Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7B4F129E874211F0A20445A3DAE4EC9C.roa
File: 7B4F129E874211F0A20445A3DAE4EC9C.roa (raw, json)
Hash identifier: naQME6AYw8LNPhve9/BOSPEJXSJMNfpl162WuNyuaLg=
Subject key identifier: 16:BC:2F:AF:EF:E6:51:7C:DA:F7:13:B7:1C:52:2C:7E:5C:01:46:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019B8C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7B4F129E874211F0A20445A3DAE4EC9C.roa
Signing time: Mon 01 Sep 2025 14:46:46 +0000
ROA not before: Mon 01 Sep 2025 14:45:05 +0000
ROA not after: Sun 28 Sep 2025 14:45:05 +0000
asID: 401783
IP address blocks: 154.82.197.0/24 maxlen: 24
154.82.198.0/24 maxlen: 24
154.82.199.0/24 maxlen: 24
154.83.65.0/24 maxlen: 24
154.83.67.0/24 maxlen: 24
154.90.65.0/24 maxlen: 24
154.90.67.0/24 maxlen: 24
154.90.128.0/24 maxlen: 24
154.90.136.0/24 maxlen: 24
154.90.137.0/24 maxlen: 24
154.90.189.0/24 maxlen: 24
154.211.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105356 (0x19b8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 1 14:45:05 2025 GMT
Not After : Sep 28 14:45:05 2025 GMT
Subject: CN=68b5b1d6-e6f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:a9:6f:7a:38:ba:b2:21:f1:5c:ad:1b:62:
0b:2c:03:1b:00:2e:7a:7f:98:e6:21:90:00:13:dc:
99:f1:31:ad:b6:07:55:c5:28:44:dc:ca:45:a0:e6:
2a:b6:84:34:5b:be:4b:a3:da:cf:4b:98:1f:98:ce:
5a:8d:25:5a:30:db:f0:c2:93:15:96:63:ce:75:c1:
ae:35:57:66:62:aa:d5:48:b6:3c:9a:d7:62:0e:5d:
a0:2c:8d:73:72:ac:88:23:81:e6:24:eb:c1:7b:c3:
45:17:9d:dc:e4:1a:4a:8c:a3:b9:9a:30:9c:f9:aa:
67:73:19:e0:cd:63:06:ac:04:ab:6b:ae:fe:f1:07:
75:54:f2:d1:df:75:17:8f:3c:8c:e8:9d:97:cd:ed:
05:1f:48:3b:e6:09:b0:4c:6c:7f:db:25:ec:46:40:
19:74:72:0f:1d:d9:c6:5d:2a:e0:df:c1:40:f9:c7:
15:a7:ac:bf:df:4c:6a:24:8f:3d:b3:77:50:ba:4b:
56:89:1f:18:fe:24:d2:1f:98:cd:4a:3f:e8:9b:06:
bc:9a:dc:4e:97:6f:23:96:48:ff:75:36:75:6a:d0:
57:6c:00:4a:ad:e9:a4:2e:9d:7c:d1:1e:99:49:e7:
5d:6e:b7:cc:59:20:3b:87:2a:d7:56:7b:38:58:de:
c6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:BC:2F:AF:EF:E6:51:7C:DA:F7:13:B7:1C:52:2C:7E:5C:01:46:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7B4F129E874211F0A20445A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.197.0-154.82.199.255
154.83.65.0/24
154.83.67.0/24
154.90.65.0/24
154.90.67.0/24
154.90.128.0/24
154.90.136.0/23
154.90.189.0/24
154.211.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:45:6d:bb:57:77:02:9b:f0:73:fc:c1:49:78:d3:be:2a:09:
64:cc:7a:e6:c9:1a:93:ce:a1:01:e5:df:a8:5c:be:62:df:7a:
f7:59:89:66:27:36:73:8b:82:6c:de:e6:38:eb:a4:cc:44:13:
db:a6:87:1b:dc:ea:2c:3d:5d:80:ed:96:24:01:7c:f1:e8:6a:
0d:f1:e7:78:ec:dd:0e:b3:44:e8:48:2f:b6:ce:1f:bc:a3:56:
e4:8f:3d:4f:dc:f8:b3:34:6a:3b:e0:1b:93:b0:18:1f:7e:0b:
54:3f:bf:4b:b1:ce:18:ff:ef:41:13:c7:ba:10:1b:ea:5f:55:
c2:37:f4:93:10:87:d0:05:e7:35:70:ce:70:a2:1a:18:2d:19:
20:8c:fa:e8:fc:a5:d2:4a:8a:e6:de:42:cf:a0:26:3d:ff:a2:
ca:59:29:6b:bb:3a:4d:68:b8:90:7f:70:d0:fd:4e:bb:e9:5c:
96:95:33:81:8a:63:33:81:5d:ad:47:94:72:bc:c1:d7:73:df:
cd:03:32:1f:03:77:8b:4d:fc:75:87:1c:0b:12:3a:ae:d0:84:
ae:6e:fe:9d:2e:b9:9f:a2:1a:9b:32:05:36:c4:2d:cb:fa:0e:
5b:3a:fb:91:70:05:37:82:06:f5:6c:2b:4e:0e:52:05:79:91:
19:61:4c:4b
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAZuMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAxMTQ0NTA1WhcNMjUwOTI4MTQ0NTA1WjAYMRYw
FAYDVQQDEw02OGI1YjFkNi1lNmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuU6pb3o4urIh8VytG2ILLAMbAC56f5jmIZAAE9yZ8TGttgdVxShE3MpF
oOYqtoQ0W75Lo9rPS5gfmM5ajSVaMNvwwpMVlmPOdcGuNVdmYqrVSLY8mtdiDl2g
LI1zcqyII4HmJOvBe8NFF53c5BpKjKO5mjCc+apncxngzWMGrASra67+8Qd1VPLR
33UXjzyM6J2Xze0FH0g75gmwTGx/2yXsRkAZdHIPHdnGXSrg38FA+ccVp6y/30xq
JI89s3dQuktWiR8Y/iTSH5jNSj/omwa8mtxOl28jlkj/dTZ1atBXbABKremkLp18
0R6ZSeddbrfMWSA7hyrXVns4WN7GjwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFBa8
L6/v5lF82vcTtxxSLH5cAUaCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QjRGMTI5RTg3NDIxMUYwQTIwNDQ1QTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBACaUsUDBAOaUsADBACa
U0EDBACaU0MDBACaWkEDBACaWkMDBACaWoADBAGaWogDBACaWr0DBACa09MwDQYJ
KoZIhvcNAQELBQADggEBAE5FbbtXdwKb8HP8wUl4074qCWTMeubJGpPOoQHl36hc
vmLfevdZiWYnNnOLgmze5jjrpMxEE9umhxvc6iw9XYDtliQBfPHoag3x53js3Q6z
ROhIL7bOH7yjVuSPPU/c+LM0ajvgG5OwGB9+C1Q/v0uxzhj/70ETx7oQG+pfVcI3
9JMQh9AF5zVwznCiGhgtGSCM+uj8pdJKiubeQs+gJj3/ospZKWu7Ok1ouJB/cND9
TrvpXJaVM4GKYzOBXa1HlHK8wddz380DMh8Dd4tN/HWHHAsSOq7QhK5u/p0uuZ+i
GpsyBTbELcv6Dls6+5FwBTeCBvVsK04OUgV5kRlhTEs=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:42:29 2025 by rpki-client