Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CEE133E85FC11F0AFB20CC5DAE4EC9C.roa
File: 3CEE133E85FC11F0AFB20CC5DAE4EC9C.roa (raw, json)
Hash identifier: kBQr48NXYpWq3Sexsx6VAaLSuLjDovIAlahvEynCng8=
Subject key identifier: F7:2E:CA:BD:AF:AB:FD:94:41:0A:28:8D:0B:17:73:CD:BA:98:7F:9B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A58
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CEE133E85FC11F0AFB20CC5DAE4EC9C.roa
Signing time: Sat 30 Aug 2025 23:51:25 +0000
ROA not before: Sun 31 Aug 2025 23:51:19 +0000
ROA not after: Sun 07 Sep 2025 23:51:19 +0000
asID: 54801
IP address blocks: 154.208.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105048 (0x19a58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 31 23:51:19 2025 GMT
Not After : Sep 7 23:51:19 2025 GMT
Subject: CN=68b38e7d-d6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:3a:bb:bf:11:b6:d2:e6:39:14:6b:a6:b3:
bf:1d:5c:62:32:16:4b:fc:6e:d2:fe:33:f6:29:a7:
61:99:82:21:b5:ad:ac:5d:ef:39:04:44:6a:3f:08:
09:35:fa:0d:3c:a9:db:9b:32:dd:26:0d:09:46:fa:
c0:55:dd:ec:4c:ef:f1:92:6d:9d:cf:24:6b:95:1e:
19:6a:71:65:05:ef:6b:fa:8f:5f:ed:62:21:bc:b5:
c1:fb:d3:a4:7b:18:de:4e:50:9f:5b:0a:ae:ef:71:
90:19:d3:4e:97:bb:92:1a:f0:15:e3:9d:5a:08:00:
7c:4d:05:a4:80:66:59:08:07:97:1b:59:40:cf:af:
37:c0:a5:2f:61:94:4a:28:60:c5:8c:a9:23:8d:70:
59:5f:2b:bb:77:0d:b3:85:9c:34:63:82:e1:a5:0c:
35:28:6b:a1:cc:d4:75:11:44:6e:d7:e9:ff:71:0c:
64:9c:a5:85:ac:25:ec:5d:df:ef:c2:a5:08:47:07:
45:e6:2b:95:02:4c:19:52:fc:5b:95:32:e5:6e:0c:
4e:a7:16:74:43:c7:40:bb:ae:38:76:5f:5d:91:aa:
75:4f:c0:d4:ad:50:57:14:c9:cd:cc:7f:25:17:bb:
34:96:f1:87:c9:83:99:c0:42:ef:e8:58:7c:45:5a:
97:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2E:CA:BD:AF:AB:FD:94:41:0A:28:8D:0B:17:73:CD:BA:98:7F:9B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CEE133E85FC11F0AFB20CC5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.12.0/22
Signature Algorithm: sha256WithRSAEncryption
86:53:0d:22:07:79:31:71:66:1d:ff:ca:2a:4f:4f:f4:f3:88:
82:d2:8e:96:66:7d:62:b2:3a:48:c1:b2:9c:b6:90:7b:3c:37:
a2:29:16:b0:b4:fc:43:65:b8:9a:bb:8a:1a:8e:11:9a:43:e1:
97:8f:f8:8f:8b:4e:99:be:ee:f1:51:ea:27:2f:1f:77:62:f2:
4b:76:d3:a8:e8:dd:21:64:54:48:e9:b0:a0:3b:a0:ad:f1:f8:
ee:3e:b8:e5:2f:ef:e5:6f:03:0e:28:d1:cf:07:18:ff:08:d0:
5a:fc:5c:ab:42:e0:2c:03:06:7e:fb:b3:f8:3c:46:aa:1e:b5:
aa:33:e6:fc:e9:73:12:8f:f0:e9:ff:fd:9c:b4:45:a6:ff:2f:
f1:d9:5a:f1:2e:f1:cb:95:57:ae:83:b1:b4:c6:c1:21:40:92:
9c:5d:58:28:cc:3f:88:8d:6d:66:87:55:32:d2:3e:6c:cf:31:
5a:16:79:1d:ac:29:e0:33:02:a8:70:64:23:5a:97:c8:be:b4:
9c:d1:2e:55:d3:18:dc:6b:8d:e0:d4:2a:84:43:7c:3f:f0:dc:
17:a7:35:30:33:4b:f5:e4:a7:0b:c5:5a:c8:d8:05:72:64:ab:
5b:ca:da:fd:cd:77:aa:ec:dd:9c:ff:05:b4:2e:e0:a7:b0:05:
75:56:6c:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZpYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODMxMjM1MTE5WhcNMjUwOTA3MjM1MTE5WjAYMRYw
FAYDVQQDEw02OGIzOGU3ZC1kNmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmCI6u78RttLmORRrprO/HVxiMhZL/G7S/jP2KadhmYIhta2sXe85BERq
PwgJNfoNPKnbmzLdJg0JRvrAVd3sTO/xkm2dzyRrlR4ZanFlBe9r+o9f7WIhvLXB
+9OkexjeTlCfWwqu73GQGdNOl7uSGvAV451aCAB8TQWkgGZZCAeXG1lAz683wKUv
YZRKKGDFjKkjjXBZXyu7dw2zhZw0Y4LhpQw1KGuhzNR1EURu1+n/cQxknKWFrCXs
Xd/vwqUIRwdF5iuVAkwZUvxblTLlbgxOpxZ0Q8dAu644dl9dkap1T8DUrVBXFMnN
zH8lF7s0lvGHyYOZwELv6Fh8RVqX7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPcu
yr2vq/2UQQoojQsXc826mH+bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQ0VFMTMzRTg1RkMxMUYwQUZCMjBDQzVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtAMMA0GCSqGSIb3DQEB
CwUAA4IBAQCGUw0iB3kxcWYd/8oqT0/084iC0o6WZn1isjpIwbKctpB7PDeiKRaw
tPxDZbiau4oajhGaQ+GXj/iPi06Zvu7xUeonLx93YvJLdtOo6N0hZFRI6bCgO6Ct
8fjuPrjlL+/lbwMOKNHPBxj/CNBa/FyrQuAsAwZ++7P4PEaqHrWqM+b86XMSj/Dp
//2ctEWm/y/x2VrxLvHLlVeug7G0xsEhQJKcXVgozD+IjW1mh1Uy0j5szzFaFnkd
rCngMwKocGQjWpfIvrSc0S5V0xjca43g1CqEQ3w/8NwXpzUwM0v15KcLxVrI2AVy
ZKtbytr9zXeq7N2c/wW0LuCnsAV1Vmz1
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:21 2025 by rpki-client