Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32541246842D11F0B25D3985DAE4EC9C.roa
File: 32541246842D11F0B25D3985DAE4EC9C.roa (raw, json)
Hash identifier: uDwzfnHVvJQ+EH1h0vNRVErccpDnUy1nPlb8f7Qs/rQ=
Subject key identifier: 38:D3:66:8A:C5:BE:FE:F4:16:7B:90:94:C7:26:AC:0A:AB:F8:07:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32541246842D11F0B25D3985DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 16:36:50 +0000
ROA not before: Thu 28 Aug 2025 16:36:44 +0000
ROA not after: Wed 08 Oct 2025 16:36:44 +0000
asID: 44559
IP address blocks: 154.210.237.0/24 maxlen: 24
154.210.238.0/24 maxlen: 24
154.219.64.0/24 maxlen: 24
154.219.65.0/24 maxlen: 24
154.219.66.0/24 maxlen: 24
154.219.67.0/24 maxlen: 24
154.219.68.0/24 maxlen: 24
154.219.69.0/24 maxlen: 24
154.219.70.0/24 maxlen: 24
154.219.90.0/24 maxlen: 24
154.219.91.0/24 maxlen: 24
154.219.92.0/24 maxlen: 24
154.219.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104964 (0x19a04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 16:36:44 2025 GMT
Not After : Oct 8 16:36:44 2025 GMT
Subject: CN=68b085a2-0ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:68:4b:ed:eb:37:5b:56:94:82:62:2c:62:
4e:48:86:1e:7a:40:fd:d4:4c:0a:fd:e4:3f:5d:0b:
e6:20:fe:d3:21:a8:6c:a5:3d:a8:a8:41:c6:61:9e:
16:66:d0:57:3b:0f:15:be:a6:ec:90:5d:96:a2:a5:
a1:01:e6:e6:95:d7:f6:13:fc:4e:19:4b:07:e9:9d:
81:e5:7b:c7:71:7e:8d:5d:59:21:37:06:50:a1:3a:
b0:91:11:c8:59:91:df:a0:7d:d2:b6:3f:5a:a5:c7:
08:e9:8e:56:cd:aa:37:d9:d8:f1:50:21:8e:d8:4c:
ae:81:6a:52:8b:46:70:27:ca:07:19:ed:6b:04:3b:
14:27:b4:33:0b:91:8c:46:00:34:46:2e:c1:a1:4d:
23:8a:e8:20:cf:ad:c4:5a:b4:6d:f6:b2:4f:c4:56:
c7:fe:8e:58:6c:29:96:66:5a:1b:00:b9:9b:df:c9:
0d:fa:8e:84:13:e9:28:ca:4f:f6:41:8f:97:39:bd:
c2:6a:d6:5b:80:13:46:b5:fa:97:2f:42:ce:41:1e:
64:41:d2:ad:51:33:aa:88:94:e1:ea:c3:20:97:ef:
18:3d:54:a4:14:dd:52:b8:2d:e4:df:62:b6:1b:4a:
c9:e5:12:12:77:13:4b:0a:89:3a:0b:d9:fe:a0:1e:
64:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D3:66:8A:C5:BE:FE:F4:16:7B:90:94:C7:26:AC:0A:AB:F8:07:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32541246842D11F0B25D3985DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.237.0-154.210.238.255
154.219.64.0-154.219.70.255
154.219.90.0-154.219.93.255
Signature Algorithm: sha256WithRSAEncryption
bc:6b:95:ff:93:5a:ec:b8:df:f2:c5:cd:4b:9b:5a:bd:88:97:
1c:6f:67:9e:55:6c:ad:6f:89:ae:60:81:9d:fb:7c:62:d9:ec:
2f:99:bd:a8:2b:4d:8e:9a:62:09:2a:7b:50:3b:5e:b4:ec:31:
67:09:9a:4d:9e:a5:3d:84:b6:50:6a:70:fb:10:9d:99:3f:94:
14:b0:78:48:72:2b:b6:f9:9a:c7:14:37:d1:5d:fa:03:39:b4:
ed:d1:49:f4:a4:5c:bb:73:13:aa:24:1f:3a:4c:a4:55:e0:4b:
a1:e2:e7:99:bd:cb:00:ec:69:28:86:09:66:3f:a9:7a:64:36:
1e:05:31:f8:44:8f:4d:e2:1b:f5:e8:48:d4:e7:69:5a:d7:f0:
48:c2:84:e6:b9:aa:c7:bc:5f:41:d6:51:d1:f5:a8:47:ec:13:
ae:b2:bc:08:64:98:96:b3:bf:7a:29:1d:e8:8a:b5:77:2d:4c:
49:9e:47:b6:56:81:ff:92:e7:e2:ad:c6:56:86:de:c8:0d:c6:
1e:6d:72:8e:50:50:8e:10:e5:ff:3a:74:6b:b2:3f:59:30:a1:
bb:0b:ad:b9:52:b7:4d:6f:b0:a9:82:06:93:8f:47:d9:24:36:
ae:8e:1c:ed:96:f1:c3:d9:cc:0a:4f:bf:9f:c2:45:07:87:be:
06:87:80:f1
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDAZoEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTYzNjQ0WhcNMjUxMDA4MTYzNjQ0WjAYMRYw
FAYDVQQDEw02OGIwODVhMi0wY2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo55oS+3rN1tWlIJiLGJOSIYeekD91EwK/eQ/XQvmIP7TIahspT2oqEHG
YZ4WZtBXOw8VvqbskF2WoqWhAebmldf2E/xOGUsH6Z2B5XvHcX6NXVkhNwZQoTqw
kRHIWZHfoH3Stj9apccI6Y5Wzao32djxUCGO2EyugWpSi0ZwJ8oHGe1rBDsUJ7Qz
C5GMRgA0Ri7BoU0jiuggz63EWrRt9rJPxFbH/o5YbCmWZlobALmb38kN+o6EE+ko
yk/2QY+XOb3CatZbgBNGtfqXL0LOQR5kQdKtUTOqiJTh6sMgl+8YPVSkFN1SuC3k
32K2G0rJ5RISdxNLCok6C9n+oB5k2wIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFDjT
ZorFvv70FnuQlMcmrAqr+Af6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjU0MTI0Njg0MkQxMUYwQjI1RDM5ODVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBACa0u0DBACa0u4wDAME
BprbQAMEAJrbRjAMAwQBmttaAwQBmttcMA0GCSqGSIb3DQEBCwUAA4IBAQC8a5X/
k1rsuN/yxc1Lm1q9iJccb2eeVWytb4muYIGd+3xi2ewvmb2oK02OmmIJKntQO160
7DFnCZpNnqU9hLZQanD7EJ2ZP5QUsHhIciu2+ZrHFDfRXfoDObTt0Un0pFy7cxOq
JB86TKRV4Euh4ueZvcsA7GkohglmP6l6ZDYeBTH4RI9N4hv16EjU52la1/BIwoTm
uarHvF9B1lHR9ahH7BOusrwIZJiWs796KR3oirV3LUxJnke2VoH/kufircZWht7I
DcYebXKOUFCOEOX/OnRrsj9ZMKG7C625UrdNb7CpggaTj0fZJDaujhztlvHD2cwK
T7+fwkUHh74Gh4Dx
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:40:28 2025 by rpki-client