Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C54D5EE889B11F0AD1815E4DAE4EC9C.roa
File: 1C54D5EE889B11F0AD1815E4DAE4EC9C.roa (raw, json)
Hash identifier: bfNoM0rPazQ3uL3ljFrm9+yyS7dULeZ3MAOukOECVsg=
Subject key identifier: E2:38:BF:C3:EF:8A:1F:75:BC:24:21:4D:BF:30:92:8A:8B:90:0A:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019CAA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C54D5EE889B11F0AD1815E4DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 07:53:43 +0000
ROA not before: Wed 03 Sep 2025 07:53:38 +0000
ROA not after: Wed 24 Sep 2025 07:53:38 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105642 (0x19caa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 3 07:53:38 2025 GMT
Not After : Sep 24 07:53:38 2025 GMT
Subject: CN=68b7f407-9740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8e:7c:e7:f1:74:3a:50:0f:a6:f8:68:c2:b2:
b5:e5:4f:f6:5d:df:41:d2:79:eb:0e:a0:c6:c5:0c:
3e:fc:35:92:10:54:f6:75:66:4c:01:83:ac:90:34:
27:b6:d9:45:6d:6b:00:39:81:e5:fb:fa:e2:66:18:
5b:22:6d:fd:d5:4a:c0:f4:85:a9:d0:07:0d:3b:32:
67:b0:ea:ff:08:f5:3d:36:19:1b:60:64:c9:92:6c:
36:0f:af:ba:05:97:9e:ae:82:15:2c:27:d0:a9:3e:
27:da:b0:b3:b1:7a:9c:d1:c6:52:3c:43:94:1f:81:
72:13:4c:6c:fa:df:2c:a2:fa:b3:36:5a:de:8d:ff:
dd:eb:7c:40:ba:d8:b0:5a:79:e4:37:8d:50:f5:3c:
1c:a1:cd:77:af:9d:d3:c2:d3:69:2c:69:61:c6:36:
d5:d1:57:74:80:98:a1:e7:ea:35:09:b3:f7:ed:71:
bc:5c:b2:a7:8d:85:6b:39:5d:8c:06:d9:fc:a5:be:
54:da:40:77:ea:36:85:02:e4:b7:70:79:43:cf:ac:
d6:fc:c8:a4:99:c5:03:01:45:c7:15:01:76:e8:fe:
2e:57:7e:3e:6a:96:b3:6f:54:9f:8e:eb:30:7c:d3:
a2:ff:83:bb:44:68:bf:82:15:d9:c8:ef:74:70:d1:
5d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:38:BF:C3:EF:8A:1F:75:BC:24:21:4D:BF:30:92:8A:8B:90:0A:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C54D5EE889B11F0AD1815E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:24:bf:cc:7c:e7:77:fc:93:8b:a7:32:05:e1:8c:ec:ff:c7:
99:ea:24:5d:3e:b2:c6:8b:df:86:47:d1:c2:12:ad:82:da:6a:
78:a6:58:c6:65:62:30:01:7b:16:13:2a:35:81:2f:ad:a7:d4:
c0:db:f9:2f:5f:6a:79:38:1d:20:21:ba:d0:4b:12:ac:12:ff:
db:7c:f5:a7:e6:a9:6b:70:c9:fb:b6:c2:ed:a0:40:91:c7:99:
35:98:88:76:12:1d:de:a3:32:cf:f2:79:a4:4a:33:11:62:bd:
c8:74:3e:87:7a:80:9a:8e:cb:88:4f:b9:e1:b7:66:eb:90:b3:
45:fd:70:12:8b:f9:f0:af:2d:cf:3d:ae:25:7f:d2:bd:8e:fb:
d9:36:78:91:05:ea:a5:de:1d:6f:40:c0:f8:f7:ad:b9:7a:6a:
91:9a:b9:e1:93:63:7b:8c:fa:ce:fe:5b:08:a8:69:80:55:ac:
1c:c1:97:4e:87:d9:20:22:84:f0:e5:55:ec:6e:5d:07:48:db:
5f:c9:f3:7e:68:a6:a2:e6:3d:9b:38:37:49:fe:77:18:42:ed:
83:8a:8a:4e:71:f4:df:93:42:af:3a:c5:66:65:7d:c1:17:83:
75:25:58:c8:fb:2a:36:54:84:34:23:e1:1f:80:68:0b:4d:87:
af:76:8a:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZyqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAzMDc1MzM4WhcNMjUwOTI0MDc1MzM4WjAYMRYw
FAYDVQQDEw02OGI3ZjQwNy05NzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuY585/F0OlAPpvhowrK15U/2Xd9B0nnrDqDGxQw+/DWSEFT2dWZMAYOs
kDQnttlFbWsAOYHl+/riZhhbIm391UrA9IWp0AcNOzJnsOr/CPU9NhkbYGTJkmw2
D6+6BZeeroIVLCfQqT4n2rCzsXqc0cZSPEOUH4FyE0xs+t8sovqzNlrejf/d63xA
utiwWnnkN41Q9Twcoc13r53TwtNpLGlhxjbV0Vd0gJih5+o1CbP37XG8XLKnjYVr
OV2MBtn8pb5U2kB36jaFAuS3cHlDz6zW/MikmcUDAUXHFQF26P4uV34+apazb1Sf
juswfNOi/4O7RGi/ghXZyO90cNFdkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOI4
v8Pvih91vCQhTb8wkoqLkAoqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQzU0RDVFRTg4OUIxMUYwQUQxODE1RTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQAsJL/MfOd3/JOLpzIF4Yzs/8eZ6iRdPrLGi9+GR9HCEq2C2mp4pljG
ZWIwAXsWEyo1gS+tp9TA2/kvX2p5OB0gIbrQSxKsEv/bfPWn5qlrcMn7tsLtoECR
x5k1mIh2Eh3eozLP8nmkSjMRYr3IdD6HeoCajsuIT7nht2brkLNF/XASi/nwry3P
Pa4lf9K9jvvZNniRBeql3h1vQMD49625emqRmrnhk2N7jPrO/lsIqGmAVawcwZdO
h9kgIoTw5VXsbl0HSNtfyfN+aKai5j2bODdJ/ncYQu2DiopOcfTfk0KvOsVmZX3B
F4N1JVjI+yo2VIQ0I+EfgGgLTYevdopY
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:32:20 2025 by rpki-client