Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/873CDFFC88C611F08AE5D27BDAE4EC9C.roa
File: 873CDFFC88C611F08AE5D27BDAE4EC9C.roa (raw, json)
Hash identifier: bDh9TAWY965Q7J0rE9sKFyzVb2W60o7yjUE7pBE9mww=
Subject key identifier: 21:7B:4B:D4:7B:65:02:4D:80:29:E3:C5:07:C8:71:94:99:6E:3A:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019D14
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/873CDFFC88C611F08AE5D27BDAE4EC9C.roa
Signing time: Wed 03 Sep 2025 13:04:31 +0000
ROA not before: Wed 03 Sep 2025 13:04:25 +0000
ROA not after: Wed 10 Sep 2025 13:04:25 +0000
asID: 136970
IP address blocks: 154.92.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105748 (0x19d14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 3 13:04:25 2025 GMT
Not After : Sep 10 13:04:25 2025 GMT
Subject: CN=68b83cdf-941a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:45:0c:32:bb:1b:7e:f5:58:18:26:a0:10:14:
ee:01:21:54:57:36:0a:a3:95:ed:92:4d:40:13:ae:
14:f1:7c:7c:95:79:53:e5:f5:49:b8:37:d1:0b:0a:
b5:65:fc:f2:cb:f2:39:8c:dd:42:d6:68:51:92:49:
0f:79:3b:5d:58:74:c4:e8:5e:b8:64:16:85:bf:a6:
78:89:88:3d:41:20:73:81:ce:c6:b4:3f:0d:3b:eb:
fa:d8:7f:e6:f6:ea:e8:ea:88:d3:4b:e3:42:89:2e:
7b:57:70:8d:78:a0:45:84:61:f4:c9:6c:e6:fd:a5:
18:17:f2:eb:6c:64:62:86:fb:70:64:36:98:82:99:
d3:58:d1:c2:70:e4:01:08:c1:4d:7c:15:ce:e5:47:
65:03:5e:4a:2b:ae:7f:4a:5e:dd:fb:6d:96:b5:ac:
c3:93:36:e9:e1:ed:39:3c:26:9a:22:44:d0:01:f7:
cf:e5:45:c3:07:ed:e3:02:08:8b:0d:cb:a3:e1:01:
b1:95:de:33:7e:35:67:58:87:8a:34:8b:cb:69:dd:
31:18:26:c4:5a:7e:62:51:2f:d7:d9:b5:ba:89:a9:
8b:c4:e3:fb:31:4e:ba:03:fd:a3:e3:31:84:79:4e:
75:46:ee:81:f4:45:bb:af:af:a1:0f:5a:d5:79:7d:
a0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7B:4B:D4:7B:65:02:4D:80:29:E3:C5:07:C8:71:94:99:6E:3A:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/873CDFFC88C611F08AE5D27BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.20.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:5a:5c:7b:0c:7a:84:72:95:3d:4d:f3:cd:04:71:2a:65:e3:
21:8f:ad:b4:88:01:84:39:cb:7f:f4:99:09:15:3e:a1:bd:25:
16:28:05:60:81:5a:64:d2:5f:95:31:02:d0:61:de:71:f3:08:
17:31:86:01:8b:fd:55:c1:d3:a5:e2:cf:cd:f9:ce:b9:2f:5a:
70:a5:28:ce:cc:a3:01:f8:7c:2b:64:2a:2d:bd:56:58:7e:a1:
41:97:91:06:c4:47:62:a9:e8:48:27:62:f5:7a:fa:79:36:e8:
28:27:5d:5e:ae:76:7b:c3:36:ef:d6:25:b3:75:b9:d2:d1:ae:
8a:ec:53:ee:73:f4:93:8b:7f:07:99:65:b3:d3:f5:10:6e:2d:
d6:04:45:d3:7c:61:f6:48:60:51:f5:08:ed:89:4c:f4:18:0a:
d8:5b:9d:f6:53:82:08:9a:da:e0:39:75:90:d1:8e:02:f1:b9:
0f:ec:c8:46:02:e4:ec:2b:53:76:54:65:01:e6:d2:7d:4e:3d:
5f:ca:c5:cc:0a:fa:58:e5:f1:b0:6b:e0:01:53:c1:f8:f6:7b:
14:62:0a:be:df:f5:97:72:79:de:4d:56:44:d4:bd:0f:61:63:
e7:d5:1d:21:36:23:4c:95:46:b2:73:f5:90:86:88:ad:a1:f1:
0c:49:5f:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ0UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAzMTMwNDI1WhcNMjUwOTEwMTMwNDI1WjAYMRYw
FAYDVQQDEw02OGI4M2NkZi05NDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5EUMMrsbfvVYGCagEBTuASFUVzYKo5Xtkk1AE64U8Xx8lXlT5fVJuDfR
Cwq1Zfzyy/I5jN1C1mhRkkkPeTtdWHTE6F64ZBaFv6Z4iYg9QSBzgc7GtD8NO+v6
2H/m9uro6ojTS+NCiS57V3CNeKBFhGH0yWzm/aUYF/LrbGRihvtwZDaYgpnTWNHC
cOQBCMFNfBXO5UdlA15KK65/Sl7d+22WtazDkzbp4e05PCaaIkTQAffP5UXDB+3j
AgiLDcuj4QGxld4zfjVnWIeKNIvLad0xGCbEWn5iUS/X2bW6iamLxOP7MU66A/2j
4zGEeU51Ru6B9EW7r6+hD1rVeX2gGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCF7
S9R7ZQJNgCnjxQfIcZSZbjpEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzNDREZGQzg4QzYxMUYwOEFFNUQyN0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlwUMA0GCSqGSIb3DQEB
CwUAA4IBAQA9Wlx7DHqEcpU9TfPNBHEqZeMhj620iAGEOct/9JkJFT6hvSUWKAVg
gVpk0l+VMQLQYd5x8wgXMYYBi/1VwdOl4s/N+c65L1pwpSjOzKMB+HwrZCotvVZY
fqFBl5EGxEdiqehIJ2L1evp5NugoJ11ernZ7wzbv1iWzdbnS0a6K7FPuc/STi38H
mWWz0/UQbi3WBEXTfGH2SGBR9QjtiUz0GArYW532U4IImtrgOXWQ0Y4C8bkP7MhG
AuTsK1N2VGUB5tJ9Tj1fysXMCvpY5fGwa+ABU8H49nsUYgq+3/WXcnneTVZE1L0P
YWPn1R0hNiNMlUayc/WQhoitofEMSV9/
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:38 2025 by rpki-client