Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA9A5DCA5CE411F0B24F448FDAE4EC9C.roa
File: FA9A5DCA5CE411F0B24F448FDAE4EC9C.roa (raw, json)
Hash identifier: ZD0blviI3oFkBD0uSF7jsf6EpnDWgGLq4CkamwpLkRU=
Subject key identifier: 5A:CB:05:13:CA:EC:EA:3C:21:06:B5:3B:AE:A2:98:AB:91:0E:B6:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018CEE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA9A5DCA5CE411F0B24F448FDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 16:51:38 +0000
ROA not before: Wed 09 Jul 2025 16:51:32 +0000
ROA not after: Wed 13 Aug 2025 16:51:32 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101614 (0x18cee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 9 16:51:32 2025 GMT
Not After : Aug 13 16:51:32 2025 GMT
Subject: CN=686e9e1a-04f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:63:fc:75:8d:f0:93:02:bc:fa:b6:84:12:ac:
db:7d:65:8b:1f:18:b7:36:58:a9:02:f5:bc:1b:4a:
9d:6b:54:9e:2b:1b:e5:79:5d:80:de:97:b8:3f:0e:
4b:61:e9:cb:28:58:81:76:78:66:73:ad:df:53:6d:
6e:ca:3e:2c:eb:5f:b6:8a:e3:85:01:a2:55:0f:68:
50:11:1c:8e:28:3a:e7:56:b5:51:9f:83:e3:7f:83:
b3:21:9c:9a:91:0b:d3:91:bc:10:a1:b6:d6:67:d3:
21:f7:63:ab:6a:90:6d:0b:71:c3:13:7d:26:76:a5:
bf:25:43:56:54:22:d0:e5:ba:6d:4d:ae:8d:a4:7e:
0d:d5:2a:a8:fb:b8:93:cf:ab:0f:a1:f8:22:a1:f4:
80:b1:03:51:74:22:ed:ca:94:02:ba:08:c6:34:be:
50:58:ba:9f:16:1e:1e:05:14:f1:ee:96:5f:d6:c3:
c3:e3:a6:dd:f3:52:1e:10:4f:62:79:86:06:c7:a8:
74:fe:bc:48:68:ab:2b:8c:74:a0:5f:f5:d4:d3:a3:
08:ed:02:c0:85:62:a0:4b:21:49:28:c9:68:99:ae:
1c:5f:35:43:3d:8c:0c:fa:18:62:71:36:46:62:d4:
e1:94:8d:6f:d3:55:60:20:8a:c4:3e:3a:c4:97:bf:
0c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CB:05:13:CA:EC:EA:3C:21:06:B5:3B:AE:A2:98:AB:91:0E:B6:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA9A5DCA5CE411F0B24F448FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:00:ea:d7:19:45:66:ea:e7:cb:05:85:f3:e9:ff:ce:bd:4f:
f2:03:b0:06:0a:d6:cc:d5:4f:18:bb:15:34:d0:02:b2:0a:bf:
29:27:01:af:e5:fc:d4:2a:ce:fb:ad:94:51:46:24:a8:34:8e:
23:39:c9:71:1c:d8:70:5a:66:7a:3e:d3:04:e0:3f:f8:00:1b:
fe:15:09:28:f4:f9:b0:ad:ac:d9:0a:c8:07:e2:74:3d:c3:85:
c6:30:a2:d7:6b:82:f0:ba:1a:0d:fd:6a:58:b2:dd:27:34:80:
ad:a9:60:7b:c4:c1:eb:10:97:2a:6f:3c:e6:64:a8:29:68:84:
eb:59:6d:26:81:e3:7b:57:c3:b2:16:40:84:b5:3a:5f:bb:e7:
0d:93:f0:5e:36:45:50:3f:ad:0b:b4:5b:94:c3:48:18:ea:52:
99:8e:e6:93:af:ee:df:ed:68:0a:50:e4:51:63:45:74:94:62:
f1:50:5d:af:d4:07:3c:8d:6f:4a:f0:21:cd:7c:00:bc:c8:6b:
a6:0b:4d:e4:9e:d4:f8:46:c4:e3:4f:71:4b:fc:f7:ba:a0:02:
e4:32:70:46:6d:af:e3:31:71:99:bb:c7:60:13:bb:f9:87:71:
e4:8c:e3:20:73:b9:98:b5:7f:f3:6b:44:b6:27:a0:2c:e6:4e:
b1:be:35:cc
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYzuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA5MTY1MTMyWhcNMjUwODEzMTY1MTMyWjAYMRYw
FAYDVQQDEw02ODZlOWUxYS0wNGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp2P8dY3wkwK8+raEEqzbfWWLHxi3NlipAvW8G0qda1SeKxvleV2A3pe4
Pw5LYenLKFiBdnhmc63fU21uyj4s61+2iuOFAaJVD2hQERyOKDrnVrVRn4Pjf4Oz
IZyakQvTkbwQobbWZ9Mh92OrapBtC3HDE30mdqW/JUNWVCLQ5bptTa6NpH4N1Sqo
+7iTz6sPofgiofSAsQNRdCLtypQCugjGNL5QWLqfFh4eBRTx7pZf1sPD46bd81Ie
EE9ieYYGx6h0/rxIaKsrjHSgX/XU06MI7QLAhWKgSyFJKMloma4cXzVDPYwM+hhi
cTZGYtThlI1v01VgIIrEPjrEl78MhQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFrL
BRPK7Oo8IQa1O66imKuRDrbYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTlBNURDQTVDRTQxMUYwQjI0RjQ0OEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQCxAOrXGUVm6ufLBYXz6f/OvU/yA7AGCtbM1U8YuxU00AKy
Cr8pJwGv5fzUKs77rZRRRiSoNI4jOclxHNhwWmZ6PtME4D/4ABv+FQko9PmwrazZ
CsgH4nQ9w4XGMKLXa4LwuhoN/WpYst0nNICtqWB7xMHrEJcqbzzmZKgpaITrWW0m
geN7V8OyFkCEtTpfu+cNk/BeNkVQP60LtFuUw0gY6lKZjuaTr+7f7WgKUORRY0V0
lGLxUF2v1Ac8jW9K8CHNfAC8yGumC03kntT4RsTjT3FL/Pe6oALkMnBGba/jMXGZ
u8dgE7v5h3HkjOMgc7mYtX/za0S2J6As5k6xvjXM
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:34:25 2025 by rpki-client