Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FFF3800833111F09976C295DAE4EC9C.roa
File: 3FFF3800833111F09976C295DAE4EC9C.roa (raw, json)
Hash identifier: xVa4W9vo8txDKF6MZrStI5+lrgTYiEIQp/jYojrvZ6k=
Subject key identifier: 33:4C:76:85:66:51:97:C3:F4:05:E3:48:BB:16:F9:E1:B8:16:A7:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01986B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FFF3800833111F09976C295DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 10:33:20 +0000
ROA not before: Wed 27 Aug 2025 10:33:15 +0000
ROA not after: Sat 27 Sep 2025 10:33:15 +0000
asID: 395793
IP address blocks: 154.200.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104555 (0x1986b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 10:33:15 2025 GMT
Not After : Sep 27 10:33:15 2025 GMT
Subject: CN=68aedef0-d549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6d:e9:f1:5d:a1:60:78:91:f6:6d:a6:70:38:
82:9f:e6:57:39:a1:19:ef:1a:a5:70:cc:ad:69:b2:
8b:78:17:bb:e0:b0:5a:6f:0c:9d:44:be:31:5c:e0:
9b:c6:8e:22:99:90:58:9b:c7:e4:2e:51:81:40:b1:
78:b0:9c:e6:75:00:87:20:1e:99:b9:7f:a2:4e:67:
3b:ec:a2:2e:0f:3f:47:dd:50:16:ea:91:c6:fa:1e:
1f:78:de:b1:fc:94:6b:32:5f:bf:5b:3c:52:82:be:
9b:9e:72:3c:76:2c:b7:82:12:17:e5:a3:dd:18:35:
61:bc:df:a8:70:f4:f7:64:d7:bb:f3:89:c8:9d:1b:
d3:3a:5a:be:3e:ab:03:92:aa:5c:94:7c:6c:89:09:
a1:f7:ee:2c:76:29:48:cc:8b:bd:00:8a:a4:7c:d4:
c2:96:b6:b8:a5:e0:26:74:79:83:91:48:14:9f:a8:
03:c1:39:86:50:90:10:7b:95:a5:88:9c:8d:a8:24:
01:a3:c4:5a:e7:9a:5b:b4:e3:d6:2c:7f:bb:51:77:
a8:8d:4d:44:ae:99:5c:cd:83:aa:d6:73:9d:04:88:
94:48:ec:e4:a7:dc:ce:f4:fc:d8:92:36:61:b1:c2:
7b:c4:7d:49:62:74:1d:07:ff:5b:43:86:f6:af:8f:
26:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4C:76:85:66:51:97:C3:F4:05:E3:48:BB:16:F9:E1:B8:16:A7:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FFF3800833111F09976C295DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.63.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:10:67:68:e8:6a:6d:d1:8e:4b:9d:63:e5:ea:47:d3:d9:75:
78:77:29:af:ff:7c:67:92:12:ab:d1:51:8c:21:2a:77:3a:a9:
c3:4c:0e:57:43:97:ab:29:3d:7d:86:33:b5:75:07:fd:3a:88:
7d:24:b8:e9:2b:b3:d4:d1:6d:da:cd:42:43:78:7c:56:0e:93:
4c:85:0f:77:83:4d:76:5a:d1:44:87:bb:f0:ee:52:9e:de:8a:
97:7d:45:83:76:71:a6:a7:61:60:45:f6:55:63:59:f4:09:41:
e1:d5:43:dd:2b:8c:b7:08:71:20:49:74:16:d2:1b:51:85:2e:
05:3d:61:18:34:60:55:c7:a5:b4:59:59:00:e9:52:96:a6:b1:
f3:63:c7:da:a9:8c:80:42:99:7f:ed:02:33:af:43:b1:92:4c:
72:6d:4a:7b:ca:14:96:45:b5:98:5b:90:2f:8e:4b:90:aa:15:
50:39:ee:0b:09:0d:4e:b0:af:f5:84:57:be:d7:63:87:3f:52:
84:ae:66:21:94:9c:1e:49:81:5d:4a:8a:6c:fa:d5:20:5f:03:
86:ae:e5:24:15:a5:5f:e8:0a:0f:d1:d1:12:96:42:11:53:fd:
a3:4a:53:64:76:17:b3:df:de:5e:ec:2a:35:27:52:f4:d2:c4:
22:fe:52:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZhrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MTAzMzE1WhcNMjUwOTI3MTAzMzE1WjAYMRYw
FAYDVQQDEw02OGFlZGVmMC1kNTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0W3p8V2hYHiR9m2mcDiCn+ZXOaEZ7xqlcMytabKLeBe74LBabwydRL4x
XOCbxo4imZBYm8fkLlGBQLF4sJzmdQCHIB6ZuX+iTmc77KIuDz9H3VAW6pHG+h4f
eN6x/JRrMl+/WzxSgr6bnnI8diy3ghIX5aPdGDVhvN+ocPT3ZNe784nInRvTOlq+
PqsDkqpclHxsiQmh9+4sdilIzIu9AIqkfNTClra4peAmdHmDkUgUn6gDwTmGUJAQ
e5WliJyNqCQBo8Ra55pbtOPWLH+7UXeojU1ErplczYOq1nOdBIiUSOzkp9zO9PzY
kjZhscJ7xH1JYnQdB/9bQ4b2r48mUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDNM
doVmUZfD9AXjSLsW+eG4FqcMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRkZGMzgwMDgzMzExMUYwOTk3NkMyOTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsg/MA0GCSqGSIb3DQEB
CwUAA4IBAQC9EGdo6Gpt0Y5LnWPl6kfT2XV4dymv/3xnkhKr0VGMISp3OqnDTA5X
Q5erKT19hjO1dQf9Ooh9JLjpK7PU0W3azUJDeHxWDpNMhQ93g012WtFEh7vw7lKe
3oqXfUWDdnGmp2FgRfZVY1n0CUHh1UPdK4y3CHEgSXQW0htRhS4FPWEYNGBVx6W0
WVkA6VKWprHzY8faqYyAQpl/7QIzr0OxkkxybUp7yhSWRbWYW5AvjkuQqhVQOe4L
CQ1OsK/1hFe+12OHP1KErmYhlJweSYFdSops+tUgXwOGruUkFaVf6AoP0dESlkIR
U/2jSlNkdhez395e7Co1J1L00sQi/lIY
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:48:25 2025 by rpki-client