Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C1A16EC83CC11F080373192DAE4EC9C.roa
File: 8C1A16EC83CC11F080373192DAE4EC9C.roa (raw, json)
Hash identifier: ahZhJ3HPDzxfPg0aU+4EH+v+5bIwyN3pz3eRBcO00sE=
Subject key identifier: 86:AE:8D:FA:C5:6C:49:5F:D6:DA:D2:93:36:82:C3:3A:E9:69:71:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019949
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C1A16EC83CC11F080373192DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 05:05:00 +0000
ROA not before: Thu 28 Aug 2025 05:04:55 +0000
ROA not after: Thu 27 Nov 2025 05:04:55 +0000
asID: 136744
IP address blocks: 154.196.245.0/24 maxlen: 24
154.211.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104777 (0x19949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 05:04:55 2025 GMT
Not After : Nov 27 05:04:55 2025 GMT
Subject: CN=68afe37c-775f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e7:6e:e8:2e:6d:05:9f:1d:c5:5b:90:83:bf:
f3:4c:f6:4b:11:64:31:6d:6c:1e:6d:34:13:84:17:
4c:c9:e7:11:36:37:92:dd:64:10:07:23:ae:6d:42:
c1:02:e3:c3:d9:ff:fd:a7:49:d6:24:f1:f5:64:f4:
74:21:7d:d7:27:6f:56:6f:08:50:e1:19:1f:b9:9a:
f0:93:12:cd:cf:c6:8e:23:97:75:15:23:0a:80:7e:
34:1c:ee:ba:f2:15:67:c6:8b:dc:6f:ae:dc:92:eb:
f6:e1:79:11:71:f4:88:7a:d8:05:90:22:95:7b:cc:
99:8c:f0:fc:c2:03:52:95:f1:97:47:e4:27:2a:80:
20:5d:32:44:72:8e:1c:39:ca:8a:74:25:5b:15:61:
c4:02:d1:ba:11:9a:05:1a:d6:73:04:31:89:75:7a:
99:66:96:fc:c5:b6:ef:37:f9:7e:be:8b:b0:e7:f5:
39:ce:85:d6:3e:c5:f8:9d:9d:f0:dc:90:87:ef:2c:
a9:d9:d6:8b:22:17:22:a4:1d:6e:df:03:2e:aa:57:
f6:0f:4b:8e:ec:bf:1e:e3:6b:dd:a6:53:1f:13:f4:
ab:55:dd:b9:1d:a0:e4:b0:7b:20:a2:bf:d8:ac:84:
ce:18:04:e7:78:a0:be:fc:4f:16:48:2c:c5:65:cf:
d2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AE:8D:FA:C5:6C:49:5F:D6:DA:D2:93:36:82:C3:3A:E9:69:71:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C1A16EC83CC11F080373192DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.245.0/24
154.211.181.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:b5:71:b9:3b:a3:7a:c4:ad:77:92:2d:0a:77:2d:1c:d9:7a:
a2:46:31:ae:23:61:67:87:81:29:2f:f1:71:6e:cb:3e:9a:89:
bb:c7:6e:41:7b:71:36:d9:85:7c:3a:f0:db:5f:74:f7:9a:22:
46:fc:30:16:e4:7a:b9:05:a3:93:94:41:18:69:9b:82:63:91:
5f:48:a9:3d:7b:96:ca:60:b7:27:cf:ef:37:8e:4c:fc:fa:8f:
d7:90:f8:7c:9d:51:17:58:bf:63:b2:a2:39:41:4a:8f:cf:34:
57:31:85:b3:12:60:41:aa:64:62:1b:60:ac:57:69:21:70:b8:
fb:14:3c:6e:bc:ff:93:df:f0:41:b5:46:0f:72:b8:da:3b:b5:
7b:d5:cd:0f:0c:a7:48:f7:b0:f7:99:6e:e3:00:82:21:4f:5d:
3e:41:16:a2:e1:ac:0e:ef:12:bd:72:02:0b:eb:c3:84:e7:7f:
d3:e9:f7:45:2d:9a:12:01:c4:96:96:3d:07:9a:b7:e6:ed:be:
0c:31:98:cd:21:8b:c4:43:e3:70:ce:2a:28:42:01:69:43:2f:
01:6e:0e:89:66:19:2b:42:84:62:53:d5:ba:e6:2b:35:ce:9c:
49:97:34:79:ea:f1:13:d1:69:34:5c:69:7e:ca:43:6e:50:4c:
22:e6:92:65
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZlJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MDUwNDU1WhcNMjUxMTI3MDUwNDU1WjAYMRYw
FAYDVQQDEw02OGFmZTM3Yy03NzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtOdu6C5tBZ8dxVuQg7/zTPZLEWQxbWwebTQThBdMyecRNjeS3WQQByOu
bULBAuPD2f/9p0nWJPH1ZPR0IX3XJ29WbwhQ4RkfuZrwkxLNz8aOI5d1FSMKgH40
HO668hVnxovcb67ckuv24XkRcfSIetgFkCKVe8yZjPD8wgNSlfGXR+QnKoAgXTJE
co4cOcqKdCVbFWHEAtG6EZoFGtZzBDGJdXqZZpb8xbbvN/l+vouw5/U5zoXWPsX4
nZ3w3JCH7yyp2daLIhcipB1u3wMuqlf2D0uO7L8e42vdplMfE/SrVd25HaDksHsg
or/YrITOGATneKC+/E8WSCzFZc/SbwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIau
jfrFbElf1trSkzaCwzrpaXHmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzFBMTZFQzgzQ0MxMUYwODAzNzMxOTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsT1AwQAmtO1MA0GCSqG
SIb3DQEBCwUAA4IBAQC6tXG5O6N6xK13ki0Kdy0c2XqiRjGuI2Fnh4EpL/Fxbss+
mom7x25Be3E22YV8OvDbX3T3miJG/DAW5Hq5BaOTlEEYaZuCY5FfSKk9e5bKYLcn
z+83jkz8+o/XkPh8nVEXWL9jsqI5QUqPzzRXMYWzEmBBqmRiG2CsV2khcLj7FDxu
vP+T3/BBtUYPcrjaO7V71c0PDKdI97D3mW7jAIIhT10+QRai4awO7xK9cgIL68OE
53/T6fdFLZoSAcSWlj0Hmrfm7b4MMZjNIYvEQ+NwziooQgFpQy8Bbg6JZhkrQoRi
U9W65is1zpxJlzR56vET0Wk0XGl+ykNuUEwi5pJl
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:18 2025 by rpki-client