Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B4301BE828C11F080F088D5DAE4EC9C.roa
File: 0B4301BE828C11F080F088D5DAE4EC9C.roa (raw, json)
Hash identifier: btiz0wDRLV2bIbWnn22PR83WTofmEhSU2XwopSmuWHA=
Subject key identifier: 29:85:48:43:1A:F4:A4:83:AE:BB:51:5B:82:45:3A:D9:AB:A6:4B:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0197DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B4301BE828C11F080F088D5DAE4EC9C.roa
Signing time: Tue 26 Aug 2025 14:50:45 +0000
ROA not before: Tue 26 Aug 2025 14:50:40 +0000
ROA not after: Mon 03 Nov 2025 14:50:40 +0000
asID: 138915
IP address blocks: 154.93.100.0/23 maxlen: 24
154.93.104.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104412 (0x197dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 26 14:50:40 2025 GMT
Not After : Nov 3 14:50:40 2025 GMT
Subject: CN=68adc9c5-6e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:59:69:5f:f2:e3:a6:ec:fc:96:73:f9:7c:
05:8f:05:62:fc:7a:c8:ff:b3:2c:8c:3b:da:9a:e9:
97:23:bb:73:fe:d0:5a:99:8e:c3:1d:93:b0:8f:90:
91:a7:9a:89:8d:5f:3f:87:be:3d:6d:14:77:f3:c3:
5f:4b:a5:47:5c:b1:ae:f3:b7:f2:4c:8b:26:8f:02:
e0:9d:71:ef:e7:c2:65:7f:6c:fa:70:8c:de:b8:47:
55:40:bf:f7:e6:e5:52:66:cf:83:82:af:9f:80:26:
af:43:31:02:c4:18:2d:3d:98:d3:68:0a:68:f7:c6:
9f:0e:f5:70:96:12:08:60:f4:fd:8b:0e:e7:da:79:
67:bb:80:53:73:7e:52:2f:c2:d5:b9:0d:d1:30:bd:
ed:58:5a:49:8e:a9:ab:71:99:b1:41:a2:5b:09:ef:
a2:5f:02:bb:a1:a1:90:b7:c7:41:44:fd:25:59:20:
84:92:73:02:a5:cf:f5:3d:c4:34:6f:57:65:6b:ce:
4b:2d:6c:fd:c9:c2:c9:88:7c:f8:c0:0e:73:01:f5:
8b:c1:d9:56:f9:67:17:95:b8:08:27:b4:95:a3:df:
15:38:1f:00:98:8d:66:9a:f4:5e:f7:41:6e:6a:62:
fd:fb:3e:6a:21:eb:c5:d0:13:45:55:b7:31:bc:66:
97:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:85:48:43:1A:F4:A4:83:AE:BB:51:5B:82:45:3A:D9:AB:A6:4B:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0B4301BE828C11F080F088D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.100.0/23
154.93.104.0/23
Signature Algorithm: sha256WithRSAEncryption
cc:61:a4:9d:89:e1:bc:c7:0f:29:10:a4:07:d5:88:6b:52:03:
83:37:b8:ae:77:13:93:56:f4:fb:35:af:2e:fe:2c:86:e4:ec:
1a:0c:97:6f:45:ca:7f:ca:43:91:ed:c5:5f:73:82:1d:fa:e9:
85:9a:d6:e9:12:83:69:ad:b4:32:0d:cd:8d:ba:36:49:db:b1:
a3:26:f9:3c:8f:9e:a1:33:c9:06:91:2a:ec:97:d4:be:a2:7b:
11:24:fc:01:0f:21:c7:3b:17:f7:38:43:2c:bd:3d:5f:86:54:
13:a8:98:c4:28:8d:7c:66:11:83:f1:45:79:7b:96:0a:3c:1e:
a2:e6:4c:ce:f3:59:e1:b4:bd:62:bd:db:f3:c0:d0:66:77:8c:
1e:92:bf:44:e1:c8:64:d4:a3:2a:42:cc:46:8e:42:51:5e:31:
83:b6:a5:dc:5f:8f:c4:a0:ca:38:7c:3e:f6:05:1e:18:d9:7c:
ec:89:d5:e6:5e:2a:41:42:cd:a0:b3:53:72:68:91:2c:dd:60:
32:85:43:4d:20:28:cf:59:fd:3e:00:07:7f:52:5d:ad:54:9a:
92:7a:34:dc:e4:98:e2:31:a7:7d:54:c9:31:b2:b9:31:40:6b:
16:e8:45:09:7d:a3:58:d2:c3:1c:0c:5a:26:ac:31:58:8a:cc:
a3:a0:a2:2e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZfcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI2MTQ1MDQwWhcNMjUxMTAzMTQ1MDQwWjAYMRYw
FAYDVQQDEw02OGFkYzljNS02ZTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrBZaV/y46bs/JZz+XwFjwVi/HrI/7MsjDvamumXI7tz/tBamY7DHZOw
j5CRp5qJjV8/h749bRR388NfS6VHXLGu87fyTIsmjwLgnXHv58Jlf2z6cIzeuEdV
QL/35uVSZs+Dgq+fgCavQzECxBgtPZjTaApo98afDvVwlhIIYPT9iw7n2nlnu4BT
c35SL8LVuQ3RML3tWFpJjqmrcZmxQaJbCe+iXwK7oaGQt8dBRP0lWSCEknMCpc/1
PcQ0b1dla85LLWz9ycLJiHz4wA5zAfWLwdlW+WcXlbgIJ7SVo98VOB8AmI1mmvRe
90FuamL9+z5qIevF0BNFVbcxvGaXWQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFCmF
SEMa9KSDrrtRW4JFOtmrpkuIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQjQzMDFCRTgyOEMxMUYwODBGMDg4RDVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBml1kAwQBml1oMA0GCSqG
SIb3DQEBCwUAA4IBAQDMYaSdieG8xw8pEKQH1YhrUgODN7iudxOTVvT7Na8u/iyG
5OwaDJdvRcp/ykOR7cVfc4Id+umFmtbpEoNprbQyDc2NujZJ27GjJvk8j56hM8kG
kSrsl9S+onsRJPwBDyHHOxf3OEMsvT1fhlQTqJjEKI18ZhGD8UV5e5YKPB6i5kzO
81nhtL1ivdvzwNBmd4wekr9E4chk1KMqQsxGjkJRXjGDtqXcX4/EoMo4fD72BR4Y
2XzsidXmXipBQs2gs1NyaJEs3WAyhUNNICjPWf0+AAd/Ul2tVJqSejTc5JjiMad9
VMkxsrkxQGsW6EUJfaNY0sMcDFomrDFYisyjoKIu
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:42 2025 by rpki-client