Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BF96C948C8D11F09DB3108CDAE4EC9C.roa
File: 7BF96C948C8D11F09DB3108CDAE4EC9C.roa (raw, json)
Hash identifier: bmWGn7ne7L/YRtTZMQsKCEPVArHdQLWvCcmoR/prmN4=
Subject key identifier: 4C:CE:92:40:B6:6B:83:21:19:03:84:E2:7C:37:1F:7B:19:4B:85:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019EB1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BF96C948C8D11F09DB3108CDAE4EC9C.roa
Signing time: Mon 08 Sep 2025 08:26:15 +0000
ROA not before: Mon 08 Sep 2025 08:26:10 +0000
ROA not after: Wed 06 May 2026 08:26:10 +0000
asID: 395886
IP address blocks: 154.86.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 05:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106161 (0x19eb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 8 08:26:10 2025 GMT
Not After : May 6 08:26:10 2026 GMT
Subject: CN=68be9327-0b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3a:74:7a:1e:11:90:08:9b:38:b5:ed:c5:38:
06:17:b4:b3:9c:87:ee:39:5f:5f:8c:05:e1:11:9d:
81:16:c6:07:be:18:2b:c7:2e:f0:09:21:11:40:7b:
6e:f1:fd:f8:64:a1:2a:2a:37:24:fe:3e:e1:ff:73:
dd:59:06:db:15:7f:e8:e8:56:c8:42:6b:79:60:bc:
cc:db:c7:05:ff:d4:9b:56:a5:1b:93:bd:b7:f9:f0:
9d:a3:33:22:b4:4c:be:c1:9d:a0:b2:b8:fc:37:9c:
fd:4d:05:b9:6d:2d:a9:ff:5e:5c:09:bf:52:f7:26:
8b:a2:61:5b:8c:76:8d:7b:a9:85:27:61:de:60:19:
fc:1f:83:de:3c:ec:f1:ae:0c:43:e2:3e:96:c1:76:
8e:ce:96:2d:22:97:b6:0a:95:a6:9f:7a:11:2e:65:
a2:10:18:8b:89:57:af:e0:d4:80:94:c3:8c:bf:80:
e7:39:16:3a:ac:24:6a:dc:39:e3:e4:7d:7d:c2:b1:
81:36:4f:a8:1b:03:9d:f4:d8:42:ef:30:fc:f2:4b:
fc:b2:94:f4:2a:13:b6:8b:ea:80:c1:52:1e:be:a4:
52:62:72:8e:98:6f:a8:16:da:9f:3d:1e:cd:f2:71:
b9:91:74:2e:98:5f:69:0a:b4:27:11:f7:27:ee:03:
7f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CE:92:40:B6:6B:83:21:19:03:84:E2:7C:37:1F:7B:19:4B:85:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7BF96C948C8D11F09DB3108CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:84:c8:b6:35:7d:df:44:b9:30:26:30:19:f5:ef:b7:1a:32:
93:29:44:a1:5c:b3:eb:00:05:f2:e1:7f:cb:22:d1:82:bd:b2:
29:33:c8:84:33:3f:ff:fa:78:7d:79:3a:f2:2a:32:db:31:44:
fa:78:1e:35:3f:a2:ec:fe:0f:88:b8:77:a3:be:3e:03:49:27:
50:02:8e:2a:a7:3b:d3:29:ec:d4:fd:69:2c:af:41:98:c6:74:
9c:e0:f0:7d:99:c6:cf:78:6c:4e:ee:a1:a3:0c:d2:e7:21:a1:
21:a5:e3:01:de:27:b0:62:fa:82:cc:f3:f7:3b:fd:1f:68:c5:
38:60:15:8a:8c:e6:cf:7d:0a:5a:2d:49:e4:cd:a1:aa:2c:93:
1a:a7:8b:b0:c7:11:01:05:d5:5b:f6:a4:15:4e:f3:8b:31:df:
3d:3d:ea:d3:e9:0e:43:6f:26:18:bb:9d:67:d2:31:95:a1:5e:
36:34:41:bb:7c:83:69:ce:e0:5a:53:41:89:3b:9b:53:ce:98:
7c:f3:98:2a:77:8a:3d:0d:f7:f2:3a:44:a8:31:d3:a9:94:d8:
2c:78:61:58:18:8f:00:64:81:0d:ec:e0:20:ac:d3:e0:1e:bd:
ef:8a:4d:c4:88:f9:19:a3:8f:df:79:92:57:fe:e0:fa:f2:fa:
f9:17:2f:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ6xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA4MDgyNjEwWhcNMjYwNTA2MDgyNjEwWjAYMRYw
FAYDVQQDEw02OGJlOTMyNy0wYjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuDp0eh4RkAibOLXtxTgGF7SznIfuOV9fjAXhEZ2BFsYHvhgrxy7wCSER
QHtu8f34ZKEqKjck/j7h/3PdWQbbFX/o6FbIQmt5YLzM28cF/9SbVqUbk723+fCd
ozMitEy+wZ2gsrj8N5z9TQW5bS2p/15cCb9S9yaLomFbjHaNe6mFJ2HeYBn8H4Pe
POzxrgxD4j6WwXaOzpYtIpe2CpWmn3oRLmWiEBiLiVev4NSAlMOMv4DnORY6rCRq
3Dnj5H19wrGBNk+oGwOd9NhC7zD88kv8spT0KhO2i+qAwVIevqRSYnKOmG+oFtqf
PR7N8nG5kXQumF9pCrQnEfcn7gN/RwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEzO
kkC2a4MhGQOE4nw3H3sZS4UbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QkY5NkM5NDhDOEQxMUYwOURCMzEwOENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQAKhMi2NX3fRLkwJjAZ9e+3GjKTKUShXLPrAAXy4X/LItGCvbIpM8iE
Mz//+nh9eTryKjLbMUT6eB41P6Ls/g+IuHejvj4DSSdQAo4qpzvTKezU/Wksr0GY
xnSc4PB9mcbPeGxO7qGjDNLnIaEhpeMB3iewYvqCzPP3O/0faMU4YBWKjObPfQpa
LUnkzaGqLJMap4uwxxEBBdVb9qQVTvOLMd89PerT6Q5DbyYYu51n0jGVoV42NEG7
fINpzuBaU0GJO5tTzph885gqd4o9DffyOkSoMdOplNgseGFYGI8AZIEN7OAgrNPg
Hr3vik3EiPkZo4/feZJX/uD68vr5Fy96
-----END CERTIFICATE-----
Generated at Wed Sep 17 23:36:47 2025 by rpki-client