Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CE048D6833F11F08BAC19EFDAE4EC9C.roa
File: 3CE048D6833F11F08BAC19EFDAE4EC9C.roa (raw, json)
Hash identifier: 4rRoETKjgYNERsfqcbllcEp+wBryepDN/e2C7IX6KUQ=
Subject key identifier: D8:F2:91:49:87:81:D3:A0:A4:49:16:FF:D4:5C:B3:0A:9B:10:0F:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01987D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CE048D6833F11F08BAC19EFDAE4EC9C.roa
Signing time: Wed 27 Aug 2025 12:13:28 +0000
ROA not before: Wed 27 Aug 2025 12:13:21 +0000
ROA not after: Fri 10 Oct 2025 12:13:21 +0000
asID: 138915
IP address blocks: 154.93.32.0/24 maxlen: 24
154.93.33.0/24 maxlen: 24
154.93.47.0/24 maxlen: 24
154.93.49.0/24 maxlen: 24
154.93.52.0/23 maxlen: 24
154.93.54.0/23 maxlen: 24
154.93.56.0/23 maxlen: 24
154.93.58.0/24 maxlen: 24
154.93.59.0/24 maxlen: 24
154.93.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104573 (0x1987d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 12:13:21 2025 GMT
Not After : Oct 10 12:13:21 2025 GMT
Subject: CN=68aef668-3256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8d:92:3d:29:4d:0f:ce:3d:76:a8:af:ec:1e:
ec:78:99:22:8b:b7:5a:d4:c6:1f:f6:b3:e5:11:35:
d4:ef:10:07:f7:ff:98:9c:c9:43:b4:26:45:bf:e0:
2c:53:0e:ba:e8:94:f6:cf:0a:22:64:e6:d2:ab:85:
bf:87:b8:af:70:62:77:f7:77:1a:9a:b9:13:94:7f:
67:e1:cf:f1:94:ad:e8:71:de:6e:2e:5f:9f:18:50:
ac:52:be:43:d2:5e:7a:cd:1a:8b:22:3b:f2:9b:5c:
ad:b1:75:20:c7:07:af:a9:77:3c:23:4c:d2:36:61:
c1:56:af:dc:5c:e8:57:87:e7:79:1e:d4:f2:f8:50:
19:84:e0:f9:3f:d1:f9:21:48:32:7d:29:7f:a6:c5:
91:46:d8:55:01:ac:42:d3:e4:57:57:b2:c4:4c:2d:
a6:c5:25:b5:46:9f:f0:12:6d:47:b2:f2:5d:d5:7f:
dd:f7:5f:ca:67:1d:cb:97:3d:f0:ba:0a:e5:89:31:
03:3d:8b:f8:5b:a1:b3:e7:73:f4:7a:da:9d:27:95:
a4:ea:7b:c7:fd:2e:e8:a3:3d:6d:0e:9b:39:7b:40:
fd:d2:5e:a2:c3:06:c0:53:72:ad:0d:e6:e3:77:5e:
41:1c:2e:e5:57:c5:54:30:33:cc:6f:4d:0e:4e:c8:
e4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F2:91:49:87:81:D3:A0:A4:49:16:FF:D4:5C:B3:0A:9B:10:0F:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CE048D6833F11F08BAC19EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.32.0/23
154.93.47.0/24
154.93.49.0/24
154.93.52.0-154.93.59.255
154.93.62.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:4a:52:31:36:2c:99:bf:fe:fa:08:6b:26:3e:88:69:b7:43:
b7:31:dd:37:92:ba:c7:c5:2d:03:85:c4:d2:4f:36:78:ee:16:
11:20:49:57:fc:f0:4e:80:2a:65:07:46:36:d6:77:ad:e2:e4:
6f:64:79:71:b8:cf:44:ea:d7:6e:2e:b9:dd:1c:fe:38:8d:7d:
c0:9d:bd:cc:91:ce:49:19:1f:3b:77:fa:bc:0a:89:e0:8f:34:
e6:9c:c6:42:c7:f9:b9:72:6e:a4:d0:b9:e9:1f:d1:d4:36:a4:
6c:89:4b:d1:50:f1:2a:9f:72:22:a9:e0:ef:d8:23:76:a7:6b:
8f:5e:b1:4f:57:cf:50:ce:d0:1d:1c:16:16:fd:71:16:9b:3d:
6e:2f:a2:19:35:77:18:53:aa:f8:fb:bd:1e:e6:e9:f4:52:10:
2b:df:4d:89:3a:60:dd:01:e1:56:21:cb:01:af:df:82:82:56:
e1:0e:1b:eb:6e:18:88:fa:6c:27:83:31:83:4f:ae:b5:5c:6f:
cd:c2:a4:20:37:85:d8:06:15:b2:90:12:5a:5b:2b:b8:e1:fe:
f8:86:72:51:e1:6f:af:82:1a:87:2d:27:d3:97:91:6a:f0:d0:
91:8d:b7:d5:01:89:14:04:d0:90:6b:12:5e:4d:09:54:32:9e:
86:5f:ce:8c
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIDAZh9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MTIxMzIxWhcNMjUxMDEwMTIxMzIxWjAYMRYw
FAYDVQQDEw02OGFlZjY2OC0zMjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt42SPSlND849dqiv7B7seJkii7da1MYf9rPlETXU7xAH9/+YnMlDtCZF
v+AsUw666JT2zwoiZObSq4W/h7ivcGJ393camrkTlH9n4c/xlK3ocd5uLl+fGFCs
Ur5D0l56zRqLIjvym1ytsXUgxwevqXc8I0zSNmHBVq/cXOhXh+d5HtTy+FAZhOD5
P9H5IUgyfSl/psWRRthVAaxC0+RXV7LETC2mxSW1Rp/wEm1HsvJd1X/d91/KZx3L
lz3wugrliTEDPYv4W6Gz53P0etqdJ5Wk6nvH/S7ooz1tDps5e0D90l6iwwbAU3Kt
Debjd15BHC7lV8VUMDPMb00OTsjklwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFNjy
kUmHgdOgpEkW/9RcswqbEA8PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQ0UwNDhENjgzM0YxMUYwOEJBQzE5RUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBml0gAwQAml0vAwQAml0x
MAwDBAKaXTQDBAKaXTgDBACaXT4wDQYJKoZIhvcNAQELBQADggEBAItKUjE2LJm/
/voIayY+iGm3Q7cx3TeSusfFLQOFxNJPNnjuFhEgSVf88E6AKmUHRjbWd63i5G9k
eXG4z0Tq124uud0c/jiNfcCdvcyRzkkZHzt3+rwKieCPNOacxkLH+blybqTQuekf
0dQ2pGyJS9FQ8SqfciKp4O/YI3ana49esU9Xz1DO0B0cFhb9cRabPW4vohk1dxhT
qvj7vR7m6fRSECvfTYk6YN0B4VYhywGv34KCVuEOG+tuGIj6bCeDMYNPrrVcb83C
pCA3hdgGFbKQElpbK7jh/viGclHhb6+CGoctJ9OXkWrw0JGNt9UBiRQE0JBrEl5N
CVQynoZfzow=
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:48:26 2025 by rpki-client