Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58C56BE6831A11F0BAFBE780DAE4EC9C.roa
File: 58C56BE6831A11F0BAFBE780DAE4EC9C.roa (raw, json)
Hash identifier: iw70JEzpx3dI8ptMJ5wHWxbIPAC/dgYnESqkeNtlBbY=
Subject key identifier: 3A:11:C6:C1:C2:49:D1:61:24:51:BE:20:A7:44:68:74:01:D7:8D:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019859
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58C56BE6831A11F0BAFBE780DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 07:49:23 +0000
ROA not before: Wed 27 Aug 2025 07:49:18 +0000
ROA not after: Tue 07 Oct 2025 07:49:18 +0000
asID: 20326
IP address blocks: 154.193.134.0/23 maxlen: 24
154.193.156.0/23 maxlen: 24
154.222.118.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104537 (0x19859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 07:49:18 2025 GMT
Not After : Oct 7 07:49:18 2025 GMT
Subject: CN=68aeb883-3759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:0d:33:1c:34:f7:b8:f3:00:0d:16:f3:25:
cf:74:fe:16:f8:de:4c:25:25:04:b2:f0:02:e9:ef:
64:be:72:92:d6:1a:3f:f4:33:a0:bc:7f:ba:ea:11:
1a:61:4f:40:ef:4c:a0:82:f0:be:8f:8a:0a:27:14:
9e:9f:f5:92:c3:a5:65:f8:88:61:1e:5a:3b:c9:de:
28:a1:eb:5f:52:ba:44:52:58:c2:51:b2:db:11:93:
24:cf:b5:d6:ee:7e:3c:5f:62:91:31:61:3f:23:0a:
43:bb:bc:0b:65:02:d2:11:5c:b3:b0:c1:97:cc:59:
90:f4:80:5a:f9:b9:4d:ca:e3:ad:2b:25:de:94:23:
b3:4d:a5:aa:f4:00:69:d5:8d:42:b5:d0:3a:a1:20:
fc:29:80:03:37:e6:b1:ac:cd:d6:18:08:62:38:f1:
9c:ff:57:f1:38:48:b7:96:cc:b5:6b:ea:dd:be:25:
d9:2f:a5:84:08:30:9f:aa:6f:77:20:23:e8:11:18:
c5:7a:d7:eb:d8:5b:11:62:56:77:73:af:8b:dc:4e:
f5:cd:f9:82:bd:d4:75:7b:96:fe:e8:4b:b4:54:2d:
66:52:31:b6:10:9b:66:d9:25:0a:b1:06:74:c5:81:
f6:bf:c7:c0:d5:08:6a:25:bd:6b:60:6f:c4:ee:e0:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:11:C6:C1:C2:49:D1:61:24:51:BE:20:A7:44:68:74:01:D7:8D:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58C56BE6831A11F0BAFBE780DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.134.0/23
154.193.156.0/23
154.222.118.0/23
Signature Algorithm: sha256WithRSAEncryption
03:b9:b6:b9:a2:3a:bc:74:59:f7:1c:8e:75:84:26:2d:bf:45:
7b:f0:e6:d0:f5:55:09:86:2e:30:55:3b:13:75:2a:ba:00:a3:
66:55:8b:a7:85:a5:13:bc:31:61:54:17:36:93:67:f0:a2:6e:
79:6c:3e:d1:ff:55:2d:9e:2e:09:7c:70:96:5f:c0:c5:a8:01:
8f:cf:f7:d1:c1:74:09:36:a5:4a:05:bf:06:24:02:55:03:a3:
31:1a:69:e0:4a:53:8e:de:f6:80:2a:fc:88:70:4e:f7:17:64:
b2:ab:9b:67:dc:9a:77:38:f9:42:ba:51:59:a1:cc:7f:45:a8:
41:f7:ad:bc:61:6a:3c:40:79:75:1f:bd:5e:f4:2e:ac:6e:79:
3a:14:3e:d3:d3:e3:c4:fd:7f:27:10:79:13:cf:4b:6c:df:9f:
f7:1c:f7:f6:45:bc:9b:ef:0f:0c:c4:7f:3c:7c:26:8f:2d:78:
84:50:e9:d6:e6:7c:25:49:87:34:b0:b0:ed:69:fc:97:26:74:
f8:4f:4c:f3:b1:ca:94:ea:05:5c:3d:7f:43:da:d1:c7:d8:fc:
16:35:ce:ee:74:3e:c8:16:59:7e:20:56:ee:7a:19:91:d7:35:
3a:92:2a:dd:1e:d1:30:11:6b:d0:66:fd:b6:48:e6:4d:79:15:
50:69:81:cd
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAZhZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MDc0OTE4WhcNMjUxMDA3MDc0OTE4WjAYMRYw
FAYDVQQDEw02OGFlYjg4My0zNzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA01ANMxw097jzAA0W8yXPdP4W+N5MJSUEsvAC6e9kvnKS1ho/9DOgvH+6
6hEaYU9A70yggvC+j4oKJxSen/WSw6Vl+IhhHlo7yd4ooetfUrpEUljCUbLbEZMk
z7XW7n48X2KRMWE/IwpDu7wLZQLSEVyzsMGXzFmQ9IBa+blNyuOtKyXelCOzTaWq
9ABp1Y1CtdA6oSD8KYADN+axrM3WGAhiOPGc/1fxOEi3lsy1a+rdviXZL6WECDCf
qm93ICPoERjFetfr2FsRYlZ3c6+L3E71zfmCvdR1e5b+6Eu0VC1mUjG2EJtm2SUK
sQZ0xYH2v8fA1QhqJb1rYG/E7uBsdwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFDoR
xsHCSdFhJFG+IKdEaHQB140hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OEM1NkJFNjgzMUExMUYwQkFGQkU3ODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBmsGGAwQBmsGcAwQBmt52
MA0GCSqGSIb3DQEBCwUAA4IBAQADuba5ojq8dFn3HI51hCYtv0V78ObQ9VUJhi4w
VTsTdSq6AKNmVYunhaUTvDFhVBc2k2fwom55bD7R/1Utni4JfHCWX8DFqAGPz/fR
wXQJNqVKBb8GJAJVA6MxGmngSlOO3vaAKvyIcE73F2Syq5tn3Jp3OPlCulFZocx/
RahB9628YWo8QHl1H71e9C6sbnk6FD7T0+PE/X8nEHkTz0ts35/3HPf2Rbyb7w8M
xH88fCaPLXiEUOnW5nwlSYc0sLDtafyXJnT4T0zzscqU6gVcPX9D2tHH2PwWNc7u
dD7IFll+IFbuehmR1zU6kirdHtEwEWvQZv22SOZNeRVQaYHN
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:36:13 2025 by rpki-client