Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8707DB98870B11F083F385C1DAE4EC9C.roa
File: 8707DB98870B11F083F385C1DAE4EC9C.roa (raw, json)
Hash identifier: /LQS9mwYsn/5GrBLUaSCsVCOgqhiAGJDdJ5oWFZcNkw=
Subject key identifier: B6:FD:9B:2F:C7:EC:31:E5:EC:3B:C1:E1:3A:5D:30:2A:AC:2E:97:B9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019B3B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8707DB98870B11F083F385C1DAE4EC9C.roa
Signing time: Mon 01 Sep 2025 08:13:23 +0000
ROA not before: Mon 01 Sep 2025 08:13:18 +0000
ROA not after: Tue 09 Sep 2025 08:13:18 +0000
asID: 45194
IP address blocks: 154.84.193.0/24 maxlen: 24
154.84.225.0/24 maxlen: 24
154.84.226.0/24 maxlen: 24
154.84.227.0/24 maxlen: 24
154.84.228.0/24 maxlen: 24
154.84.229.0/24 maxlen: 24
154.84.230.0/24 maxlen: 24
154.84.231.0/24 maxlen: 24
154.84.232.0/24 maxlen: 24
154.84.233.0/24 maxlen: 24
154.84.234.0/24 maxlen: 24
154.84.235.0/24 maxlen: 24
154.84.236.0/24 maxlen: 24
154.84.237.0/24 maxlen: 24
154.84.238.0/24 maxlen: 24
154.84.239.0/24 maxlen: 24
154.84.240.0/24 maxlen: 24
154.84.241.0/24 maxlen: 24
154.84.242.0/24 maxlen: 24
154.84.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105275 (0x19b3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 1 08:13:18 2025 GMT
Not After : Sep 9 08:13:18 2025 GMT
Subject: CN=68b555a3-2538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:e4:3b:1d:0c:69:9f:24:7c:72:5d:62:59:
24:9a:90:30:c6:22:0b:d0:a9:a4:95:c8:a7:08:46:
1b:71:6c:03:a3:6b:12:7a:bd:3e:67:93:20:00:0a:
34:53:8f:e3:92:fc:3a:a4:b4:87:ba:ca:5d:83:03:
d0:88:98:9c:ff:63:1f:6a:b6:8f:be:bc:c9:46:7d:
ff:c7:2f:4c:0c:92:ca:f5:75:d8:11:d9:5c:30:28:
46:9b:34:4f:96:63:37:4d:92:a3:d7:c8:87:b4:b1:
28:6b:8e:cf:cd:f9:26:2b:28:1a:38:c7:39:a5:f4:
7c:9a:c6:bf:a4:92:93:6e:64:07:d5:a5:82:fe:10:
9e:0d:ff:fe:8e:3d:a7:a5:49:39:ec:8b:d4:37:7d:
3b:10:07:f8:af:b3:55:27:39:8f:29:c8:bd:3c:23:
1a:61:34:f9:2e:f4:b1:21:15:b7:ce:0e:2f:6a:00:
26:8b:41:fc:93:1e:ce:98:9e:e5:b6:0f:8c:a2:e1:
9d:51:b1:73:a3:20:72:63:a8:9b:90:24:4b:97:ef:
45:02:21:93:bc:a7:ca:84:31:5b:74:d7:bc:20:ec:
89:03:aa:42:25:e6:da:94:c6:73:f9:37:db:a3:a5:
3e:03:f0:8d:28:9d:5f:0c:18:d6:ef:fd:fa:38:74:
05:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:FD:9B:2F:C7:EC:31:E5:EC:3B:C1:E1:3A:5D:30:2A:AC:2E:97:B9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8707DB98870B11F083F385C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.193.0/24
154.84.225.0-154.84.243.255
Signature Algorithm: sha256WithRSAEncryption
35:7b:e2:7e:d7:c1:23:bf:00:71:c0:5f:ca:17:19:1e:c2:1f:
62:75:bf:ad:ac:88:85:c2:7d:51:2e:f9:c9:a9:83:72:18:c7:
51:07:d0:64:25:66:0d:25:a2:72:00:e7:7f:e8:30:87:cd:ed:
79:76:30:15:35:81:c3:e0:ea:98:09:f9:6f:77:b5:aa:45:27:
f4:f5:af:f1:24:2c:9c:44:32:f2:c3:09:d3:91:71:09:49:9a:
23:83:23:90:f3:ea:fd:fc:1a:8d:4e:3e:14:07:2c:86:c9:c7:
7a:8c:f9:d1:c6:20:1e:85:95:e5:6e:36:97:53:8f:8d:8d:2b:
0d:4c:f7:d8:49:6d:f6:a2:e7:b7:48:9d:ae:fb:71:8b:8b:72:
89:e1:6d:98:f9:5b:59:42:03:8b:e3:9b:7b:27:69:fb:97:04:
b3:96:e0:9e:2a:6b:fd:b3:2c:82:c1:8e:76:d0:9c:72:a2:bb:
7e:78:55:08:07:e2:ff:18:7e:a5:f6:c9:fd:4e:54:ca:9e:72:
10:cf:7f:d0:b5:09:d1:b0:e6:3b:fe:14:66:66:a1:4d:a5:e7:
a2:89:78:5d:eb:a2:f7:8d:b8:fa:75:13:13:48:40:db:e5:32:
6a:a6:ef:c2:df:77:86:91:ec:25:d8:d4:c1:6f:99:09:77:0d:
c3:e6:16:ad
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAZs7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAxMDgxMzE4WhcNMjUwOTA5MDgxMzE4WjAYMRYw
FAYDVQQDEw02OGI1NTVhMy0yNTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvynkOx0MaZ8kfHJdYlkkmpAwxiIL0KmklcinCEYbcWwDo2sSer0+Z5Mg
AAo0U4/jkvw6pLSHuspdgwPQiJic/2MfaraPvrzJRn3/xy9MDJLK9XXYEdlcMChG
mzRPlmM3TZKj18iHtLEoa47PzfkmKygaOMc5pfR8msa/pJKTbmQH1aWC/hCeDf/+
jj2npUk57IvUN307EAf4r7NVJzmPKci9PCMaYTT5LvSxIRW3zg4vagAmi0H8kx7O
mJ7ltg+MouGdUbFzoyByY6ibkCRLl+9FAiGTvKfKhDFbdNe8IOyJA6pCJebalMZz
+Tfbo6U+A/CNKJ1fDBjW7/36OHQFsQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLb9
my/H7DHl7DvB4TpdMCqsLpe5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzA3REI5ODg3MEIxMUYwODNGMzg1QzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAmlTBMAwDBACaVOEDBAKa
VPAwDQYJKoZIhvcNAQELBQADggEBADV74n7XwSO/AHHAX8oXGR7CH2J1v62siIXC
fVEu+cmpg3IYx1EH0GQlZg0lonIA53/oMIfN7Xl2MBU1gcPg6pgJ+W93tapFJ/T1
r/EkLJxEMvLDCdORcQlJmiODI5Dz6v38Go1OPhQHLIbJx3qM+dHGIB6FleVuNpdT
j42NKw1M99hJbfai57dIna77cYuLconhbZj5W1lCA4vjm3snafuXBLOW4J4qa/2z
LILBjnbQnHKiu354VQgH4v8YfqX2yf1OVMqechDPf9C1CdGw5jv+FGZmoU2l56KJ
eF3roveNuPp1ExNIQNvlMmqm78Lfd4aR7CXY1MFvmQl3DcPmFq0=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:35:59 2025 by rpki-client