Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08E36406842911F0809D1CE9DAE4EC9C.roa
File: 08E36406842911F0809D1CE9DAE4EC9C.roa (raw, json)
Hash identifier: DAyw00cl26mvGYNPnpZ/7+8nZtMt562xiWqyBbEW49E=
Subject key identifier: B3:83:8D:E9:0B:26:18:C7:2B:84:E5:02:FD:BE:1B:55:5D:12:E0:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0199FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08E36406842911F0809D1CE9DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 16:07:03 +0000
ROA not before: Thu 28 Aug 2025 16:06:58 +0000
ROA not after: Mon 06 Oct 2025 16:06:58 +0000
asID: 44559
IP address blocks: 154.198.36.0/24 maxlen: 24
154.203.251.0/24 maxlen: 24
154.205.233.0/24 maxlen: 24
154.205.234.0/24 maxlen: 24
154.205.235.0/24 maxlen: 24
154.205.236.0/24 maxlen: 24
154.205.237.0/24 maxlen: 24
154.205.238.0/24 maxlen: 24
154.205.239.0/24 maxlen: 24
154.205.240.0/24 maxlen: 24
154.209.19.0/24 maxlen: 24
154.209.95.0/24 maxlen: 24
154.209.132.0/24 maxlen: 24
154.209.133.0/24 maxlen: 24
154.209.135.0/24 maxlen: 24
154.209.147.0/24 maxlen: 24
154.209.149.0/24 maxlen: 24
154.209.156.0/24 maxlen: 24
154.209.159.0/24 maxlen: 24
154.209.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104956 (0x199fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 16:06:58 2025 GMT
Not After : Oct 6 16:06:58 2025 GMT
Subject: CN=68b07ea7-bc67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:24:b4:01:93:06:5e:61:14:0c:34:40:c5:33:
c3:e1:ef:38:04:c4:3b:ce:09:51:00:84:76:30:a5:
bc:b9:69:f6:52:10:71:e7:1a:7a:cd:40:db:d0:fc:
81:3f:76:5c:ec:7a:af:3c:76:7c:fc:76:80:51:a4:
ee:65:a2:c0:16:69:4e:7a:f8:ea:ac:6d:72:b1:7e:
c5:00:7b:b7:ad:98:5a:52:b6:df:53:40:6c:1f:99:
57:a9:6c:ed:36:9b:a4:65:8b:2d:d6:0c:b6:5b:b0:
49:1c:8c:2d:62:63:08:af:82:6f:31:25:ff:e8:e7:
c5:af:2f:25:35:58:59:14:e5:5c:49:83:28:ca:27:
75:f9:e7:5e:a4:db:f7:73:37:e7:08:f8:eb:60:df:
8b:2d:f1:72:d2:e8:95:e2:ff:a2:03:01:1c:f0:7d:
96:4e:5c:97:0b:bc:64:f2:f6:26:d7:27:e0:96:40:
27:42:e5:0d:4b:75:c2:0f:bb:18:cb:40:7d:aa:75:
4a:ea:b6:00:23:7e:d8:21:74:79:75:ee:18:2b:29:
8b:af:32:61:e1:e6:88:16:30:d6:55:37:2e:83:a9:
48:a5:34:f3:ea:99:af:59:9f:05:55:ce:be:44:4c:
60:50:e6:72:bb:57:76:e3:26:8a:f2:c1:e2:4b:ac:
dc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:83:8D:E9:0B:26:18:C7:2B:84:E5:02:FD:BE:1B:55:5D:12:E0:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08E36406842911F0809D1CE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.36.0/24
