Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/337B5BF2754111F0A5732996DAE4EC9C.roa
File: 337B5BF2754111F0A5732996DAE4EC9C.roa (raw, json)
Hash identifier: J1+h7V0LyMJHLUbu6nJQFfqV7MTx75j+l6v9wUVQKqw=
Subject key identifier: D0:64:DE:7E:BD:91:4D:79:9F:A4:E4:ED:35:A8:62:1B:5D:50:E8:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019139
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/337B5BF2754111F0A5732996DAE4EC9C.roa
Signing time: Sat 09 Aug 2025 16:52:15 +0000
ROA not before: Sat 09 Aug 2025 16:52:10 +0000
ROA not after: Sat 27 Sep 2025 16:52:10 +0000
asID: 395886
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Aug 2025 21:07:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102713 (0x19139)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 9 16:52:10 2025 GMT
Not After : Sep 27 16:52:10 2025 GMT
Subject: CN=68977cbf-6a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e3:c6:75:ea:bd:cc:dd:a5:09:12:25:e7:e2:
aa:15:06:db:f7:3e:eb:27:dc:fa:b9:8c:a0:03:1d:
b8:9c:e5:d5:7f:95:c4:7e:d0:fa:01:5a:c4:94:9c:
29:ad:13:0b:01:bc:80:71:f6:0d:e4:a8:c2:08:c2:
0f:c0:b4:90:a8:df:53:a2:1b:9a:e1:d3:67:12:c7:
0a:22:a6:09:e1:7b:44:2f:37:c2:99:c9:56:58:97:
c2:56:3f:e6:d4:8b:d2:3e:e6:59:cd:58:c6:d8:97:
09:25:9a:04:01:6d:8a:e4:84:e1:0d:0d:f3:08:35:
09:98:cc:02:a8:5f:76:13:38:0f:49:cb:e1:d7:65:
80:a2:25:36:b7:34:17:82:fd:5e:6b:31:23:fa:7a:
1e:3c:ba:f9:13:83:c9:ff:7e:1a:4f:15:cb:89:4d:
6f:c5:1d:40:89:65:58:fb:fc:83:df:aa:79:56:9f:
f8:30:73:f2:44:65:e4:3e:93:eb:f4:60:ed:75:52:
7e:a7:4c:ac:f9:41:bf:68:62:10:79:d7:a6:67:57:
ac:11:9f:16:88:1d:4a:a6:97:4a:ba:d4:99:83:dd:
7e:ba:0b:3c:45:19:7f:35:42:8a:a4:24:19:78:5e:
b4:60:16:b9:31:37:c3:6c:e2:82:92:4e:91:cb:65:
ed:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:64:DE:7E:BD:91:4D:79:9F:A4:E4:ED:35:A8:62:1B:5D:50:E8:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/337B5BF2754111F0A5732996DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:a9:9b:43:59:45:dc:db:9b:06:7c:69:37:3b:f6:69:b1:ef:
bd:07:37:92:90:17:52:1f:90:a8:6a:68:1b:9f:5a:31:a7:5a:
01:53:90:cd:79:c2:9c:27:b2:91:74:68:bf:73:8c:d3:6d:19:
4d:de:27:59:06:28:da:b7:6c:c0:e9:af:64:0e:17:a4:fa:da:
ff:42:b8:c2:fb:5f:cf:30:8c:58:5e:e9:fc:be:8e:53:b1:3b:
17:7c:ab:7a:18:7d:6f:4a:46:0a:5b:a7:0f:f0:b9:84:c2:b7:
47:2a:de:31:e3:de:b9:cf:bf:58:ab:fc:32:3e:de:a8:60:c4:
e9:50:d6:5c:f4:58:d5:6a:22:cf:99:0e:aa:00:86:2f:2a:36:
e8:d1:6d:1d:dd:08:16:51:e5:2d:2f:73:3f:32:b9:c0:9f:d4:
1f:98:cd:2f:58:db:70:b1:fe:a7:12:7a:92:56:a9:fa:e2:1b:
78:2e:5e:94:98:72:4e:13:b0:4e:fc:9a:98:92:35:85:c7:90:
75:55:bb:74:de:11:ad:07:57:b6:cb:54:89:9c:d1:78:d5:2d:
dd:74:f9:56:ef:3a:24:a0:50:bf:81:e1:5f:a5:02:24:86:01:
38:a6:7d:f1:ca:79:3a:d0:65:73:d9:2a:33:4c:5b:08:1b:67:
99:48:3c:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZE5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODA5MTY1MjEwWhcNMjUwOTI3MTY1MjEwWjAYMRYw
FAYDVQQDEw02ODk3N2NiZi02YTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+PGdeq9zN2lCRIl5+KqFQbb9z7rJ9z6uYygAx24nOXVf5XEftD6AVrE
lJwprRMLAbyAcfYN5KjCCMIPwLSQqN9Tohua4dNnEscKIqYJ4XtELzfCmclWWJfC
Vj/m1IvSPuZZzVjG2JcJJZoEAW2K5IThDQ3zCDUJmMwCqF92EzgPScvh12WAoiU2
tzQXgv1eazEj+noePLr5E4PJ/34aTxXLiU1vxR1AiWVY+/yD36p5Vp/4MHPyRGXk
PpPr9GDtdVJ+p0ys+UG/aGIQedemZ1esEZ8WiB1KppdKutSZg91+ugs8RRl/NUKK
pCQZeF60YBa5MTfDbOKCkk6Ry2XtOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNBk
3n69kU15n6Tk7TWoYhtdUOgMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzdCNUJGMjc1NDExMUYwQTU3MzI5OTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQCOqZtDWUXc25sGfGk3O/Zpse+9BzeSkBdSH5Coamgbn1oxp1oBU5DN
ecKcJ7KRdGi/c4zTbRlN3idZBijat2zA6a9kDhek+tr/QrjC+1/PMIxYXun8vo5T
sTsXfKt6GH1vSkYKW6cP8LmEwrdHKt4x4965z79Yq/wyPt6oYMTpUNZc9FjVaiLP
mQ6qAIYvKjbo0W0d3QgWUeUtL3M/MrnAn9QfmM0vWNtwsf6nEnqSVqn64ht4Ll6U
mHJOE7BO/JqYkjWFx5B1Vbt03hGtB1e2y1SJnNF41S3ddPlW7zokoFC/geFfpQIk
hgE4pn3xynk60GVz2SozTFsIG2eZSDzP
-----END CERTIFICATE-----
Generated at Thu Aug 21 02:26:36 2025 by rpki-client