Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D41B39C8E2011F0B2556EF2DAE4EC9C.roa
File: 2D41B39C8E2011F0B2556EF2DAE4EC9C.roa (raw, json)
Hash identifier: Uqh8/+x/+TFrcIq9hL7lj2r4el37mbnwZa/RzIf36yw=
Subject key identifier: B0:64:0F:BC:50:A3:70:E3:B3:C4:F0:A5:58:01:29:E1:7C:7E:EF:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019F3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D41B39C8E2011F0B2556EF2DAE4EC9C.roa
Signing time: Wed 10 Sep 2025 08:28:50 +0000
ROA not before: Wed 10 Sep 2025 08:28:45 +0000
ROA not after: Fri 17 Oct 2025 08:28:45 +0000
asID: 214120
IP address blocks: 154.199.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 21 Sep 2025 00:06:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106298 (0x19f3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 10 08:28:45 2025 GMT
Not After : Oct 17 08:28:45 2025 GMT
Subject: CN=68c136c2-247f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1a:31:07:ca:e6:a1:24:21:a8:d9:cb:3d:1f:
de:a3:3e:05:56:a9:06:99:ec:a4:9b:58:dc:48:97:
a3:70:ac:24:3a:a5:31:85:73:c2:d5:c8:e5:42:1e:
7d:16:f8:dc:fd:ce:eb:43:51:b0:77:98:56:9a:f5:
e5:f3:61:05:ea:42:a4:e3:0f:28:a5:81:ac:08:f4:
17:18:cd:f8:47:72:65:cb:a1:95:32:0e:3d:ea:01:
3e:ee:4e:20:3d:cd:a1:35:63:21:de:01:d8:31:22:
b8:92:e7:8c:da:6e:10:ec:83:85:ff:9b:9d:8f:b7:
c2:f8:93:92:65:97:e5:d8:4e:b0:2c:85:37:e4:69:
7e:c4:b4:eb:01:d0:9e:e4:82:cc:fa:61:73:96:c3:
d2:52:0d:d1:9f:fd:f1:98:97:c7:cc:09:4b:02:f2:
d0:e2:f1:34:a3:c1:37:47:65:58:13:96:a7:28:1c:
9b:90:24:69:b4:12:b2:4f:7f:73:3a:45:f7:b6:28:
18:17:7c:9e:f1:af:67:df:60:60:47:f3:cf:14:07:
9d:4c:62:04:22:be:ad:e9:dc:e2:59:17:28:68:a8:
e1:c6:cb:8d:69:1c:55:0d:f3:17:38:10:96:8e:a2:
d9:99:05:c6:6f:88:36:74:6c:6c:19:e8:f7:cb:36:
df:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:64:0F:BC:50:A3:70:E3:B3:C4:F0:A5:58:01:29:E1:7C:7E:EF:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D41B39C8E2011F0B2556EF2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.1.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:86:29:73:6d:82:5f:fe:d3:4f:06:97:4c:59:66:0b:b2:11:
ab:05:c8:fc:e0:6a:56:94:5a:5e:b3:ff:3e:17:c5:cc:93:5a:
22:40:f1:74:1b:d4:2b:f6:7b:42:91:bf:6a:31:4a:b8:78:5d:
20:f6:c7:31:6a:94:7f:fb:96:ee:ed:7a:ab:98:fb:88:79:bd:
28:2c:11:34:16:4f:90:54:df:be:b4:1e:98:80:3f:d9:c6:5f:
27:83:0c:6d:cc:d5:f7:a8:d4:68:56:54:02:e0:f2:d7:15:3d:
83:8c:8a:0e:16:66:35:61:08:54:de:96:01:bb:99:43:06:41:
98:9d:f2:dd:62:c0:58:37:5b:60:bf:fb:55:b3:57:eb:a3:76:
66:bb:7b:a2:fc:b9:bf:f6:23:7e:d5:14:ea:67:49:97:8d:9d:
43:23:17:b0:d0:37:a9:ac:e0:37:40:0d:26:4b:3b:1a:a8:24:
c8:da:5c:01:fc:bf:0d:e2:23:e9:a5:39:92:27:8e:d9:78:94:
1b:da:42:12:a7:1e:c9:6d:09:07:c6:5c:01:c3:50:d0:00:3a:
4e:0f:46:29:76:28:e9:a2:54:22:00:49:f6:cd:9d:71:6e:38:
31:67:2a:2e:27:5f:a7:7d:45:ee:56:d1:c3:c3:50:a0:a8:2f:
a9:d2:00:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ86MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTEwMDgyODQ1WhcNMjUxMDE3MDgyODQ1WjAYMRYw
FAYDVQQDEw02OGMxMzZjMi0yNDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzRoxB8rmoSQhqNnLPR/eoz4FVqkGmeykm1jcSJejcKwkOqUxhXPC1cjl
Qh59Fvjc/c7rQ1Gwd5hWmvXl82EF6kKk4w8opYGsCPQXGM34R3Jly6GVMg496gE+
7k4gPc2hNWMh3gHYMSK4kueM2m4Q7IOF/5udj7fC+JOSZZfl2E6wLIU35Gl+xLTr
AdCe5ILM+mFzlsPSUg3Rn/3xmJfHzAlLAvLQ4vE0o8E3R2VYE5anKBybkCRptBKy
T39zOkX3tigYF3ye8a9n32BgR/PPFAedTGIEIr6t6dziWRcoaKjhxsuNaRxVDfMX
OBCWjqLZmQXGb4g2dGxsGej3yzbfJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLBk
D7xQo3Djs8TwpVgBKeF8fu/hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRDQxQjM5QzhFMjAxMUYwQjI1NTZFRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscBMA0GCSqGSIb3DQEB
CwUAA4IBAQC/hilzbYJf/tNPBpdMWWYLshGrBcj84GpWlFpes/8+F8XMk1oiQPF0
G9Qr9ntCkb9qMUq4eF0g9scxapR/+5bu7XqrmPuIeb0oLBE0Fk+QVN++tB6YgD/Z
xl8ngwxtzNX3qNRoVlQC4PLXFT2DjIoOFmY1YQhU3pYBu5lDBkGYnfLdYsBYN1tg
v/tVs1fro3Zmu3ui/Lm/9iN+1RTqZ0mXjZ1DIxew0DeprOA3QA0mSzsaqCTI2lwB
/L8N4iPppTmSJ47ZeJQb2kISpx7JbQkHxlwBw1DQADpOD0YpdijpolQiAEn2zZ1x
bjgxZyouJ1+nfUXuVtHDw1CgqC+p0gBj
-----END CERTIFICATE-----
Generated at Fri Sep 19 10:45:49 2025 by rpki-client