Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/434BC3B4836A11F0A11FF884DAE4EC9C.roa
File: 434BC3B4836A11F0A11FF884DAE4EC9C.roa (raw, json)
Hash identifier: tBnloaLJEU8ZpTExxMpFnukFPJWESsrbf39KchrQWxA=
Subject key identifier: C4:1C:6B:24:08:2E:CF:85:25:92:64:1D:42:F8:74:8A:01:0D:73:91
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0198E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/434BC3B4836A11F0A11FF884DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 17:21:27 +0000
ROA not before: Wed 27 Aug 2025 17:21:22 +0000
ROA not after: Wed 15 Oct 2025 17:21:22 +0000
asID: 63139
IP address blocks: 154.203.161.0/24 maxlen: 24
154.203.171.0/24 maxlen: 24
154.203.173.0/24 maxlen: 24
154.203.174.0/24 maxlen: 24
154.203.175.0/24 maxlen: 24
154.203.176.0/24 maxlen: 24
154.203.177.0/24 maxlen: 24
154.203.178.0/24 maxlen: 24
154.203.180.0/24 maxlen: 24
154.203.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104681 (0x198e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 17:21:22 2025 GMT
Not After : Oct 15 17:21:22 2025 GMT
Subject: CN=68af3e97-e13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:dc:bb:df:24:62:64:2d:d7:3c:94:16:54:14:
ab:30:15:de:de:cc:ab:27:60:ff:55:b2:3a:2f:d1:
90:19:10:1c:67:fe:0c:77:1a:83:9f:f9:3e:26:6a:
55:ab:22:0e:ab:79:2d:6e:7f:ab:96:f5:63:51:91:
eb:a0:da:ff:4c:00:98:31:dd:17:d6:47:21:fe:68:
76:4b:a4:00:13:dc:54:96:df:88:db:c0:14:c9:f4:
f1:20:e2:69:d4:ed:5f:55:2c:26:7f:dd:4c:ba:4b:
fd:da:74:cf:cb:ea:f7:f6:cb:75:8d:5f:b5:50:33:
ec:ec:69:f0:87:6f:4e:ee:6f:24:f2:6d:33:32:2f:
77:55:11:59:9a:c6:f8:94:10:be:c1:b5:89:a6:ad:
7f:84:1c:c3:0b:84:19:c3:a2:56:a7:d4:f0:87:1c:
e0:45:09:8f:b5:9e:2b:21:e9:88:fc:6f:ff:bb:83:
a2:24:c3:8b:44:b1:50:d5:8b:17:5c:c7:b0:29:bb:
2f:ab:63:ac:56:0c:76:d7:f2:9b:e3:db:a9:80:76:
6e:22:4b:f1:b1:24:bc:82:ba:bb:b7:88:dd:65:f7:
fa:bd:6b:b1:d2:fe:cd:94:98:1c:fe:7f:6b:a9:26:
8e:c0:15:08:53:20:4a:06:0a:4b:95:c6:8b:84:dd:
6a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1C:6B:24:08:2E:CF:85:25:92:64:1D:42:F8:74:8A:01:0D:73:91
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/434BC3B4836A11F0A11FF884DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.161.0/24
154.203.171.0/24
154.203.173.0-154.203.178.255
154.203.180.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:92:46:e6:c6:15:31:54:2c:11:d7:78:01:ba:06:c7:db:c8:
81:fa:13:ee:ad:e3:1d:c6:8c:64:7e:1e:23:19:8c:3e:17:e2:
7e:7c:64:11:bb:91:2e:90:2a:63:a7:7c:77:6c:ca:1b:7b:d2:
3e:b1:50:04:ea:fa:e8:70:33:85:50:68:87:33:15:82:5e:aa:
40:8f:d0:dc:0c:33:ef:7f:50:76:3a:9a:6f:98:53:33:da:aa:
3d:23:34:19:e8:a2:63:cb:b3:51:29:8e:4e:70:aa:1d:46:30:
59:8e:c4:b9:b2:c4:c3:07:72:05:95:b8:35:22:fc:01:4c:92:
75:39:ac:66:92:dc:51:04:80:37:b8:b0:89:f2:0d:25:d9:5a:
41:b9:32:8b:68:cd:7e:13:a2:56:4b:8c:8b:6d:91:45:9c:b3:
20:1d:4b:5e:eb:d8:f6:9f:a4:95:5b:79:eb:ff:67:8f:46:9a:
99:4d:66:44:b9:c7:9f:d9:42:5c:91:fb:18:61:39:52:4d:76:
ac:83:04:35:7d:33:d5:a6:8e:e2:60:5f:55:aa:3a:3d:a8:7f:
17:fa:06:7b:cd:5f:5a:94:cf:a8:a3:6a:ca:3a:d6:f4:bd:56:
a9:79:5b:ce:0d:81:fb:40:b6:ba:26:c7:be:a6:d9:3a:f5:56:
ff:74:c5:a3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAZjpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MTcyMTIyWhcNMjUxMDE1MTcyMTIyWjAYMRYw
FAYDVQQDEw02OGFmM2U5Ny1lMTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx9y73yRiZC3XPJQWVBSrMBXe3syrJ2D/VbI6L9GQGRAcZ/4MdxqDn/k+
JmpVqyIOq3ktbn+rlvVjUZHroNr/TACYMd0X1kch/mh2S6QAE9xUlt+I28AUyfTx
IOJp1O1fVSwmf91Mukv92nTPy+r39st1jV+1UDPs7Gnwh29O7m8k8m0zMi93VRFZ
msb4lBC+wbWJpq1/hBzDC4QZw6JWp9TwhxzgRQmPtZ4rIemI/G//u4OiJMOLRLFQ
1YsXXMewKbsvq2OsVgx21/Kb49upgHZuIkvxsSS8grq7t4jdZff6vWux0v7NlJgc
/n9rqSaOwBUIUyBKBgpLlcaLhN1q/QIDAQABo4ICvzCCArswHQYDVR0OBBYEFMQc
ayQILs+FJZJkHUL4dIoBDXORMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MzRCQzNCNDgzNkExMUYwQTExRkY4ODREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAmsuhAwQAmsurMAwDBACa
y60DBACay7IDBAGay7QwDQYJKoZIhvcNAQELBQADggEBAL+SRubGFTFULBHXeAG6
BsfbyIH6E+6t4x3GjGR+HiMZjD4X4n58ZBG7kS6QKmOnfHdsyht70j6xUATq+uhw
M4VQaIczFYJeqkCP0NwMM+9/UHY6mm+YUzPaqj0jNBnoomPLs1Epjk5wqh1GMFmO
xLmyxMMHcgWVuDUi/AFMknU5rGaS3FEEgDe4sInyDSXZWkG5MotozX4TolZLjItt
kUWcsyAdS17r2PafpJVbeev/Z49GmplNZkS5x5/ZQlyR+xhhOVJNdqyDBDV9M9Wm
juJgX1WqOj2ofxf6BnvNX1qUz6ijaso61vS9Vql5W84NgftAtromx76m2Tr1Vv90
xaM=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:35:58 2025 by rpki-client