Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76A7FDACAA6311F08F837BCBDAE4EC9C.roa
File: 76A7FDACAA6311F08F837BCBDAE4EC9C.roa (raw, json)
Hash identifier: EH/kc4kSlKrXhCiOYdCZIeBL56DrFoA0xiJVsAFk7a8=
Subject key identifier: 54:DE:81:E9:3C:64:AE:C1:8F:69:58:75:BE:28:BB:0D:BB:41:2D:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A3BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76A7FDACAA6311F08F837BCBDAE4EC9C.roa
Signing time: Thu 16 Oct 2025 07:41:02 +0000
ROA not before: Thu 16 Oct 2025 07:40:57 +0000
ROA not after: Fri 17 Jul 2026 07:40:57 +0000
asID: 329611
IP address blocks: 154.211.4.0/22 maxlen: 24
154.211.4.0/23 maxlen: 24
154.211.6.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107454 (0x1a3be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 07:40:57 2025 GMT
Not After : Jul 17 07:40:57 2026 GMT
Subject: CN=68f0a18e-ccd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:de:58:8a:ea:0b:cc:30:84:28:9a:31:3c:21:
c4:d3:b4:26:b9:51:33:66:4b:e9:d0:65:95:5b:11:
a8:94:86:56:6c:00:0e:4b:83:7b:f6:28:7d:3d:cf:
32:3b:23:fc:49:f5:2d:cb:0c:c2:62:9d:5a:cb:f4:
bc:75:68:6e:58:44:c5:5b:5f:91:cc:5c:c0:ac:8e:
78:18:e0:52:0c:61:2c:50:8a:56:e7:6c:ba:a6:a3:
5b:b7:e6:8e:6e:2c:a1:c0:b7:25:18:7d:e1:ad:23:
44:8e:58:89:9b:5d:9f:f7:b6:76:2b:d4:86:cd:ad:
43:3f:fb:bb:00:86:d7:41:61:96:88:3e:5c:47:bd:
6a:f2:ec:f6:1b:1d:4b:e8:f0:56:aa:a5:5e:dc:2e:
4f:a4:95:9d:70:d2:a9:dd:28:d4:37:bd:57:4e:69:
8f:bf:93:95:ce:51:32:e6:34:47:48:c8:85:f1:ab:
46:8b:e8:e1:be:82:10:2c:6b:c7:4e:0c:61:a5:67:
2c:c4:cd:01:9a:7b:71:04:fc:5d:fa:7f:d2:24:bc:
02:15:7d:89:c2:29:c0:7d:6d:4c:25:2d:54:ad:a2:
6a:2a:f1:73:1a:4c:b1:ce:eb:22:6f:8e:60:27:06:
56:2a:2f:18:6e:76:ef:0e:1a:b1:d5:51:69:01:9d:
c2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DE:81:E9:3C:64:AE:C1:8F:69:58:75:BE:28:BB:0D:BB:41:2D:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76A7FDACAA6311F08F837BCBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:96:75:24:6a:b5:e9:f7:65:c0:e8:4f:8f:36:df:c9:b3:e7:
8f:37:84:7e:88:96:76:3c:0c:67:f2:ee:12:8f:68:05:28:7a:
8e:34:3e:81:60:2a:23:8c:f9:dc:3a:1f:79:ee:db:7e:e2:26:
f0:a8:67:5c:ec:a7:e3:59:73:45:ae:48:b7:95:6a:73:50:00:
8d:d0:57:d3:b7:2e:0c:ed:b3:79:9c:61:ad:63:ba:fa:b6:a3:
86:10:7a:2c:f4:89:82:0d:5c:a5:2c:e4:c6:f9:55:70:14:9f:
b3:17:45:29:f0:cb:89:27:a8:16:3b:07:c1:56:c9:4a:98:4d:
7d:64:66:3c:b9:2b:22:62:4a:d6:1d:33:db:2b:7b:4d:2d:cd:
49:1b:c1:e9:6d:f7:16:f4:ce:8b:19:7b:6e:b3:14:3a:a9:8d:
9d:74:af:10:cd:ec:d4:d0:54:b6:60:a3:37:87:65:44:91:b0:
bb:da:87:0e:d1:30:09:80:b4:dc:da:d2:57:a2:c1:49:30:55:
12:5a:01:08:70:67:d6:14:5a:10:cd:20:bd:f8:0b:59:e9:a7:
15:53:6c:8d:c8:0f:16:1c:0d:a4:6d:1d:fb:98:0f:8a:f4:bb:
25:05:8a:6d:58:9b:b3:a4:4b:54:63:14:a7:3a:95:98:37:16:
6d:d2:14:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaO+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MDc0MDU3WhcNMjYwNzE3MDc0MDU3WjAYMRYw
FAYDVQQDEw02OGYwYTE4ZS1jY2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnd5YiuoLzDCEKJoxPCHE07QmuVEzZkvp0GWVWxGolIZWbAAOS4N79ih9
Pc8yOyP8SfUtywzCYp1ay/S8dWhuWETFW1+RzFzArI54GOBSDGEsUIpW52y6pqNb
t+aObiyhwLclGH3hrSNEjliJm12f97Z2K9SGza1DP/u7AIbXQWGWiD5cR71q8uz2
Gx1L6PBWqqVe3C5PpJWdcNKp3SjUN71XTmmPv5OVzlEy5jRHSMiF8atGi+jhvoIQ
LGvHTgxhpWcsxM0BmntxBPxd+n/SJLwCFX2JwinAfW1MJS1UraJqKvFzGkyxzusi
b45gJwZWKi8YbnbvDhqx1VFpAZ3CrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFTe
gek8ZK7Bj2lYdb4ouw27QS0VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NkE3RkRBQ0FBNjMxMUYwOEY4MzdCQ0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtMEMA0GCSqGSIb3DQEB
CwUAA4IBAQColnUkarXp92XA6E+PNt/Js+ePN4R+iJZ2PAxn8u4Sj2gFKHqOND6B
YCojjPncOh957tt+4ibwqGdc7KfjWXNFrki3lWpzUACN0FfTty4M7bN5nGGtY7r6
tqOGEHos9ImCDVylLOTG+VVwFJ+zF0Up8MuJJ6gWOwfBVslKmE19ZGY8uSsiYkrW
HTPbK3tNLc1JG8HpbfcW9M6LGXtusxQ6qY2ddK8QzezU0FS2YKM3h2VEkbC72ocO
0TAJgLTc2tJXosFJMFUSWgEIcGfWFFoQzSC9+AtZ6acVU2yNyA8WHA2kbR37mA+K
9LslBYptWJuzpEtUYxSnOpWYNxZt0hQC
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:35 2025 by rpki-client