154.203.251.0/24
154.205.233.0-154.205.240.255
154.209.19.0/24
154.209.95.0/24
154.209.132.0/23
154.209.135.0/24
154.209.147.0/24
154.209.149.0/24
154.209.156.0/24
154.209.159.0/24
154.209.192.0/24
Signature Algorithm: sha256WithRSAEncryption
29:86:c9:1a:d7:35:6e:9d:e7:8f:3a:bb:b1:ed:0d:79:c7:e4:
50:39:87:38:07:f0:53:a1:35:6e:c0:8c:ec:6c:00:01:93:44:
97:a9:cc:9f:a7:dd:35:ce:bf:e5:66:1f:35:01:30:6a:aa:be:
d2:83:19:39:a4:1c:a0:08:bd:3b:fe:de:3a:49:78:a3:e1:49:
7b:2c:6f:cb:6e:bf:66:63:35:56:96:79:12:c9:e5:61:6a:a7:
34:88:95:f6:54:c8:49:08:9b:8a:b9:6a:fe:05:38:d1:cf:6d:
f2:fd:9f:8e:bd:08:79:25:dc:d0:85:86:0f:ea:d8:74:9d:5e:
89:fc:8e:46:a1:a0:9c:10:54:54:94:ec:d1:fd:0b:59:cd:bd:
d6:1b:71:1d:f4:f9:22:9d:c1:a7:60:9d:3b:0c:0e:da:5f:80:
20:7a:c7:f9:ff:32:4a:21:3a:99:b2:1a:ce:3d:2f:35:37:4b:
19:80:aa:c7:4d:e2:f5:72:eb:8c:a8:f2:95:a9:af:11:72:b2:
bf:09:16:69:0e:b7:8a:8f:19:7a:1f:80:11:f4:44:ec:cc:62:
8e:ee:d6:38:35:f4:11:0e:b1:cb:33:d1:fe:8e:5a:aa:13:10:
a6:f9:0b:8f:e5:2b:a0:d8:d7:4c:35:c3:c8:9c:e5:51:a4:7d:
cd:be:c2:ab
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgIDAZn8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTYwNjU4WhcNMjUxMDA2MTYwNjU4WjAYMRYw
FAYDVQQDEw02OGIwN2VhNy1iYzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtiS0AZMGXmEUDDRAxTPD4e84BMQ7zglRAIR2MKW8uWn2UhBx5xp6zUDb
0PyBP3Zc7HqvPHZ8/HaAUaTuZaLAFmlOevjqrG1ysX7FAHu3rZhaUrbfU0BsH5lX
qWztNpukZYst1gy2W7BJHIwtYmMIr4JvMSX/6OfFry8lNVhZFOVcSYMoyid1+ede
pNv3czfnCPjrYN+LLfFy0uiV4v+iAwEc8H2WTlyXC7xk8vYm1yfglkAnQuUNS3XC
D7sYy0B9qnVK6rYAI37YIXR5de4YKymLrzJh4eaIFjDWVTcug6lIpTTz6pmvWZ8F
Vc6+RExgUOZyu1d24yaK8sHiS6zcZQIDAQABo4IC7zCCAuswHQYDVR0OBBYEFLOD
jekLJhjHK4TlAv2+G1VdEuAmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOEUzNjQwNjg0MjkxMUYwODA5RDFDRTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAmsYkAwQAmsv7MAwDBACa
zekDBACazfADBACa0RMDBACa0V8DBAGa0YQDBACa0YcDBACa0ZMDBACa0ZUDBACa
0ZwDBACa0Z8DBACa0cAwDQYJKoZIhvcNAQELBQADggEBACmGyRrXNW6d5486u7Ht
DXnH5FA5hzgH8FOhNW7AjOxsAAGTRJepzJ+n3TXOv+VmHzUBMGqqvtKDGTmkHKAI
vTv+3jpJeKPhSXssb8tuv2ZjNVaWeRLJ5WFqpzSIlfZUyEkIm4q5av4FONHPbfL9
n469CHkl3NCFhg/q2HSdXon8jkahoJwQVFSU7NH9C1nNvdYbcR30+SKdwadgnTsM
DtpfgCB6x/n/MkohOpmyGs49LzU3SxmAqsdN4vVy64yo8pWprxFysr8JFmkOt4qP
GXofgBH0ROzMYo7u1jg19BEOscsz0f6OWqoTEKb5C4/lK6DY10w1w8ic5VGkfc2+
wqs=
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:37:53 2025 by rpki-client