Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/620A84BE825411F0AF62B5EDDAE4EC9C.roa
File: 620A84BE825411F0AF62B5EDDAE4EC9C.roa (raw, json)
Hash identifier: 3jOCVIKZknHDbdMoJ5q+mUeAjmcFbqnz4iPcr/odR8g=
Subject key identifier: 90:47:5C:38:0B:6C:96:E7:BC:73:65:47:7D:1C:42:88:62:ED:F5:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0197A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/620A84BE825411F0AF62B5EDDAE4EC9C.roa
Signing time: Tue 26 Aug 2025 08:12:19 +0000
ROA not before: Tue 26 Aug 2025 08:12:14 +0000
ROA not after: Sun 28 Sep 2025 08:12:14 +0000
asID: 52263
IP address blocks: 154.194.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104358 (0x197a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 26 08:12:14 2025 GMT
Not After : Sep 28 08:12:14 2025 GMT
Subject: CN=68ad6c62-dbca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:74:5a:7f:e9:6b:14:4d:1f:e9:43:97:8e:
f3:55:62:31:96:39:4c:39:47:9e:f7:15:92:f5:9c:
05:09:82:14:08:2a:3a:56:f7:15:ff:04:47:ff:7c:
9e:3a:76:75:01:8c:7b:33:06:3b:cb:b3:27:4a:2e:
35:4b:3b:e1:1c:2d:2f:5f:e9:02:8a:1a:96:a6:db:
5a:63:0c:d4:dd:32:dc:e6:18:7b:09:e0:ea:8f:40:
d8:23:1d:07:6a:83:e7:c1:7e:bc:57:0d:ba:0e:21:
8a:93:11:81:2c:13:96:26:39:8e:aa:3d:83:fc:ad:
be:4b:3e:d9:8e:71:cb:0d:83:e0:17:cf:87:a6:fa:
fc:5e:2d:f1:ce:ef:8e:a7:68:65:f4:8b:76:7a:5c:
51:0e:57:26:22:f9:da:3f:69:f7:5c:ea:31:3d:6c:
b9:10:cd:70:9b:01:66:7d:b3:e5:5a:f6:b4:7d:e2:
b5:10:e3:b0:7c:d8:a1:bd:21:89:23:1c:8f:63:67:
4e:81:ca:42:78:07:d9:9a:68:21:9e:eb:4c:ff:7e:
ed:0b:ca:30:82:2c:87:ed:4f:ae:ba:e2:06:55:4e:
be:72:21:4c:b1:e0:db:41:99:33:16:c2:6f:10:26:
e9:d2:7b:87:6b:7d:51:24:8c:4d:50:c8:69:0e:50:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:47:5C:38:0B:6C:96:E7:BC:73:65:47:7D:1C:42:88:62:ED:F5:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/620A84BE825411F0AF62B5EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.69.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:55:0c:af:b1:7d:bf:f7:0b:76:ce:82:74:05:6f:ad:bb:e2:
62:da:9b:57:83:94:00:ae:fd:69:9b:a2:8c:8d:e6:7c:d7:86:
29:f6:fa:e3:8f:f5:89:ba:9b:f2:3a:59:47:e9:f5:85:e8:7c:
38:8d:b8:cd:30:3e:0a:95:69:4d:be:98:9c:f5:09:be:8c:42:
4c:eb:70:de:61:43:0c:6b:e7:cb:39:77:88:8c:7f:97:f3:84:
04:e4:16:7c:3b:81:0a:47:ae:9e:22:e0:61:e3:a0:c1:f4:59:
8f:c9:aa:a4:32:b6:39:16:ca:62:c8:cc:81:0f:8c:7d:f3:83:
02:4b:6f:d2:e5:43:e4:59:35:48:fd:07:09:23:68:46:43:c9:
50:33:d0:11:c1:cf:a9:96:eb:71:19:a6:51:33:d3:0a:f4:85:
2b:0d:ff:19:33:c3:b1:27:4d:51:80:6a:ac:1a:5a:4e:0f:3c:
27:ab:f5:12:50:e7:8b:87:17:1e:9b:78:d3:4e:d1:df:88:e8:
20:6e:68:b5:06:3b:86:1c:4f:0a:a2:70:9a:d6:3c:7a:79:c2:
7c:30:be:dc:58:2e:11:06:e6:f0:39:ef:c6:7d:04:3c:c3:ac:
2e:cd:f8:03:3b:7f:73:f5:70:6a:72:ff:29:10:39:b0:ed:86:
eb:c8:62:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZemMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI2MDgxMjE0WhcNMjUwOTI4MDgxMjE0WjAYMRYw
FAYDVQQDEw02OGFkNmM2Mi1kYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvMp0Wn/paxRNH+lDl47zVWIxljlMOUee9xWS9ZwFCYIUCCo6VvcV/wRH
/3yeOnZ1AYx7MwY7y7MnSi41SzvhHC0vX+kCihqWpttaYwzU3TLc5hh7CeDqj0DY
Ix0HaoPnwX68Vw26DiGKkxGBLBOWJjmOqj2D/K2+Sz7ZjnHLDYPgF8+Hpvr8Xi3x
zu+Op2hl9It2elxRDlcmIvnaP2n3XOoxPWy5EM1wmwFmfbPlWva0feK1EOOwfNih
vSGJIxyPY2dOgcpCeAfZmmghnutM/37tC8owgiyH7U+uuuIGVU6+ciFMseDbQZkz
FsJvECbp0nuHa31RJIxNUMhpDlBWWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJBH
XDgLbJbnvHNlR30cQohi7fW6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MjBBODRCRTgyNTQxMUYwQUY2MkI1RUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJFMA0GCSqGSIb3DQEB
CwUAA4IBAQA7VQyvsX2/9wt2zoJ0BW+tu+Ji2ptXg5QArv1pm6KMjeZ814Yp9vrj
j/WJupvyOllH6fWF6Hw4jbjNMD4KlWlNvpic9Qm+jEJM63DeYUMMa+fLOXeIjH+X
84QE5BZ8O4EKR66eIuBh46DB9FmPyaqkMrY5FspiyMyBD4x984MCS2/S5UPkWTVI
/QcJI2hGQ8lQM9ARwc+plutxGaZRM9MK9IUrDf8ZM8OxJ01RgGqsGlpODzwnq/US
UOeLhxcem3jTTtHfiOggbmi1BjuGHE8KonCa1jx6ecJ8ML7cWC4RBubwOe/GfQQ8
w6wuzfgDO39z9XBqcv8pEDmw7YbryGKj
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:48:25 2025 by rpki-client