Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FA4DB72871A11F08F9BE79EDAE4EC9C.roa
File: 1FA4DB72871A11F08F9BE79EDAE4EC9C.roa (raw, json)
Hash identifier: TbakxbMk8T7gKR2pvRI/wRk4I2D9uBJWiFcuGjxYJHs=
Subject key identifier: 2B:EE:48:1E:32:5F:A7:24:7D:97:A3:38:81:D7:09:45:23:07:F0:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019B54
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FA4DB72871A11F08F9BE79EDAE4EC9C.roa
Signing time: Mon 01 Sep 2025 09:57:52 +0000
ROA not before: Mon 01 Sep 2025 09:57:44 +0000
ROA not after: Mon 01 Dec 2025 09:57:44 +0000
asID: 399077
IP address blocks: 154.211.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105300 (0x19b54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 1 09:57:44 2025 GMT
Not After : Dec 1 09:57:44 2025 GMT
Subject: CN=68b56e20-18c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e5:41:29:f3:7e:94:b1:b9:3a:51:90:3d:2c:
8c:b6:be:bc:5b:8a:23:18:ca:92:46:15:39:4b:81:
42:30:cc:7e:f9:95:42:db:02:f0:ff:1a:ff:88:6c:
13:04:db:df:65:61:29:f3:52:8b:73:ef:6b:c9:a1:
4b:f8:50:0a:52:18:6f:75:23:08:5a:6c:f0:85:b4:
91:9d:18:48:d4:83:2a:6d:a4:de:35:b9:92:b9:df:
a1:d6:03:91:51:c2:35:60:15:11:17:61:24:c3:32:
b9:e3:9a:9a:fd:c1:6c:6c:f2:d5:f5:a1:97:df:b6:
d6:f6:02:c9:99:21:af:4d:a7:d3:58:0a:59:2a:3f:
06:01:23:44:1b:ff:0f:e5:4e:c7:fd:ad:f7:14:ac:
b9:cc:29:9e:8c:97:98:46:88:c1:9a:26:cd:73:4c:
b9:ad:79:cd:42:3c:b2:da:13:56:3b:87:cc:2b:03:
03:3f:5d:cb:3e:8b:43:e3:4d:4e:2b:53:e8:e8:80:
47:6c:ee:57:21:39:50:6e:67:65:21:9d:43:16:1b:
12:fc:63:45:26:ce:da:e2:dc:ce:f1:41:25:07:3b:
d6:34:3d:bb:51:a5:52:95:58:51:06:21:3b:9e:81:
82:41:5c:b4:00:f2:7a:27:d7:90:14:8a:bb:49:32:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:EE:48:1E:32:5F:A7:24:7D:97:A3:38:81:D7:09:45:23:07:F0:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FA4DB72871A11F08F9BE79EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.64.0/18
Signature Algorithm: sha256WithRSAEncryption
d4:c9:13:ae:38:bf:dd:b0:63:fb:2e:21:ea:71:9b:f1:22:39:
48:6d:4d:55:99:ab:bc:35:bc:8e:e9:26:a0:81:a2:e8:fc:c5:
c8:8a:c2:f5:b1:58:71:49:84:74:1d:7e:1e:32:92:a9:15:80:
f4:88:45:29:a8:a9:78:98:4d:d0:6a:8c:84:40:02:6f:f5:58:
24:8f:87:55:d2:48:66:6c:ed:a2:36:68:16:e0:d3:72:3f:55:
0c:dc:a5:76:f3:d6:50:2d:3e:4f:55:00:50:b4:19:37:41:e5:
66:d3:66:8f:08:8a:75:15:b8:b8:ca:f2:90:f5:9f:82:a0:41:
22:75:19:9b:45:de:15:84:66:47:89:7e:00:70:69:70:e6:bc:
1c:c1:67:a1:1d:c8:2b:dd:8d:8b:cd:f0:af:59:6c:d0:f6:20:
8f:63:c8:47:0f:9d:2f:10:85:b3:5d:3d:2c:a2:bf:56:49:24:
3e:e0:ad:74:95:bb:f5:95:6f:d4:cb:e2:46:ad:6e:e9:8c:94:
af:f3:fd:ef:5a:63:39:e8:fa:c3:06:bd:7d:d0:ef:a2:95:8d:
75:86:28:15:c9:c6:d7:2b:56:ee:81:2c:4e:c2:cd:40:f9:bf:
53:2d:e0:02:26:91:fb:43:65:c8:71:2e:1b:47:4f:1a:2a:20:
2b:77:53:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZtUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAxMDk1NzQ0WhcNMjUxMjAxMDk1NzQ0WjAYMRYw
FAYDVQQDEw02OGI1NmUyMC0xOGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp+VBKfN+lLG5OlGQPSyMtr68W4ojGMqSRhU5S4FCMMx++ZVC2wLw/xr/
iGwTBNvfZWEp81KLc+9ryaFL+FAKUhhvdSMIWmzwhbSRnRhI1IMqbaTeNbmSud+h
1gORUcI1YBURF2EkwzK545qa/cFsbPLV9aGX37bW9gLJmSGvTafTWApZKj8GASNE
G/8P5U7H/a33FKy5zCmejJeYRojBmibNc0y5rXnNQjyy2hNWO4fMKwMDP13LPotD
401OK1Po6IBHbO5XITlQbmdlIZ1DFhsS/GNFJs7a4tzO8UElBzvWND27UaVSlVhR
BiE7noGCQVy0APJ6J9eQFIq7STJeyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCvu
SB4yX6ckfZejOIHXCUUjB/ANMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRkE0REI3Mjg3MUExMUYwOEY5QkU3OUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtNAMA0GCSqGSIb3DQEB
CwUAA4IBAQDUyROuOL/dsGP7LiHqcZvxIjlIbU1Vmau8NbyO6SaggaLo/MXIisL1
sVhxSYR0HX4eMpKpFYD0iEUpqKl4mE3QaoyEQAJv9Vgkj4dV0khmbO2iNmgW4NNy
P1UM3KV289ZQLT5PVQBQtBk3QeVm02aPCIp1Fbi4yvKQ9Z+CoEEidRmbRd4VhGZH
iX4AcGlw5rwcwWehHcgr3Y2LzfCvWWzQ9iCPY8hHD50vEIWzXT0sor9WSSQ+4K10
lbv1lW/Uy+JGrW7pjJSv8/3vWmM56PrDBr190O+ilY11higVycbXK1bugSxOws1A
+b9TLeACJpH7Q2XIcS4bR08aKiArd1P6
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:32:41 2025 by rpki-client