Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A9BBB4A8EE511F0B4DE1CF0DAE4EC9C.roa
File: 2A9BBB4A8EE511F0B4DE1CF0DAE4EC9C.roa (raw, json)
Hash identifier: jdTJ6Q8/LEBZcC1thE/vT3UYj4a0DK9fwBo/Z0tO+fk=
Subject key identifier: B9:FF:13:25:1F:48:14:36:DD:6A:1A:15:CC:C2:EF:E9:E9:26:6E:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019F55
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A9BBB4A8EE511F0B4DE1CF0DAE4EC9C.roa
Signing time: Thu 11 Sep 2025 07:58:56 +0000
ROA not before: Thu 11 Sep 2025 07:58:52 +0000
ROA not after: Fri 19 Sep 2025 07:58:52 +0000
asID: 22773
IP address blocks: 154.194.16.0/22 maxlen: 24
154.194.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 07:58:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106325 (0x19f55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 11 07:58:52 2025 GMT
Not After : Sep 19 07:58:52 2025 GMT
Subject: CN=68c28140-3290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:d5:a1:f2:c9:b0:c8:c6:91:fd:40:7e:a9:
48:57:39:f5:10:09:d1:46:09:b8:b2:a3:dc:a5:4a:
44:8d:d5:f4:d5:df:97:ca:b2:1c:97:2b:24:b4:ac:
2e:68:70:d6:8a:26:c2:21:4f:e9:33:15:5a:48:13:
f3:cd:3a:5d:8b:3f:1c:e9:63:f4:75:1d:8b:1d:65:
d2:0f:fd:9b:3a:0e:fe:0d:1e:3e:b9:19:a4:ae:4d:
24:ba:96:55:76:dd:cc:a2:6d:76:12:7f:3e:02:23:
31:db:86:49:77:23:8e:22:7c:fd:b4:ad:5e:74:0a:
7d:c0:10:37:a6:fc:6f:d0:fe:3f:05:d0:57:f4:f2:
c9:03:d3:f1:d7:bc:f6:ca:69:04:63:0c:e8:7d:c7:
83:6e:46:e7:bd:c0:f9:72:b1:3b:1e:7b:a1:16:0e:
ed:a1:ba:4a:4b:34:d1:9d:c4:7f:81:b8:58:69:fb:
37:3f:00:f4:ab:90:b2:f3:0f:e6:6b:75:d4:1e:c6:
c7:ef:97:99:3d:f2:c7:04:b3:31:2b:28:64:f4:59:
18:79:3d:a2:78:9a:60:9e:f1:16:e6:ba:dd:51:15:
56:58:1a:e0:46:a8:25:47:bc:d4:a8:cc:a8:a3:1b:
d2:9e:5e:3f:af:3e:ea:f3:87:82:4f:e1:28:40:b5:
49:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FF:13:25:1F:48:14:36:DD:6A:1A:15:CC:C2:EF:E9:E9:26:6E:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A9BBB4A8EE511F0B4DE1CF0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
154.194.24.0/22
Signature Algorithm: sha256WithRSAEncryption
83:f0:af:87:a6:1e:a7:77:66:a4:2b:14:5e:39:0d:71:78:15:
20:0b:a9:ee:68:78:56:1e:9f:5b:83:3c:a5:8a:67:4a:e4:9b:
96:87:9d:29:65:aa:2a:93:cb:fb:aa:01:42:af:59:c4:e5:bd:
7c:ec:12:86:1f:39:6d:4f:15:0d:39:eb:ad:44:4a:10:59:c9:
c0:86:29:80:92:90:e6:12:18:06:d7:5b:e4:f2:23:e4:75:d3:
18:3e:b3:21:ca:74:d5:15:83:89:e1:59:10:ed:40:f7:ea:b3:
d3:e6:94:55:50:59:5a:ba:4e:de:55:84:c4:9c:07:a4:ee:ac:
87:c3:b8:c2:56:be:ca:a2:70:a4:97:c4:4e:98:a5:2e:35:a6:
d1:9a:19:43:fc:91:5f:04:05:97:f4:ea:e2:8f:7e:3b:85:24:
10:ea:5d:04:e2:14:da:78:3e:6b:24:0e:a7:fe:29:28:5e:c4:
ab:ca:6f:b0:28:9c:ba:7c:00:1a:17:eb:50:1a:bb:d6:5a:d8:
d2:41:67:e0:07:8e:64:79:6e:5a:8b:6b:d3:f6:a2:72:f3:f6:
e5:fc:37:0f:a6:69:f6:1b:77:19:02:5d:c8:de:da:25:4e:32:
16:41:7d:20:8f:25:99:d6:4e:0d:70:97:b0:62:a5:e1:08:b8:
bc:b5:87:35
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZ9VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTExMDc1ODUyWhcNMjUwOTE5MDc1ODUyWjAYMRYw
FAYDVQQDEw02OGMyODE0MC0zMjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvirVofLJsMjGkf1AfqlIVzn1EAnRRgm4sqPcpUpEjdX01d+XyrIclysk
tKwuaHDWiibCIU/pMxVaSBPzzTpdiz8c6WP0dR2LHWXSD/2bOg7+DR4+uRmkrk0k
upZVdt3Mom12En8+AiMx24ZJdyOOInz9tK1edAp9wBA3pvxv0P4/BdBX9PLJA9Px
17z2ymkEYwzofceDbkbnvcD5crE7HnuhFg7tobpKSzTRncR/gbhYafs3PwD0q5Cy
8w/ma3XUHsbH75eZPfLHBLMxKyhk9FkYeT2ieJpgnvEW5rrdURVWWBrgRqglR7zU
qMyooxvSnl4/rz7q84eCT+EoQLVJBQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLn/
EyUfSBQ23WoaFczC7+npJm6NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTlCQkI0QThFRTUxMUYwQjRERTFDRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIQAwQCmsIYMA0GCSqG
SIb3DQEBCwUAA4IBAQCD8K+Hph6nd2akKxReOQ1xeBUgC6nuaHhWHp9bgzylimdK
5JuWh50pZaoqk8v7qgFCr1nE5b187BKGHzltTxUNOeutREoQWcnAhimAkpDmEhgG
11vk8iPkddMYPrMhynTVFYOJ4VkQ7UD36rPT5pRVUFlauk7eVYTEnAek7qyHw7jC
Vr7KonCkl8ROmKUuNabRmhlD/JFfBAWX9Orij347hSQQ6l0E4hTaeD5rJA6n/iko
XsSrym+wKJy6fAAaF+tQGrvWWtjSQWfgB45keW5ai2vT9qJy8/bl/DcPpmn2G3cZ
Al3I3tolTjIWQX0gjyWZ1k4NcJewYqXhCLi8tYc1
-----END CERTIFICATE-----
Generated at Thu Sep 18 17:58:32 2025 by rpki-client