Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4708F200998C11F0A3E194D5DAE4EC9C.roa
File: 4708F200998C11F0A3E194D5DAE4EC9C.roa (raw, json)
Hash identifier: b+DOoRoPr4NJF7QntN2vem52oV/MVCKbYy1f2fU6QOQ=
Subject key identifier: EF:B1:56:20:A3:68:97:B4:3E:F8:37:05:8E:D0:81:28:57:6E:47:B9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4708F200998C11F0A3E194D5DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 21:20:22 +0000
ROA not before: Wed 24 Sep 2025 21:20:17 +0000
ROA not after: Tue 21 Oct 2025 21:20:17 +0000
asID: 139646
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106700 (0x1a0cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 21:20:17 2025 GMT
Not After : Oct 21 21:20:17 2025 GMT
Subject: CN=68d46096-f2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:67:6f:16:8e:3d:ea:66:a0:60:6a:65:4c:
fd:c8:02:b6:98:53:c6:ec:13:f8:81:ef:92:33:18:
7e:0a:53:05:f3:4e:2a:8c:b9:7a:d8:21:84:24:29:
98:d6:8f:db:96:1b:0b:12:c4:4d:c0:4d:b0:59:85:
e7:bc:db:99:6e:48:03:27:d2:21:c2:d6:1f:2b:82:
6e:60:54:12:19:69:e5:49:ed:a8:93:a8:8b:df:f0:
4a:61:f9:7e:ae:75:79:af:bf:5b:4f:9b:d9:33:8a:
11:dc:bb:57:e5:0c:0f:3e:98:c3:ec:b0:ce:72:ca:
bb:37:54:d1:d2:83:3e:73:1e:6b:23:1b:e4:f7:c6:
69:d4:14:61:33:16:eb:c0:f8:43:fc:65:22:7d:76:
64:41:a3:53:ec:22:46:e2:c7:16:a2:1e:9d:1d:01:
3b:10:e4:62:8d:33:23:e1:4b:45:95:a5:89:d6:47:
d0:9a:80:c1:7f:83:5e:6a:8d:42:08:85:2d:12:d2:
69:e8:de:e0:3f:fd:57:f0:53:62:76:e3:5d:4b:0b:
54:3b:05:dc:66:67:d3:7c:3e:a1:35:d4:32:be:4b:
a9:0b:a1:75:16:3f:6f:3e:91:b7:2c:97:97:47:e0:
3e:57:38:e7:ed:7e:1b:26:05:cb:c3:c7:87:25:79:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B1:56:20:A3:68:97:B4:3E:F8:37:05:8E:D0:81:28:57:6E:47:B9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4708F200998C11F0A3E194D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
11:ba:03:19:ab:d6:70:bc:58:79:05:9b:c0:75:1c:a0:42:c3:
35:31:25:18:46:c9:c5:40:ec:da:1b:4b:2d:77:d0:30:a1:84:
25:3d:f0:b0:7a:17:f7:85:25:af:73:84:a1:70:18:07:4e:fd:
fc:fe:11:be:e4:a5:76:6c:44:71:58:41:f9:bf:5a:7d:e9:10:
13:1e:33:17:d9:a6:d7:ee:97:e5:9e:76:fa:8c:fd:bf:60:a3:
0f:6c:c1:08:0d:d2:0f:85:87:4a:d6:07:c4:54:0b:0d:80:d0:
e1:fc:52:a1:00:5b:f8:8d:b7:16:ae:a5:37:13:18:eb:03:b0:
e5:b6:ad:ed:b5:93:4d:ef:77:32:e0:ad:74:2e:79:7a:47:01:
9a:6b:38:c9:e7:c5:dc:88:66:db:2c:04:31:b3:96:87:40:75:
2b:0c:61:b0:5d:0c:d2:c0:97:05:e8:e6:0d:03:20:17:db:e1:
37:21:57:d9:02:39:c5:c0:d8:8f:47:34:b2:fb:5f:43:a9:c6:
d5:f5:1a:19:63:4a:fc:c6:ec:41:ff:06:5e:43:03:9c:c5:19:
cb:17:38:4e:fe:dd:f2:1a:b7:22:05:32:ce:ff:3f:5c:38:35:
cc:df:3a:07:75:ff:f3:e3:20:92:40:99:9b:5d:b2:85:7d:52:
18:1e:8d:af
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaDMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MjEyMDE3WhcNMjUxMDIxMjEyMDE3WjAYMRYw
FAYDVQQDEw02OGQ0NjA5Ni1mMmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsk9nbxaOPepmoGBqZUz9yAK2mFPG7BP4ge+SMxh+ClMF804qjLl62CGE
JCmY1o/blhsLEsRNwE2wWYXnvNuZbkgDJ9IhwtYfK4JuYFQSGWnlSe2ok6iL3/BK
Yfl+rnV5r79bT5vZM4oR3LtX5QwPPpjD7LDOcsq7N1TR0oM+cx5rIxvk98Zp1BRh
MxbrwPhD/GUifXZkQaNT7CJG4scWoh6dHQE7EORijTMj4UtFlaWJ1kfQmoDBf4Ne
ao1CCIUtEtJp6N7gP/1X8FNiduNdSwtUOwXcZmfTfD6hNdQyvkupC6F1Fj9vPpG3
LJeXR+A+Vzjn7X4bJgXLw8eHJXnr8QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFO+x
ViCjaJe0Pvg3BY7QgShXbke5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzA4RjIwMDk5OEMxMUYwQTNFMTk0RDVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQARugMZq9ZwvFh5BZvAdRygQsM1MSUYRsnFQOzaG0std9Aw
oYQlPfCwehf3hSWvc4ShcBgHTv38/hG+5KV2bERxWEH5v1p96RATHjMX2abX7pfl
nnb6jP2/YKMPbMEIDdIPhYdK1gfEVAsNgNDh/FKhAFv4jbcWrqU3ExjrA7Dltq3t
tZNN73cy4K10Lnl6RwGaazjJ58XciGbbLAQxs5aHQHUrDGGwXQzSwJcF6OYNAyAX
2+E3IVfZAjnFwNiPRzSy+19DqcbV9RoZY0r8xuxB/wZeQwOcxRnLFzhO/t3yGrci
BTLO/z9cODXM3zoHdf/z4yCSQJmbXbKFfVIYHo2v
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:24 2025 by rpki-client