Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44E3E1CC873711F0A76379DBDAE4EC9C.roa
File: 44E3E1CC873711F0A76379DBDAE4EC9C.roa (raw, json)
Hash identifier: jNC4fwXso1ZjTHraN1w7tc6EAqxcfJQLe60s7AoATeE=
Subject key identifier: D9:47:FA:B2:76:2A:5F:D6:C6:65:B3:21:EB:3D:9C:8E:A5:1A:93:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019B76
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44E3E1CC873711F0A76379DBDAE4EC9C.roa
Signing time: Mon 01 Sep 2025 13:26:30 +0000
ROA not before: Mon 01 Sep 2025 13:26:25 +0000
ROA not after: Wed 10 Dec 2025 13:26:25 +0000
asID: 203020
IP address blocks: 154.197.120.0/24 maxlen: 24
154.201.46.0/24 maxlen: 24
154.201.58.0/24 maxlen: 24
154.202.70.0/23 maxlen: 24
154.202.86.0/23 maxlen: 24
154.203.63.0/24 maxlen: 24
154.203.95.0/24 maxlen: 24
154.204.37.0/24 maxlen: 24
154.204.40.0/24 maxlen: 24
154.204.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105334 (0x19b76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 1 13:26:25 2025 GMT
Not After : Dec 10 13:26:25 2025 GMT
Subject: CN=68b59f06-3a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:40:83:7e:a3:12:57:b7:ab:11:f2:4a:d2:c0:
00:ab:ed:7e:66:bb:87:a2:94:32:80:30:b4:d1:b1:
02:f4:2e:a0:6a:1d:4d:57:22:a6:9c:6d:21:41:e3:
c3:71:3b:b3:f9:93:61:e3:d2:87:c5:b6:4d:3f:8a:
1e:69:82:ad:31:16:5d:17:26:a2:21:d9:08:73:91:
00:68:ed:2e:f5:b0:12:2d:9c:71:a7:9d:8b:7e:1e:
88:15:06:00:63:a6:ef:41:bc:16:f3:1f:c4:44:ad:
be:b6:ad:0e:a9:72:09:a7:69:17:e3:99:7c:d3:63:
12:78:31:7f:a3:7e:f6:ef:1e:1f:d3:00:83:45:09:
91:5e:6d:3d:ba:03:14:54:aa:48:fa:5d:a4:cf:8d:
fa:33:5f:c9:c1:1f:cf:cf:52:86:42:2e:fc:fb:ca:
d7:b2:ea:66:ce:84:ec:99:77:b6:80:70:19:80:d1:
71:3d:94:ec:6c:35:02:fc:e4:60:c1:db:35:a4:fd:
62:78:2e:8d:4a:6a:d1:f8:7b:68:40:23:32:ff:db:
fd:95:b5:3f:c9:05:71:d6:81:01:fb:07:67:e0:fe:
09:b6:1f:07:e0:f4:d4:0e:bc:b9:3e:a7:f2:0d:7d:
fa:80:8f:57:79:9c:50:08:8c:08:18:26:bc:ac:90:
7c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:47:FA:B2:76:2A:5F:D6:C6:65:B3:21:EB:3D:9C:8E:A5:1A:93:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/44E3E1CC873711F0A76379DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.120.0/24
154.201.46.0/24
154.201.58.0/24
154.202.70.0/23
154.202.86.0/23
154.203.63.0/24
154.203.95.0/24
154.204.37.0/24
154.204.40.0/24
154.204.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:1d:07:1d:8e:fd:9b:d5:26:10:56:48:b5:bf:55:f5:57:ac:
54:fe:d9:ef:bb:35:ef:f6:71:bc:09:d2:b7:19:d8:1f:8a:5a:
79:ee:98:ca:9f:88:67:a8:41:8a:bb:2d:fd:41:23:6a:a7:b8:
60:ec:d2:f8:8b:c9:fd:d3:0d:62:f4:37:96:69:1f:b5:f8:52:
9f:72:c6:17:27:33:23:bd:e5:66:e6:82:0f:6b:a4:5b:53:c3:
96:46:17:0f:29:13:be:7a:2f:18:4d:f3:45:33:a8:04:a5:b4:
8d:7e:cb:5b:fc:b2:92:79:8d:a1:e8:0c:d0:03:5e:c1:53:72:
7e:58:f8:75:2b:63:a4:20:5c:3a:54:73:d1:56:a1:2c:74:6e:
90:aa:9b:c0:3a:e8:c6:3b:81:1e:c4:1b:14:f7:5d:96:e5:ae:
c4:d0:c1:c5:45:3f:24:bf:46:02:bb:62:39:41:dc:98:d6:c8:
4e:f7:16:9a:6f:38:71:38:90:88:f4:1b:10:27:35:f7:14:b0:
39:a0:09:2a:e0:96:55:26:ad:f0:b8:fb:ea:ea:f3:04:cc:69:
e7:24:98:51:80:d2:0e:10:e8:45:de:61:d8:82:87:1f:00:8a:
7f:e1:fc:dc:f7:1e:3b:d7:41:46:d3:a5:9c:11:3c:ff:00:d2:
03:d6:88:4c
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAZt2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAxMTMyNjI1WhcNMjUxMjEwMTMyNjI1WjAYMRYw
FAYDVQQDEw02OGI1OWYwNi0zYTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUCDfqMSV7erEfJK0sAAq+1+ZruHopQygDC00bEC9C6gah1NVyKmnG0h
QePDcTuz+ZNh49KHxbZNP4oeaYKtMRZdFyaiIdkIc5EAaO0u9bASLZxxp52Lfh6I
FQYAY6bvQbwW8x/ERK2+tq0OqXIJp2kX45l802MSeDF/o3727x4f0wCDRQmRXm09
ugMUVKpI+l2kz436M1/JwR/Pz1KGQi78+8rXsupmzoTsmXe2gHAZgNFxPZTsbDUC
/ORgwds1pP1ieC6NSmrR+HtoQCMy/9v9lbU/yQVx1oEB+wdn4P4Jth8H4PTUDry5
PqfyDX36gI9XeZxQCIwIGCa8rJB89QIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFNlH
+rJ2Kl/WxmWzIes9nI6lGpNUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NEUzRTFDQzg3MzcxMUYwQTc2Mzc5REJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAmsV4AwQAmskuAwQAmsk6
AwQBmspGAwQBmspWAwQAmss/AwQAmstfAwQAmswlAwQAmswoAwQAmswqMA0GCSqG
SIb3DQEBCwUAA4IBAQB/HQcdjv2b1SYQVki1v1X1V6xU/tnvuzXv9nG8CdK3Gdgf
ilp57pjKn4hnqEGKuy39QSNqp7hg7NL4i8n90w1i9DeWaR+1+FKfcsYXJzMjveVm
5oIPa6RbU8OWRhcPKRO+ei8YTfNFM6gEpbSNfstb/LKSeY2h6AzQA17BU3J+WPh1
K2OkIFw6VHPRVqEsdG6QqpvAOujGO4EexBsU912W5a7E0MHFRT8kv0YCu2I5QdyY
1shO9xaabzhxOJCI9BsQJzX3FLA5oAkq4JZVJq3wuPvq6vMEzGnnJJhRgNIOEOhF
3mHYgocfAIp/4fzc9x4710FG06WcETz/ANID1ohM
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:32:27 2025 by rpki-client