:58:6f:bd:2d:4d:de:6c:d5:14:c1:7b:
1a:df:d7:f9:e0:18:1d:17:e6:1f:e1:d5:38:d7:18:
e1:c9:7d:71:37:bd:5b:60:94:6e:06:75:07:72:d8:
bc:d1:6a:67:dc:50:e4:b9:80:3e:a8:b0:e8:5e:ec:
1c:09:ce:68:0b:4c:61:40:33:d7:00:cb:46:e3:51:
df:7b:ba:77:94:23:bd:9e:5c:22:eb:54:5c:77:ab:
d4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:81:D2:F9:99:F0:DF:E8:DB:BC:D9:87:3C:9B:C7:6B:4E:3B:A0:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE94F6DA5A9211F0A7CEE7EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
11:35:a7:47:a2:76:a1:88:45:d9:cd:46:47:45:1c:c7:ee:a5:
25:1c:33:ba:db:d8:a2:b8:ab:69:b3:c5:bf:12:cf:d6:c6:47:
af:d3:62:ef:b4:9e:3d:81:ab:00:65:64:87:39:f7:4d:ee:22:
ef:5c:7f:d3:67:f6:9f:a6:5b:fb:8b:22:80:ac:76:cc:d6:fd:
e3:8b:0f:be:a3:39:49:ca:d6:56:2c:8a:8a:be:cc:19:37:bb:
ad:35:a0:14:f3:b2:f2:26:dd:cb:8f:70:47:75:db:fa:f2:22:
ee:00:95:d6:69:2a:43:cd:70:e7:3f:f1:30:bc:d9:3e:6b:3e:
2a:c7:2d:f6:af:70:56:67:df:81:96:1e:5f:fc:72:38:b3:35:
ca:4f:87:f1:20:be:66:07:ab:57:3a:71:a5:14:76:d9:a0:df:
92:40:f9:49:32:80:f7:10:99:fa:d8:52:59:6e:16:05:91:c8:
3e:a3:d6:62:07:c6:97:29:62:21:35:89:6f:03:f5:e4:e4:66:
13:7b:da:0f:4e:b1:cb:3c:1c:87:4f:10:5c:d8:64:f6:a4:95:
22:0b:b0:d5:6b:13:f4:07:4c:ab:7b:45:cf:a9:15:8b:8b:69:
d9:5b:40:91:e0:c0:27:f6:19:91:74:ec:4c:b4:a1:de:bf:11:
63:27:92:41
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYueMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MTc1ODE4WhcNMjUwODEzMTc1ODE4WjAYMRYw
FAYDVQQDEw02ODZhYjkzZi1kMTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvYPV8oRUjTfhO2/6AW2PxsEbWvnPpV/YYieZpSheEjzktdMxMlUVAWdx
gblwUl+8c4nQoxA+hqj6+jfNydcXRhO4/vQF9N6bszwMQP4Lsdi8Yy7gipY+933a
bPMxckBgXry69yCQsh5fRUKpcqVlCDAi9zTxgoK1NsnJs3+U5euRn2QIQtCML5ww
ylz3dnIu0AJ7/VXK1AUflyjBtsTITWgOGa/fyyqMWG+9LU3ebNUUwXsa39f54Bgd
F+Yf4dU41xjhyX1xN71bYJRuBnUHcti80Wpn3FDkuYA+qLDoXuwcCc5oC0xhQDPX
AMtG41Hfe7p3lCO9nlwi61Rcd6vUswIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFB+B
0vmZ8N/o27zZhzybx2tOO6DoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTk0RjZEQTVBOTIxMUYwQTdDRUU3RUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQARNadHonahiEXZzUZHRRzH7qUlHDO629iiuKtps8W/Es/W
xkev02LvtJ49gasAZWSHOfdN7iLvXH/TZ/afplv7iyKArHbM1v3jiw++ozlJytZW
LIqKvswZN7utNaAU87LyJt3Lj3BHddv68iLuAJXWaSpDzXDnP/EwvNk+az4qxy32
r3BWZ9+Blh5f/HI4szXKT4fxIL5mB6tXOnGlFHbZoN+SQPlJMoD3EJn62FJZbhYF
kcg+o9ZiB8aXKWIhNYlvA/Xk5GYTe9oPTrHLPByHTxBc2GT2pJUiC7DVaxP0B0yr
e0XPqRWLi2nZW0CR4MAn9hmRdOxMtKHevxFjJ5JB
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:46 2025 by rpki-client