Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0FE7ADB6844711F0BCA05AA9DAE4EC9C.roa
File: 0FE7ADB6844711F0BCA05AA9DAE4EC9C.roa (raw, json)
Hash identifier: kVBEN1FCke1xua85uMR7zOQpL0EGNobRjarUo6EPAyI=
Subject key identifier: 51:D6:6B:D3:AB:C7:99:00:C4:9E:71:FF:32:84:61:70:B5:6B:A3:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A27
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0FE7ADB6844711F0BCA05AA9DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 19:42:00 +0000
ROA not before: Thu 28 Aug 2025 19:41:54 +0000
ROA not after: Thu 26 Feb 2026 19:41:54 +0000
asID: 271990
IP address blocks: 154.223.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104999 (0x19a27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 19:41:54 2025 GMT
Not After : Feb 26 19:41:54 2026 GMT
Subject: CN=68b0b108-361e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ee:93:dc:d4:68:5d:4e:46:cd:6b:d2:4f:bd:
24:cf:26:68:4b:b4:11:4a:70:2f:18:d3:8b:f4:34:
71:4f:78:2f:a2:4c:c6:d1:26:6a:c3:99:4e:09:a9:
b1:56:21:4d:fd:a7:7b:82:c0:32:09:34:eb:aa:98:
1d:03:60:6c:c4:e0:13:2c:05:b7:76:54:48:71:45:
67:c4:24:38:85:77:ff:69:55:84:d1:fd:6f:d8:ed:
eb:28:f9:f5:eb:7f:16:62:f2:b5:5d:31:1b:69:06:
7d:10:76:c3:0b:29:16:07:a3:c3:d4:0f:36:42:1f:
5e:9d:8c:49:01:56:e1:cf:5a:18:e3:0c:63:41:53:
6e:4c:0e:85:94:cc:a8:d1:7a:50:46:62:4c:59:be:
c0:61:ee:79:35:92:25:ad:53:f7:d8:ec:1e:62:53:
1d:fc:db:7f:24:5d:d7:0d:55:be:9b:f1:31:0f:90:
14:d4:6b:66:c3:15:78:48:eb:f3:75:14:3f:1d:6a:
96:6c:dd:ca:91:26:b2:b0:ee:4a:d2:a2:0e:2a:7f:
a4:84:5b:e0:6e:ec:d3:a1:fa:d4:19:45:bc:8e:4c:
66:cd:c8:0d:9f:9e:27:07:d2:61:73:f4:fa:d1:47:
e3:4b:1c:bd:28:77:d6:a2:95:d1:d3:9a:94:1b:68:
2e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D6:6B:D3:AB:C7:99:00:C4:9E:71:FF:32:84:61:70:B5:6B:A3:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0FE7ADB6844711F0BCA05AA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.128.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ba:7f:e5:fa:0c:a8:1f:77:c4:65:c7:4b:38:d0:fe:03:9c:
c4:9b:7b:a0:7b:99:6e:03:92:5e:46:6b:f9:c2:4e:02:ef:73:
08:d0:d0:d3:7b:59:74:f0:21:c1:f7:4e:c6:f3:de:a0:4b:cc:
82:52:61:c3:08:a6:46:f0:0f:66:c5:60:b2:b4:9c:1d:c3:6a:
51:4b:bc:d4:cf:4b:a3:60:e9:5a:a3:da:88:27:07:f0:65:17:
5c:d3:aa:66:fb:37:8c:bb:f5:bc:d9:bb:c0:e9:3f:f0:07:21:
7a:bf:3e:f1:6f:b8:30:d0:e2:51:be:9c:87:6c:7f:f2:4a:4a:
e6:b9:76:37:27:da:a6:d3:41:f1:c2:8d:23:33:88:62:57:73:
2d:eb:8a:d5:3d:f3:7d:e0:5a:82:ea:81:b5:58:5d:2c:34:04:
d4:0b:1e:16:78:e9:cd:5f:e7:57:8a:90:d0:c0:83:47:bd:db:
3e:ea:0e:67:22:7b:22:a7:ba:a3:5a:1c:56:d3:e7:22:db:18:
98:ab:7c:c1:14:00:e2:87:58:92:cd:58:1d:98:b0:a1:e6:7e:
ff:30:c9:bc:8e:36:cf:25:6e:c8:30:c5:c1:4c:60:fb:5e:9f:
21:45:3a:cc:5f:9d:e9:a0:3e:12:cb:ef:b9:15:aa:30:65:12:
96:bb:9b:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZonMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTk0MTU0WhcNMjYwMjI2MTk0MTU0WjAYMRYw
FAYDVQQDEw02OGIwYjEwOC0zNjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoe6T3NRoXU5GzWvST70kzyZoS7QRSnAvGNOL9DRxT3gvokzG0SZqw5lO
CamxViFN/ad7gsAyCTTrqpgdA2BsxOATLAW3dlRIcUVnxCQ4hXf/aVWE0f1v2O3r
KPn1638WYvK1XTEbaQZ9EHbDCykWB6PD1A82Qh9enYxJAVbhz1oY4wxjQVNuTA6F
lMyo0XpQRmJMWb7AYe55NZIlrVP32OweYlMd/Nt/JF3XDVW+m/ExD5AU1GtmwxV4
SOvzdRQ/HWqWbN3KkSaysO5K0qIOKn+khFvgbuzTofrUGUW8jkxmzcgNn54nB9Jh
c/T60UfjSxy9KHfWopXR05qUG2guQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFHW
a9Orx5kAxJ5x/zKEYXC1a6OhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRkU3QURCNjg0NDcxMUYwQkNBMDVBQTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+AMA0GCSqGSIb3DQEB
CwUAA4IBAQAwun/l+gyoH3fEZcdLOND+A5zEm3uge5luA5JeRmv5wk4C73MI0NDT
e1l08CHB907G896gS8yCUmHDCKZG8A9mxWCytJwdw2pRS7zUz0ujYOlao9qIJwfw
ZRdc06pm+zeMu/W82bvA6T/wByF6vz7xb7gw0OJRvpyHbH/ySkrmuXY3J9qm00Hx
wo0jM4hiV3Mt64rVPfN94FqC6oG1WF0sNATUCx4WeOnNX+dXipDQwINHvds+6g5n
Insip7qjWhxW0+ci2xiYq3zBFADih1iSzVgdmLCh5n7/MMm8jjbPJW7IMMXBTGD7
Xp8hRTrMX53poD4Sy++5FaowZRKWu5ss
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:33 2025 by rpki-client