Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85DC80D2843311F08F9F76ACDAE4EC9C.roa
File: 85DC80D2843311F08F9F76ACDAE4EC9C.roa (raw, json)
Hash identifier: anzlCTffWj8anW7Xcik1PXLdahn2ie/xdtf7foGi+8A=
Subject key identifier: DA:37:E1:9D:A7:D4:21:D7:84:63:96:1E:8D:57:37:8D:DE:94:99:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A08
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85DC80D2843311F08F9F76ACDAE4EC9C.roa
Signing time: Thu 28 Aug 2025 17:22:08 +0000
ROA not before: Thu 28 Aug 2025 17:22:02 +0000
ROA not after: Mon 06 Oct 2025 17:22:02 +0000
asID: 15221
IP address blocks: 154.198.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104968 (0x19a08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 17:22:02 2025 GMT
Not After : Oct 6 17:22:02 2025 GMT
Subject: CN=68b0903f-6fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:9c:9d:d4:05:3c:e8:1f:dc:f1:ad:05:f1:
0e:af:2c:03:7c:ea:fb:4b:59:ed:4c:7d:80:60:3b:
fb:4c:eb:80:27:08:2e:de:6e:21:0b:2f:dc:39:a7:
9c:0b:54:63:e6:8f:c1:a1:f5:a3:f8:3d:58:e0:b2:
33:23:09:ad:c7:90:95:d9:7f:00:f3:75:6c:34:fa:
00:88:7a:4b:e2:28:e9:2a:0c:e1:41:0f:99:38:ff:
b4:f9:db:df:a6:84:36:e5:a4:da:92:9b:b4:69:08:
f3:43:b6:5e:bd:e6:a4:df:06:c0:48:6a:ce:08:63:
eb:87:6a:59:60:28:30:3a:58:c5:57:ba:25:af:6d:
b4:7d:ff:c2:f1:04:91:56:fb:0f:bd:40:20:b2:3f:
78:40:62:1f:1b:61:58:06:be:0d:62:89:a5:34:26:
1a:02:d3:9b:b1:38:f3:d3:c6:ad:ac:a9:8a:37:f6:
79:5e:52:b1:7a:ba:09:a0:70:28:69:6d:64:c9:08:
55:55:e7:7f:8b:e4:6e:d8:03:53:8c:2a:b5:d2:0e:
ac:5a:22:d4:33:96:5d:d5:16:25:82:85:22:51:3e:
e1:b2:35:45:16:ee:3c:df:ad:05:18:07:28:54:92:
d2:1b:32:ab:e8:35:1e:ea:d9:e9:8a:99:86:6c:0e:
2c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:37:E1:9D:A7:D4:21:D7:84:63:96:1E:8D:57:37:8D:DE:94:99:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85DC80D2843311F08F9F76ACDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:9c:79:62:f8:35:1e:9c:b0:4d:4f:b3:66:d3:4f:be:c6:c6:
d0:62:3e:9d:cd:a1:be:82:ba:d0:21:b7:9a:5c:35:8e:52:62:
fa:ee:91:86:fd:ab:f8:fd:4d:e7:d7:68:c2:e6:bd:a1:f3:2c:
db:43:e4:b6:c5:38:83:e5:6d:8d:0a:82:80:62:81:c1:86:ec:
ce:fc:86:79:18:d3:60:d5:31:f8:eb:f4:84:9f:a8:b8:70:00:
25:df:55:42:b5:fb:50:40:ae:44:f7:38:43:22:a3:a9:7e:64:
76:8c:6f:87:23:3e:77:c8:80:04:d8:81:82:23:cb:81:70:3c:
88:00:6a:c6:99:f3:53:86:92:ba:b1:53:57:5b:35:c0:f8:91:
09:66:26:92:f5:dd:e1:95:fd:35:36:4d:91:16:6c:4a:86:bb:
b5:cc:3a:b7:8d:15:fc:3d:57:82:93:c9:b7:6e:bc:59:59:77:
1c:b0:83:4f:8a:cf:70:f8:f4:81:69:09:e1:79:6e:a8:7b:d1:
ca:65:7c:6d:eb:a3:7b:3b:bd:65:53:34:7f:55:1e:7b:4a:8a:
45:8f:f3:b8:2d:b7:f9:48:c8:d2:3f:7d:e0:e7:3f:5a:96:20:
a3:b1:af:ad:08:a5:f0:6d:7a:99:b2:3c:5e:42:b4:ee:d9:36:
35:e6:d6:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZoIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTcyMjAyWhcNMjUxMDA2MTcyMjAyWjAYMRYw
FAYDVQQDEw02OGIwOTAzZi02ZmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtaCcndQFPOgf3PGtBfEOrywDfOr7S1ntTH2AYDv7TOuAJwgu3m4hCy/c
OaecC1Rj5o/BofWj+D1Y4LIzIwmtx5CV2X8A83VsNPoAiHpL4ijpKgzhQQ+ZOP+0
+dvfpoQ25aTakpu0aQjzQ7Zeveak3wbASGrOCGPrh2pZYCgwOljFV7olr220ff/C
8QSRVvsPvUAgsj94QGIfG2FYBr4NYomlNCYaAtObsTjz08atrKmKN/Z5XlKxeroJ
oHAoaW1kyQhVVed/i+Ru2ANTjCq10g6sWiLUM5Zd1RYlgoUiUT7hsjVFFu48360F
GAcoVJLSGzKr6DUe6tnpipmGbA4sGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNo3
4Z2n1CHXhGOWHo1XN43elJmJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NURDODBEMjg0MzMxMUYwOEY5Rjc2QUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsYgMA0GCSqGSIb3DQEB
CwUAA4IBAQC2nHli+DUenLBNT7Nm00++xsbQYj6dzaG+grrQIbeaXDWOUmL67pGG
/av4/U3n12jC5r2h8yzbQ+S2xTiD5W2NCoKAYoHBhuzO/IZ5GNNg1TH46/SEn6i4
cAAl31VCtftQQK5E9zhDIqOpfmR2jG+HIz53yIAE2IGCI8uBcDyIAGrGmfNThpK6
sVNXWzXA+JEJZiaS9d3hlf01Nk2RFmxKhru1zDq3jRX8PVeCk8m3brxZWXccsINP
is9w+PSBaQnheW6oe9HKZXxt66N7O71lUzR/VR57SopFj/O4Lbf5SMjSP33g5z9a
liCjsa+tCKXwbXqZsjxeQrTu2TY15tbH
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:35 2025 by rpki-client