Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9CC12E802511F08AC9A9C5DAE4EC9C.roa
File: 4A9CC12E802511F08AC9A9C5DAE4EC9C.roa (raw, json)
Hash identifier: tPmXGUTq1UO/K/E8HMylEUWlrCgsp1qmnLQ1T/sIh0E=
Subject key identifier: D1:2E:31:6F:A4:91:6F:74:17:97:4B:BB:8A:B1:A8:A1:6C:06:27:55
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0195C0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9CC12E802511F08AC9A9C5DAE4EC9C.roa
Signing time: Sat 23 Aug 2025 13:30:11 +0000
ROA not before: Sat 23 Aug 2025 13:30:03 +0000
ROA not after: Tue 30 Sep 2025 13:30:03 +0000
asID: 401701
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103872 (0x195c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 23 13:30:03 2025 GMT
Not After : Sep 30 13:30:03 2025 GMT
Subject: CN=68a9c263-4962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:74:90:9b:19:8a:ed:2b:50:c2:a5:1b:1c:
61:de:4c:5e:79:9c:0b:80:23:b1:c3:f2:08:6f:eb:
d5:83:48:1f:52:c2:03:64:f9:be:7f:a1:84:94:7a:
29:64:57:79:fd:bb:98:01:e2:22:0d:7c:bf:b3:21:
cd:b1:79:d4:e1:64:f0:14:44:e3:db:ac:bd:05:df:
48:6b:27:15:d4:f7:5a:ad:3a:e6:49:cc:51:03:55:
a0:09:19:f0:dc:84:08:9d:b4:e9:f5:4c:25:5f:8f:
e0:e2:75:95:0c:71:83:95:c3:b7:48:68:81:f1:49:
51:e8:24:20:eb:95:42:37:19:6f:7c:e6:d2:e3:9f:
73:c6:5f:da:f1:f7:f0:52:51:d1:d8:ed:98:2b:df:
a5:0f:57:9f:49:aa:71:1e:f9:43:b2:57:09:e5:44:
3d:79:11:5b:95:a0:f7:7b:83:ac:88:b7:5e:41:b1:
2d:81:66:e0:88:9e:a9:67:ea:2e:2d:8e:df:3b:5b:
97:d3:fa:c1:12:57:73:2d:87:8a:5f:f6:53:d2:f4:
29:53:58:0d:33:0e:31:4b:c0:ab:de:8a:a1:1e:2d:
60:f3:d4:d1:18:8e:81:a2:25:16:8b:75:79:2f:7c:
c9:f1:d8:33:b6:a9:ca:46:f6:69:35:97:a7:f5:fa:
63:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2E:31:6F:A4:91:6F:74:17:97:4B:BB:8A:B1:A8:A1:6C:06:27:55
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9CC12E802511F08AC9A9C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:12:56:8a:fc:b6:42:4f:71:ff:d8:33:be:8b:5d:18:63:0c:
b8:57:84:32:0a:79:fc:e4:d9:5f:a6:ce:8c:e7:09:b3:4d:c9:
6b:fc:6f:10:f8:ca:68:40:4b:46:84:26:a1:1f:be:0f:80:06:
a8:67:85:43:29:d9:74:4b:6b:43:1d:50:3f:b1:db:f2:1f:1a:
64:b1:74:d6:cb:35:65:60:c4:78:ab:d5:3c:0e:08:55:d9:82:
3d:02:07:10:2e:bc:af:7b:f9:2d:ca:d3:33:fb:32:32:14:9a:
ca:f9:fd:97:cd:2b:f6:46:d3:63:9b:ee:41:65:bd:a6:4f:3d:
11:e9:72:37:e2:6f:0e:a1:20:03:32:32:27:7d:2a:02:06:9d:
c0:c1:40:6b:85:5b:af:b8:90:13:6b:f8:cb:3d:93:03:bc:50:
6a:7e:02:b3:f5:1d:8e:fc:f3:88:48:c0:37:cd:31:af:ab:99:
19:a4:5c:e4:0f:cf:ce:6b:78:d0:ae:ee:35:41:24:7a:43:87:
c1:58:5e:9d:26:1d:df:7f:1c:7d:36:ae:04:3e:8f:ac:11:01:
2c:66:75:a0:08:1b:12:fe:ef:61:23:75:f9:54:25:e9:ae:a4:
e6:bc:47:59:e3:14:23:25:52:95:c7:de:c1:4a:51:26:22:e8:
c4:42:d3:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZXAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODIzMTMzMDAzWhcNMjUwOTMwMTMzMDAzWjAYMRYw
FAYDVQQDEw02OGE5YzI2My00OTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzq10kJsZiu0rUMKlGxxh3kxeeZwLgCOxw/IIb+vVg0gfUsIDZPm+f6GE
lHopZFd5/buYAeIiDXy/syHNsXnU4WTwFETj26y9Bd9IaycV1PdarTrmScxRA1Wg
CRnw3IQInbTp9UwlX4/g4nWVDHGDlcO3SGiB8UlR6CQg65VCNxlvfObS459zxl/a
8ffwUlHR2O2YK9+lD1efSapxHvlDslcJ5UQ9eRFblaD3e4OsiLdeQbEtgWbgiJ6p
Z+ouLY7fO1uX0/rBEldzLYeKX/ZT0vQpU1gNMw4xS8Cr3oqhHi1g89TRGI6BoiUW
i3V5L3zJ8dgztqnKRvZpNZen9fpjgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNEu
MW+kkW90F5dLu4qxqKFsBidVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTlDQzEyRTgwMjUxMUYwOEFDOUE5QzVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQB+ElaK/LZCT3H/2DO+i10YYwy4V4QyCnn85Nlfps6M5wmzTclr/G8Q
+MpoQEtGhCahH74PgAaoZ4VDKdl0S2tDHVA/sdvyHxpksXTWyzVlYMR4q9U8DghV
2YI9AgcQLryve/ktytMz+zIyFJrK+f2XzSv2RtNjm+5BZb2mTz0R6XI34m8OoSAD
MjInfSoCBp3AwUBrhVuvuJATa/jLPZMDvFBqfgKz9R2O/POISMA3zTGvq5kZpFzk
D8/Oa3jQru41QSR6Q4fBWF6dJh3ffxx9Nq4EPo+sEQEsZnWgCBsS/u9hI3X5VCXp
rqTmvEdZ4xQjJVKVx97BSlEmIujEQtPz
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:41:51 2025 by rpki-client