Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A60762870E11F0832754D1DAE4EC9C.roa
File: 36A60762870E11F0832754D1DAE4EC9C.roa (raw, json)
Hash identifier: Uc9b7Ew0EcP7rISPTK8nhMaxrG+636JwyAdLkARFWho=
Subject key identifier: 32:10:C0:1E:94:85:33:95:02:9A:6B:32:E8:38:F8:4F:04:0F:1F:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019B42
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A60762870E11F0832754D1DAE4EC9C.roa
Signing time: Mon 01 Sep 2025 08:32:37 +0000
ROA not before: Mon 01 Sep 2025 08:32:32 +0000
ROA not after: Tue 09 Sep 2025 08:32:32 +0000
asID: 45194
IP address blocks: 154.84.209.0/24 maxlen: 24
154.84.210.0/24 maxlen: 24
154.84.211.0/24 maxlen: 24
154.84.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105282 (0x19b42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 1 08:32:32 2025 GMT
Not After : Sep 9 08:32:32 2025 GMT
Subject: CN=68b55a25-7169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:33:0a:21:b4:47:34:b7:f7:65:90:a0:4a:15:
d7:88:f0:c3:9c:77:cd:64:01:65:51:92:4b:27:34:
1d:06:24:72:96:ac:42:66:40:15:28:7a:23:6f:7b:
39:e7:90:48:c0:50:dd:84:52:3e:b1:63:86:54:ee:
ca:e0:2e:17:a7:5a:98:39:fb:a3:29:3f:0f:2b:37:
17:b0:8f:d0:f4:0f:bc:7b:79:2e:8e:28:7a:5c:f9:
31:06:08:f6:c7:cd:6e:49:12:57:ca:29:4d:86:be:
63:2a:b6:a1:d4:c3:08:e7:c2:be:13:76:57:a2:71:
4a:f7:2d:d4:03:bd:ce:19:5a:46:f9:d8:d3:d3:7a:
ae:ab:5d:c0:14:98:67:d8:55:f7:3d:d7:da:7e:56:
d8:b2:7d:35:6a:6b:ff:82:13:8e:6c:ec:6e:08:0d:
e6:2b:6c:75:c6:b5:af:ad:9f:cb:05:ff:2a:a4:2b:
f7:0e:73:cb:e9:ad:dc:8b:48:36:3a:79:b4:c0:88:
de:86:f8:ce:4c:8e:c6:fe:de:e3:e2:c0:1b:96:0a:
ac:94:70:bd:78:b6:17:7e:90:8d:74:19:56:57:65:
12:74:cb:9f:bd:1f:4f:10:e0:35:05:04:fe:2f:f0:
ee:1a:f4:24:c5:e5:3e:57:0c:42:c4:1f:9a:30:fc:
ae:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:10:C0:1E:94:85:33:95:02:9A:6B:32:E8:38:F8:4F:04:0F:1F:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A60762870E11F0832754D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.209.0-154.84.212.255
Signature Algorithm: sha256WithRSAEncryption
46:98:8a:e2:97:f9:6b:9d:d3:ad:4f:1d:57:ec:f5:0d:d7:fc:
2d:d5:6f:54:d4:40:de:48:d2:b1:94:d2:31:76:0d:08:2f:d4:
e4:ca:79:68:54:61:0e:9e:f3:bc:3b:30:4f:3e:8c:85:fd:2b:
83:de:9e:32:85:3d:b7:d2:c1:9b:c1:dc:87:80:c5:4a:79:d2:
8f:b3:b6:03:70:2c:3f:e4:4c:2f:33:dd:f4:29:7a:95:9c:70:
c6:04:a3:03:6d:d4:24:69:ab:51:8b:b6:15:a5:20:5c:6b:86:
68:f8:dc:a8:07:eb:29:fc:4f:59:3d:92:d5:5e:1c:09:ef:6f:
d7:f2:b3:4d:d4:20:0e:94:6b:1a:8b:88:de:f9:fc:5e:a2:58:
6a:d1:77:5a:45:9c:64:32:73:db:8a:de:2b:43:29:13:af:52:
03:50:b4:cd:73:ed:9b:d1:cc:b6:1e:d4:3a:c7:58:74:68:8d:
85:fe:f6:60:11:e7:8d:52:e3:b8:02:db:66:ea:b7:c6:9d:c2:
fe:6e:b3:cb:b0:3c:96:f8:7f:8b:98:19:19:c8:d7:16:b4:e4:
5f:fe:d9:32:e9:50:16:89:70:45:d7:dd:3f:67:2d:a8:04:67:
2b:0b:88:a3:a2:bb:fa:cd:a8:ea:d9:18:74:1a:01:21:97:03:
fb:77:b7:00
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAZtCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAxMDgzMjMyWhcNMjUwOTA5MDgzMjMyWjAYMRYw
FAYDVQQDEw02OGI1NWEyNS03MTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsTMKIbRHNLf3ZZCgShXXiPDDnHfNZAFlUZJLJzQdBiRylqxCZkAVKHoj
b3s555BIwFDdhFI+sWOGVO7K4C4Xp1qYOfujKT8PKzcXsI/Q9A+8e3kujih6XPkx
Bgj2x81uSRJXyilNhr5jKrah1MMI58K+E3ZXonFK9y3UA73OGVpG+djT03quq13A
FJhn2FX3PdfaflbYsn01amv/ghOObOxuCA3mK2x1xrWvrZ/LBf8qpCv3DnPL6a3c
i0g2Onm0wIjehvjOTI7G/t7j4sAblgqslHC9eLYXfpCNdBlWV2USdMufvR9PEOA1
BQT+L/DuGvQkxeU+VwxCxB+aMPyuYQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFDIQ
wB6UhTOVApprMug4+E8EDx/bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkE2MDc2Mjg3MEUxMUYwODMyNzU0RDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaVNEDBACaVNQwDQYJ
KoZIhvcNAQELBQADggEBAEaYiuKX+Wud061PHVfs9Q3X/C3Vb1TUQN5I0rGU0jF2
DQgv1OTKeWhUYQ6e87w7ME8+jIX9K4PenjKFPbfSwZvB3IeAxUp50o+ztgNwLD/k
TC8z3fQpepWccMYEowNt1CRpq1GLthWlIFxrhmj43KgH6yn8T1k9ktVeHAnvb9fy
s03UIA6UaxqLiN75/F6iWGrRd1pFnGQyc9uK3itDKROvUgNQtM1z7ZvRzLYe1DrH
WHRojYX+9mAR541S47gC22bqt8adwv5us8uwPJb4f4uYGRnI1xa05F/+2TLpUBaJ
cEXX3T9nLagEZysLiKOiu/rNqOrZGHQaASGXA/t3twA=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:36:02 2025 by rpki-client