Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CE0F510836111F0B75A51C9DAE4EC9C.roa
File: 4CE0F510836111F0B75A51C9DAE4EC9C.roa (raw, json)
Hash identifier: qq1bCKYFOiY1tvbmpFYNfM5aghJcQxMEg8mFAb9TMq8=
Subject key identifier: 29:CE:D8:60:B8:15:C4:F1:B4:3A:4E:A0:A2:7F:08:3F:2B:8E:81:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0198D6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CE0F510836111F0B75A51C9DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 16:17:18 +0000
ROA not before: Wed 27 Aug 2025 16:17:11 +0000
ROA not after: Fri 17 Oct 2025 16:17:11 +0000
asID: 138915
IP address blocks: 154.206.56.0/23 maxlen: 24
154.206.58.0/23 maxlen: 24
154.206.60.0/23 maxlen: 24
154.206.62.0/23 maxlen: 24
154.206.79.0/24 maxlen: 24
154.206.96.0/23 maxlen: 24
154.206.100.0/23 maxlen: 24
154.206.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104662 (0x198d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 16:17:11 2025 GMT
Not After : Oct 17 16:17:11 2025 GMT
Subject: CN=68af2f8e-1a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:15:61:69:15:d7:8a:1c:f6:f6:8d:f3:60:77:
ba:0b:ea:31:c4:0c:38:07:2f:27:b0:62:fa:ac:fc:
37:7f:4b:0f:b9:10:a6:52:6c:7f:b4:93:06:11:c3:
7c:0c:d8:93:05:da:9a:05:00:54:79:72:62:f6:52:
09:a0:5c:d6:17:dd:fd:1a:27:6b:aa:dd:d7:83:ec:
e3:9f:f5:62:50:26:7f:76:b9:38:71:99:46:e2:d5:
87:ef:ce:69:b2:72:e4:71:29:3b:ad:45:27:e7:14:
67:f4:29:43:cf:09:4d:9f:9e:31:7e:07:53:7e:79:
36:bf:c5:4f:e3:e9:53:e1:94:b5:c7:bb:6a:38:57:
a4:77:c0:1f:36:4d:31:7c:99:e3:ff:32:6d:4a:56:
cf:45:22:44:52:c0:51:ae:33:28:a8:15:a7:f1:80:
ce:af:69:9e:6f:25:01:37:7e:e5:cf:d8:cb:c8:37:
b8:a4:a1:a6:88:2b:c2:cc:89:b7:7f:c8:ac:8d:e5:
4a:ef:12:e9:35:f3:46:80:49:b0:0c:34:7e:b1:70:
9a:d1:24:1f:9f:a9:1e:5c:10:72:4e:cf:76:c6:f7:
c8:65:4b:67:b6:f6:ea:e8:58:a7:fa:7b:ba:4d:93:
55:01:37:7f:23:c1:05:ab:4e:11:86:74:d0:80:35:
64:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CE:D8:60:B8:15:C4:F1:B4:3A:4E:A0:A2:7F:08:3F:2B:8E:81:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CE0F510836111F0B75A51C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.56.0/21
154.206.79.0/24
154.206.96.0/23
154.206.100.0/23
154.206.107.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:66:bf:ba:4d:f2:92:1c:33:b9:61:ad:62:ad:d3:57:ef:fb:
ac:a4:c3:dd:ed:f5:5b:cc:2e:0c:a5:44:13:db:3e:65:b2:d4:
c7:b1:de:71:ec:b3:9b:24:51:00:aa:3c:41:4a:78:05:40:89:
14:9d:38:8c:74:17:4e:71:15:3a:82:4a:34:8f:d8:0f:ab:b6:
16:c3:be:fe:82:60:c0:b3:89:6c:29:7d:b4:8a:a3:3b:48:8c:
40:07:a8:aa:6f:13:bc:0b:b7:ad:3a:f4:d8:47:97:f3:53:df:
46:a8:10:4f:a3:0b:84:0c:21:2a:5a:0e:e6:0e:eb:17:66:90:
df:25:6d:0e:64:8c:67:78:84:8f:05:08:e8:9d:97:29:a4:b1:
9e:70:c7:ab:d7:a1:9d:38:c1:6a:87:e0:c1:1b:53:1c:ef:9a:
7b:04:6c:b5:0a:5b:82:1f:b9:8c:20:74:be:02:64:11:c6:ea:
f0:68:85:52:73:fd:75:94:79:db:4d:1f:4b:65:31:3e:8c:cd:
93:27:1e:84:f7:43:c5:c0:4f:a4:24:ea:dc:11:25:07:97:c6:
34:71:6c:97:f5:ad:5e:09:67:04:eb:34:6d:e8:cf:3f:e4:05:
5d:1d:91:16:74:5b:0a:b4:04:1f:c1:88:8e:82:5f:b7:78:72:
1a:bd:3c:e4
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDAZjWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MTYxNzExWhcNMjUxMDE3MTYxNzExWjAYMRYw
FAYDVQQDEw02OGFmMmY4ZS0xYTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyBVhaRXXihz29o3zYHe6C+oxxAw4By8nsGL6rPw3f0sPuRCmUmx/tJMG
EcN8DNiTBdqaBQBUeXJi9lIJoFzWF939Gidrqt3Xg+zjn/ViUCZ/drk4cZlG4tWH
785psnLkcSk7rUUn5xRn9ClDzwlNn54xfgdTfnk2v8VP4+lT4ZS1x7tqOFekd8Af
Nk0xfJnj/zJtSlbPRSJEUsBRrjMoqBWn8YDOr2mebyUBN37lz9jLyDe4pKGmiCvC
zIm3f8isjeVK7xLpNfNGgEmwDDR+sXCa0SQfn6keXBByTs92xvfIZUtntvbq6Fin
+nu6TZNVATd/I8EFq04RhnTQgDVkVQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFCnO
2GC4FcTxtDpOoKJ/CD8rjoEsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Q0UwRjUxMDgzNjExMUYwQjc1QTUxQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDms44AwQAms5PAwQBms5g
AwQBms5kAwQAms5rMA0GCSqGSIb3DQEBCwUAA4IBAQDNZr+6TfKSHDO5Ya1irdNX
7/uspMPd7fVbzC4MpUQT2z5lstTHsd5x7LObJFEAqjxBSngFQIkUnTiMdBdOcRU6
gko0j9gPq7YWw77+gmDAs4lsKX20iqM7SIxAB6iqbxO8C7etOvTYR5fzU99GqBBP
owuEDCEqWg7mDusXZpDfJW0OZIxneISPBQjonZcppLGecMer16GdOMFqh+DBG1Mc
75p7BGy1CluCH7mMIHS+AmQRxurwaIVSc/11lHnbTR9LZTE+jM2TJx6E90PFwE+k
JOrcESUHl8Y0cWyX9a1eCWcE6zRt6M8/5AVdHZEWdFsKtAQfwYiOgl+3eHIavTzk
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:42:35 2025 by rpki-client