
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A11CF7C5A9C11F0A08877A7DAE4EC9C.roa
File: 0A11CF7C5A9C11F0A08877A7DAE4EC9C.roa (raw, json)
Hash identifier: slTN8dTwp3mlo0VjCHOtZ0GyizkuKrBMmCdnmeBkAmU=
Subject key identifier: D3:1C:14:E5:62:85:64:99:0A:44:1A:3F:46:55:0C:20:82:29:AC:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018BA8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A11CF7C5A9C11F0A08877A7DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 19:04:28 +0000
ROA not before: Sun 06 Jul 2025 19:04:23 +0000
ROA not after: Sat 23 Aug 2025 19:04:23 +0000
asID: 21859
IP address blocks: 154.198.164.0/24 maxlen: 24
154.202.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Jul 2025 23:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101288 (0x18ba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 6 19:04:23 2025 GMT
Not After : Aug 23 19:04:23 2025 GMT
Subject: CN=686ac8bc-d132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:90:38:a4:55:fc:19:98:10:f2:06:6b:68:4a:
18:1d:ba:9a:8d:87:9d:e4:84:df:9d:48:f6:4e:f8:
f2:a0:b0:d9:36:c0:e0:7b:d8:b8:3b:34:f3:8b:64:
6d:ac:a9:3d:c5:77:26:9d:5c:e2:8c:ae:9d:2c:36:
b4:7b:31:b5:fb:75:9e:2d:48:57:0b:d7:cf:09:87:
a1:fa:fd:95:68:d2:d6:8e:ad:b0:29:23:39:8a:a3:
71:b3:f6:c6:90:60:e1:b1:5a:a9:c3:8c:89:59:29:
7c:7a:d6:a3:65:7c:a4:22:99:26:87:9f:9e:a6:77:
1b:9f:55:db:f3:d5:63:2c:d9:fe:2f:e7:3d:f2:43:
31:17:1a:a3:0e:dd:45:22:e9:17:5e:0e:d3:96:c7:
d6:ca:99:bc:2c:63:b9:f4:94:cb:5c:bd:20:48:04:
82:86:5a:15:b0:31:12:88:e2:17:30:de:96:53:06:
9e:da:cd:2c:34:4a:9f:07:32:d8:fd:fb:5a:71:47:
16:6a:01:16:61:35:f1:31:05:0e:94:aa:66:5f:53:
d7:86:9e:5c:47:33:c4:70:17:3f:b2:f4:b6:99:a9:
86:d7:19:ac:df:c8:58:ce:5d:a2:63:06:72:bd:98:
55:9e:e1:ef:d2:37:02:32:91:59:ad:d4:39:49:a4:
ce:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:1C:14:E5:62:85:64:99:0A:44:1A:3F:46:55:0C:20:82:29:AC:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0A11CF7C5A9C11F0A08877A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.164.0/24
154.202.115.0/24
Signature Algorithm: sha256WithRSAEncryption
57:8a:36:ee:fc:16:b0:a1:3d:20:e4:22:4a:9b:5f:c4:39:ba:
eb:51:70:48:f5:f7:2e:a4:c1:0a:a5:47:b5:ec:ce:08:4e:c3:
6e:7d:fa:c5:b2:e2:c6:dc:e6:11:a0:1b:79:e3:d1:9f:28:0b:
9d:e4:54:ca:bb:c6:11:da:ae:4f:96:74:e7:77:3b:c4:bc:3e:
5c:74:8d:4e:59:d1:f0:0f:0e:62:ab:e3:02:38:3b:58:43:e7:
97:fb:fb:2e:08:b7:ec:96:7d:b9:2d:be:37:39:b7:ee:bf:0f:
cd:6d:2c:f5:47:8d:84:de:02:de:99:92:33:8b:0a:71:fa:1c:
cd:c5:f0:e6:cd:ec:d4:59:10:85:a6:e0:d7:84:3f:c0:e4:7b:
d9:7c:bc:11:b4:f6:dd:f5:da:63:a6:00:00:33:45:66:37:bd:
35:0e:2c:be:d9:1e:5a:c1:77:f3:53:ee:45:7f:b9:6e:5e:2c:
9c:c0:fe:06:40:7a:89:01:1e:6a:0f:f3:08:f0:76:bd:82:f9:
cf:27:ce:14:3e:34:b7:0c:32:45:65:c8:25:95:8c:a9:38:a7:
c3:16:2b:3f:a8:0b:74:82:79:24:04:c3:6b:e3:ab:20:22:80:
1c:5b:92:10:90:61:ba:4f:e9:0a:2f:9d:95:56:a9:66:31:0b:
50:a5:60:09
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYuoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA2MTkwNDIzWhcNMjUwODIzMTkwNDIzWjAYMRYw
FAYDVQQDEw02ODZhYzhiYy1kMTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpA4pFX8GZgQ8gZraEoYHbqajYed5ITfnUj2TvjyoLDZNsDge9i4OzTz
i2RtrKk9xXcmnVzijK6dLDa0ezG1+3WeLUhXC9fPCYeh+v2VaNLWjq2wKSM5iqNx
s/bGkGDhsVqpw4yJWSl8etajZXykIpkmh5+epncbn1Xb89VjLNn+L+c98kMxFxqj
Dt1FIukXXg7TlsfWypm8LGO59JTLXL0gSASChloVsDESiOIXMN6WUwae2s0sNEqf
BzLY/ftacUcWagEWYTXxMQUOlKpmX1PXhp5cRzPEcBc/svS2mamG1xms38hYzl2i
YwZyvZhVnuHv0jcCMpFZrdQ5SaTO3wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNMc
FOVihWSZCkQaP0ZVDCCCKax/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQTExQ0Y3QzVBOUMxMUYwQTA4ODc3QTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsakAwQAmspzMA0GCSqG
SIb3DQEBCwUAA4IBAQBXijbu/BawoT0g5CJKm1/EObrrUXBI9fcupMEKpUe17M4I
TsNuffrFsuLG3OYRoBt549GfKAud5FTKu8YR2q5PlnTndzvEvD5cdI1OWdHwDw5i
q+MCODtYQ+eX+/suCLfsln25Lb43Obfuvw/NbSz1R42E3gLemZIziwpx+hzNxfDm
zezUWRCFpuDXhD/A5HvZfLwRtPbd9dpjpgAAM0VmN701Diy+2R5awXfzU+5Ff7lu
XiycwP4GQHqJAR5qD/MI8Ha9gvnPJ84UPjS3DDJFZcgllYypOKfDFis/qAt0gnkk
BMNr46sgIoAcW5IQkGG6T+kKL52VVqlmMQtQpWAJ
-----END CERTIFICATE-----
Generated at Mon Jul 7 02:35:57 2025 by rpki-client