Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3109490E88EE11F0B1E58579DAE4EC9C.roa
File: 3109490E88EE11F0B1E58579DAE4EC9C.roa (raw, json)
Hash identifier: MAXWaxo7/E1iW7UwZ/k3on+yDiCuZSRgH1pDNKcbp44=
Subject key identifier: 5E:F8:D6:11:65:46:B6:5B:00:E5:16:79:FE:A3:F4:5A:EB:C3:59:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019D40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3109490E88EE11F0B1E58579DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 17:48:26 +0000
ROA not before: Wed 03 Sep 2025 17:48:21 +0000
ROA not after: Wed 10 Sep 2025 17:48:21 +0000
asID: 6453
IP address blocks: 154.210.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105792 (0x19d40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 3 17:48:21 2025 GMT
Not After : Sep 10 17:48:21 2025 GMT
Subject: CN=68b87f6a-6393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:06:b4:a0:4c:d0:74:78:51:b6:06:75:65:16:
ff:38:2b:f9:e8:0c:1c:28:b8:2f:b3:89:de:54:5f:
3b:88:3b:c5:09:01:14:f7:27:90:8e:7d:dd:76:c3:
3b:56:a7:b6:49:94:15:f6:0d:c1:d5:f9:b2:50:3a:
cf:89:e5:c6:d0:52:e0:8b:95:40:f9:7e:c4:7d:7a:
25:0d:cc:2d:14:0a:cf:15:cb:14:d7:aa:0b:56:5a:
22:57:41:5e:be:7e:e1:55:97:43:50:43:a9:42:e8:
23:ac:25:19:6e:9d:e3:ed:3b:a2:42:71:b5:b5:f1:
e8:4e:c7:b8:77:7c:fb:38:d0:75:69:8c:e9:b9:99:
45:0b:a7:15:4d:f7:e4:20:30:9c:13:7b:3a:f9:a3:
ad:f8:9c:93:53:34:19:5f:a8:b7:0e:47:5c:70:9e:
b7:c2:5e:29:bc:61:34:bf:51:6f:13:94:fa:3e:c5:
1d:91:ee:00:b5:02:8a:fd:71:35:1e:0a:51:bc:15:
35:66:81:5c:a7:92:15:2c:9b:c9:70:65:ed:67:df:
14:20:29:eb:ba:78:0d:15:0c:42:0c:4d:e3:38:58:
3a:89:0d:fb:40:ef:2f:ea:ad:c3:34:64:7b:ef:aa:
56:f0:fa:68:a4:94:60:24:e2:e3:09:13:d9:82:3e:
f7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F8:D6:11:65:46:B6:5B:00:E5:16:79:FE:A3:F4:5A:EB:C3:59:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3109490E88EE11F0B1E58579DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.222.0/24
Signature Algorithm: sha256WithRSAEncryption
35:1d:bb:e9:0f:f6:24:55:33:12:05:a6:8e:12:72:75:49:54:
d0:a1:fb:9d:aa:79:4c:8e:9e:10:d4:54:a9:94:d6:2f:cb:13:
df:41:4f:af:13:ca:11:a3:b1:9d:11:4f:01:1b:5d:db:cc:be:
60:5f:b8:fb:3f:a3:7d:71:bc:67:d3:11:71:75:86:2b:12:ad:
6f:37:c7:cf:7d:14:39:0a:65:1e:93:10:ec:f3:4d:0c:31:dd:
b8:d9:e1:7d:5e:6d:d6:59:22:ce:7f:a6:f9:5c:43:c2:4c:d8:
e7:57:09:20:e9:f9:61:1a:f5:33:d1:91:0d:78:41:79:51:96:
5d:f9:78:2c:39:f7:33:ee:77:e1:fe:c6:b7:fe:50:d2:ae:45:
72:0e:9b:e3:53:a0:27:dc:98:af:d7:d3:e3:da:dc:12:5d:ce:
6c:e0:23:7e:12:a5:82:94:d8:e6:9d:3e:63:52:dd:55:e8:d9:
8e:d0:f0:09:67:b2:ca:58:19:a6:e5:97:a1:7b:fd:eb:6d:00:
d7:47:94:2b:de:bc:07:00:fa:de:53:54:05:5a:47:97:8b:42:
39:73:67:24:43:4d:f5:63:16:99:15:ab:32:b9:78:7f:08:2b:
39:3f:f9:1e:09:40:0f:b6:55:9e:fd:6a:61:0e:4f:31:8e:e9:
83:1a:f6:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ1AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAzMTc0ODIxWhcNMjUwOTEwMTc0ODIxWjAYMRYw
FAYDVQQDEw02OGI4N2Y2YS02MzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArga0oEzQdHhRtgZ1ZRb/OCv56AwcKLgvs4neVF87iDvFCQEU9yeQjn3d
dsM7Vqe2SZQV9g3B1fmyUDrPieXG0FLgi5VA+X7EfXolDcwtFArPFcsU16oLVloi
V0Fevn7hVZdDUEOpQugjrCUZbp3j7TuiQnG1tfHoTse4d3z7ONB1aYzpuZlFC6cV
TffkIDCcE3s6+aOt+JyTUzQZX6i3DkdccJ63wl4pvGE0v1FvE5T6PsUdke4AtQKK
/XE1HgpRvBU1ZoFcp5IVLJvJcGXtZ98UICnrungNFQxCDE3jOFg6iQ37QO8v6q3D
NGR776pW8PpopJRgJOLjCRPZgj732QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF74
1hFlRrZbAOUWef6j9Frrw1kkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMTA5NDkwRTg4RUUxMUYwQjFFNTg1NzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLeMA0GCSqGSIb3DQEB
CwUAA4IBAQA1HbvpD/YkVTMSBaaOEnJ1SVTQofudqnlMjp4Q1FSplNYvyxPfQU+v
E8oRo7GdEU8BG13bzL5gX7j7P6N9cbxn0xFxdYYrEq1vN8fPfRQ5CmUekxDs800M
Md242eF9Xm3WWSLOf6b5XEPCTNjnVwkg6flhGvUz0ZENeEF5UZZd+XgsOfcz7nfh
/sa3/lDSrkVyDpvjU6An3Jiv19Pj2twSXc5s4CN+EqWClNjmnT5jUt1V6NmO0PAJ
Z7LKWBmm5Zehe/3rbQDXR5Qr3rwHAPreU1QFWkeXi0I5c2ckQ031YxaZFasyuXh/
CCs5P/keCUAPtlWe/WphDk8xjumDGvaz
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:41:59 2025 by rpki-client