Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70C76C927ACF11F09E0E53CADAE4EC9C.roa
File: 70C76C927ACF11F09E0E53CADAE4EC9C.roa (raw, json)
Hash identifier: G8/vVqCdRmy3FVE2iZuJHnzoSYoNeMezZFhyr3CI2pM=
Subject key identifier: F3:E7:64:38:EF:88:F3:DC:03:A7:07:21:7A:66:B6:93:39:AE:A7:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0191F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70C76C927ACF11F09E0E53CADAE4EC9C.roa
Signing time: Sat 16 Aug 2025 18:33:02 +0000
ROA not before: Sat 16 Aug 2025 18:32:57 +0000
ROA not after: Tue 26 Aug 2025 18:32:57 +0000
asID: 20473
IP address blocks: 154.81.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Aug 2025 07:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102901 (0x191f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 16 18:32:57 2025 GMT
Not After : Aug 26 18:32:57 2025 GMT
Subject: CN=68a0cede-c1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4b:43:a8:2a:09:a9:cd:51:74:64:db:af:99:
7b:8a:85:ed:3f:6a:b5:61:e4:92:b3:2e:64:7b:dc:
40:c4:b3:a3:f3:54:0f:69:0c:2e:57:27:0d:db:ae:
62:f7:50:85:a8:37:fe:9b:3e:aa:e3:67:bc:17:c0:
69:e1:1b:d4:3e:52:65:99:8f:6d:5e:2a:df:ad:a6:
b2:59:5c:fa:88:a0:18:2b:61:10:f7:0c:72:98:5f:
8f:06:f9:ca:81:3a:f7:2c:35:bb:e7:be:73:43:6d:
b1:c1:43:33:a8:3e:2b:42:9c:ff:e5:e2:2e:d4:d3:
f8:c9:0b:68:1b:27:dd:9f:48:6b:f3:17:d9:e7:66:
e9:3e:01:e7:35:88:b8:d2:e2:97:be:e8:60:d0:2f:
06:75:51:3d:33:26:e0:97:1e:6d:3b:fb:e4:75:81:
62:63:25:d0:da:c2:cb:53:91:6c:78:0b:0f:c7:55:
00:80:59:48:af:d6:56:6c:f3:2f:85:37:eb:60:fd:
e3:ac:a2:94:38:0d:19:c3:19:a3:08:b4:61:f3:e3:
6c:f4:16:2a:e0:c7:de:9f:cb:3b:38:6b:2e:ae:45:
9d:11:73:9e:c6:dc:35:d9:a5:5a:17:a5:99:85:91:
f7:e4:55:91:2d:d9:83:4a:51:3b:69:f9:89:37:f4:
fe:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E7:64:38:EF:88:F3:DC:03:A7:07:21:7A:66:B6:93:39:AE:A7:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70C76C927ACF11F09E0E53CADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.156.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5b:70:fc:9d:b0:28:06:88:9a:9c:bf:40:ae:20:73:ca:b2:
eb:bd:1b:41:2a:8b:73:90:f3:c9:ae:ec:f1:2e:96:24:62:33:
c8:f4:0b:d3:54:e3:14:12:4d:ca:ef:24:8f:78:42:7e:de:50:
84:a6:45:0a:ae:a1:a3:57:9e:d9:55:fd:c6:5a:15:51:ac:42:
a0:ec:e1:be:0f:cc:7c:7a:17:17:7f:4b:1a:04:54:01:dd:51:
be:34:20:5e:df:27:2c:03:d2:78:98:44:3a:1e:01:cc:6b:49:
2b:20:85:6d:a3:76:e0:67:23:4f:3c:6c:bf:91:15:5c:5c:f6:
0f:11:fa:52:d0:c1:7b:06:a8:ff:04:58:ce:8e:c4:88:f7:56:
63:b8:2c:e8:78:34:a8:42:ab:7a:db:9c:ef:39:8a:4a:0f:6f:
39:f0:15:89:7d:e9:c1:58:2a:d9:c1:1a:cb:58:68:d2:97:56:
b8:51:da:88:e7:1d:8f:9d:7a:93:21:3a:3e:ad:ee:56:c7:02:
a5:ec:1d:55:5c:fd:36:e3:69:e7:a8:47:ac:c9:30:d6:06:d1:
40:4d:bf:33:49:71:1d:1f:7f:df:83:8d:24:25:d2:f5:ad:8a:
da:55:81:a1:58:36:34:e6:c7:f5:8a:bd:d0:07:cd:70:f4:ec:
0a:58:b0:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZH1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE2MTgzMjU3WhcNMjUwODI2MTgzMjU3WjAYMRYw
FAYDVQQDEw02OGEwY2VkZS1jMWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20tDqCoJqc1RdGTbr5l7ioXtP2q1YeSSsy5ke9xAxLOj81QPaQwuVycN
265i91CFqDf+mz6q42e8F8Bp4RvUPlJlmY9tXirfraayWVz6iKAYK2EQ9wxymF+P
BvnKgTr3LDW7575zQ22xwUMzqD4rQpz/5eIu1NP4yQtoGyfdn0hr8xfZ52bpPgHn
NYi40uKXvuhg0C8GdVE9Mybglx5tO/vkdYFiYyXQ2sLLU5FseAsPx1UAgFlIr9ZW
bPMvhTfrYP3jrKKUOA0ZwxmjCLRh8+Ns9BYq4Mfen8s7OGsurkWdEXOextw12aVa
F6WZhZH35FWRLdmDSlE7afmJN/T+FwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPPn
ZDjviPPcA6cHIXpmtpM5rqfLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MEM3NkM5MjdBQ0YxMUYwOUUwRTUzQ0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlGcMA0GCSqGSIb3DQEB
CwUAA4IBAQCeW3D8nbAoBoianL9AriBzyrLrvRtBKotzkPPJruzxLpYkYjPI9AvT
VOMUEk3K7ySPeEJ+3lCEpkUKrqGjV57ZVf3GWhVRrEKg7OG+D8x8ehcXf0saBFQB
3VG+NCBe3ycsA9J4mEQ6HgHMa0krIIVto3bgZyNPPGy/kRVcXPYPEfpS0MF7Bqj/
BFjOjsSI91ZjuCzoeDSoQqt625zvOYpKD2858BWJfenBWCrZwRrLWGjSl1a4UdqI
5x2PnXqTITo+re5WxwKl7B1VXP0242nnqEesyTDWBtFATb8zSXEdH3/fg40kJdL1
rYraVYGhWDY05sf1ir3QB81w9OwKWLBx
-----END CERTIFICATE-----
Generated at Thu Aug 21 11:09:08 2025 by rpki-client