Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A1EDAA87F211F0A9A6F5A2DAE4EC9C.roa
File: 36A1EDAA87F211F0A9A6F5A2DAE4EC9C.roa (raw, json)
Hash identifier: dvq+R+o7lyDk39LZyafQNnuPbmYr4YfLDvYGFTLx2/k=
Subject key identifier: A0:D3:42:0E:E9:A1:0D:B2:8B:87:5B:02:C0:C3:EE:5D:65:E8:4B:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019C1B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A1EDAA87F211F0A9A6F5A2DAE4EC9C.roa
Signing time: Tue 02 Sep 2025 11:44:42 +0000
ROA not before: Tue 02 Sep 2025 11:44:37 +0000
ROA not after: Fri 10 Oct 2025 11:44:37 +0000
asID: 142032
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105499 (0x19c1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 2 11:44:37 2025 GMT
Not After : Oct 10 11:44:37 2025 GMT
Subject: CN=68b6d8aa-155a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7f:e6:97:41:1a:06:82:19:26:4f:74:dc:bb:
68:fd:45:35:8e:bb:21:22:c4:31:1a:c1:f8:72:4c:
f4:77:84:b4:a1:a4:ea:ea:57:a7:f6:e3:0f:e1:7a:
8b:40:61:43:53:db:b7:6a:8c:55:4a:a5:a4:73:eb:
f3:26:d4:72:56:7e:50:0d:22:1e:42:02:00:29:dc:
64:be:ee:c2:ec:74:fb:7a:61:4a:7b:bc:5a:e4:c4:
08:4c:73:b6:75:12:4c:98:36:2e:2b:a3:3a:f1:c8:
42:dd:3b:52:2d:fc:0a:e9:e9:6f:16:94:7d:f6:46:
b6:32:46:2c:fe:ca:66:b8:2c:90:6f:69:84:f1:bb:
0b:a9:06:71:85:33:44:78:94:ae:66:9b:a4:d8:26:
b5:ee:d1:8c:cb:2b:30:d4:f4:28:61:75:bf:09:56:
ae:c1:3b:1b:ec:10:58:a3:12:fe:a4:f4:a5:0f:94:
d1:c6:4e:27:74:c5:1e:43:ea:c5:0b:71:3e:d0:61:
8c:71:ea:94:c7:26:67:98:a7:83:7d:33:61:5e:c1:
0a:88:08:c7:9e:d8:d6:ff:37:8c:10:93:ba:b4:d7:
43:8a:46:39:05:f5:7e:ea:3c:a6:d5:c7:4f:9a:b7:
21:2f:15:50:55:89:12:c4:e6:c8:90:cd:32:0d:39:
ac:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D3:42:0E:E9:A1:0D:B2:8B:87:5B:02:C0:C3:EE:5D:65:E8:4B:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A1EDAA87F211F0A9A6F5A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
65:61:f3:b4:99:ed:ad:f0:86:94:a1:9f:bb:bd:0b:0c:c6:c9:
5a:af:83:0f:33:8c:86:f7:47:6f:2c:dc:b0:b3:14:9f:e9:f5:
aa:5e:37:a9:23:5c:80:06:b6:ef:6c:ae:3d:df:f3:e7:ca:b0:
75:85:0d:c5:15:9a:1f:4c:82:45:03:74:ba:a2:ee:5d:56:f5:
46:28:1b:a4:40:53:94:a2:08:d4:2c:91:71:a0:9d:f8:d3:a3:
a0:d3:bf:4b:b6:74:bd:a5:fe:4f:f3:76:2d:76:87:01:44:ab:
78:56:87:56:b8:e8:43:b8:a1:15:97:eb:19:f4:75:46:30:46:
e2:4e:30:b1:aa:a8:f0:d0:0a:69:91:a2:6e:62:37:46:be:48:
6d:b2:2a:49:00:16:13:5c:32:d7:50:2a:3d:41:89:43:3a:5f:
c7:d4:b6:bc:6e:53:fa:ce:30:30:fb:6e:65:9b:cb:a3:ac:6c:
35:21:e8:2e:da:c2:ec:08:7f:5c:df:d9:ca:68:a7:86:11:13:
a2:ff:be:69:ee:08:5d:f8:31:35:21:a1:64:ea:11:8b:2d:dd:
a2:53:fb:5f:f7:73:ac:43:ef:76:ad:9d:df:74:53:76:bd:f0:
cf:0e:31:84:f8:c7:90:e4:10:75:48:a8:30:a8:16:ff:85:f6:
b8:58:b2:54
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZwbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAyMTE0NDM3WhcNMjUxMDEwMTE0NDM3WjAYMRYw
FAYDVQQDEw02OGI2ZDhhYS0xNTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmX/ml0EaBoIZJk903Lto/UU1jrshIsQxGsH4ckz0d4S0oaTq6len9uMP
4XqLQGFDU9u3aoxVSqWkc+vzJtRyVn5QDSIeQgIAKdxkvu7C7HT7emFKe7xa5MQI
THO2dRJMmDYuK6M68chC3TtSLfwK6elvFpR99ka2MkYs/spmuCyQb2mE8bsLqQZx
hTNEeJSuZpuk2Ca17tGMyysw1PQoYXW/CVauwTsb7BBYoxL+pPSlD5TRxk4ndMUe
Q+rFC3E+0GGMceqUxyZnmKeDfTNhXsEKiAjHntjW/zeMEJO6tNdDikY5BfV+6jym
1cdPmrchLxVQVYkSxObIkM0yDTmseQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKDT
Qg7poQ2yi4dbAsDD7l1l6EuVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkExRURBQTg3RjIxMUYwQTlBNkY1QTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBlYfO0me2t8IaUoZ+7vQsMxslar4MPM4yG90dvLNywsxSf6fWqXjep
I1yABrbvbK493/PnyrB1hQ3FFZofTIJFA3S6ou5dVvVGKBukQFOUogjULJFxoJ34
06Og079LtnS9pf5P83YtdocBRKt4VodWuOhDuKEVl+sZ9HVGMEbiTjCxqqjw0App
kaJuYjdGvkhtsipJABYTXDLXUCo9QYlDOl/H1La8blP6zjAw+25lm8ujrGw1Iegu
2sLsCH9c39nKaKeGEROi/75p7ghd+DE1IaFk6hGLLd2iU/tf93OsQ+92rZ3fdFN2
vfDPDjGE+MeQ5BB1SKgwqBb/hfa4WLJU
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:48:25 2025 by rpki-client