Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9056D12E843E11F0B1281BF3DAE4EC9C.roa
File: 9056D12E843E11F0B1281BF3DAE4EC9C.roa (raw, json)
Hash identifier: nyVoZ2Jlk9SowPK1HG6KpCDytzyEXM5eXiatXOefdzY=
Subject key identifier: 87:7B:CC:8C:2C:DD:9A:90:46:86:7D:DE:00:A0:F9:28:30:97:8A:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9056D12E843E11F0B1281BF3DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 18:41:10 +0000
ROA not before: Thu 28 Aug 2025 18:41:04 +0000
ROA not after: Mon 06 Oct 2025 18:41:04 +0000
asID: 214238
IP address blocks: 154.219.23.0/24 maxlen: 24
154.219.25.0/24 maxlen: 24
154.219.30.0/24 maxlen: 24
154.219.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104990 (0x19a1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 18:41:04 2025 GMT
Not After : Oct 6 18:41:04 2025 GMT
Subject: CN=68b0a2c6-e416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:64:a3:f1:5b:a6:22:6b:0e:0c:72:81:14:27:
5d:60:79:12:b6:33:f8:00:60:e3:fa:b4:08:92:f4:
62:16:7b:ae:7a:1f:58:7a:63:3a:21:d1:98:a4:61:
9d:a4:3f:72:ed:a1:fd:79:79:3d:1a:34:1f:51:78:
b0:f9:35:e1:f5:f1:94:8d:3e:34:d1:cd:24:39:d6:
98:c0:ed:4e:27:33:e8:80:38:ec:f8:3c:7f:38:82:
26:2f:58:96:a1:38:ee:17:e2:30:f4:b2:d7:18:fa:
da:f3:e1:47:ca:ed:8d:4c:15:d2:c3:14:17:5a:6d:
8a:2e:6b:12:d7:c8:58:2b:e4:dc:82:65:4d:b8:b2:
56:b4:43:fa:2b:5b:0f:f6:46:60:33:37:41:33:7b:
67:c1:3e:34:d9:c7:91:97:fe:87:16:9f:16:7f:af:
2f:28:c9:ee:97:9c:68:ab:58:38:23:01:21:24:33:
23:41:36:42:2b:f3:23:73:84:85:cc:5c:df:f2:0a:
5c:e5:3b:92:0d:16:7f:3d:b9:8d:33:78:31:5b:2f:
28:b6:1c:b4:ca:d1:19:23:d6:1d:53:c7:2c:16:ca:
cf:23:36:e9:80:dc:d8:bd:d2:d8:19:e8:5b:f7:50:
99:5a:e3:79:b1:22:77:8a:ef:76:cc:9c:f3:bb:b4:
71:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7B:CC:8C:2C:DD:9A:90:46:86:7D:DE:00:A0:F9:28:30:97:8A:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9056D12E843E11F0B1281BF3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.23.0/24
154.219.25.0/24
154.219.30.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:48:1d:18:5b:93:f3:80:fb:f8:d5:ef:d5:40:55:a5:7b:b2:
0c:1d:14:c5:db:f1:f2:57:fc:5d:e8:59:17:00:ff:f2:d9:0a:
15:f8:7a:d1:10:98:0b:68:c5:70:a8:e3:bb:58:b6:32:32:61:
46:8e:0f:9d:3b:0f:25:c2:5c:08:5b:f6:ae:c6:71:db:56:37:
65:2a:fb:62:b6:fc:86:97:bd:73:b0:de:1a:5c:2b:52:09:11:
a5:5a:cf:b7:33:f4:0b:9e:f5:c6:82:c8:f7:ab:7d:16:87:74:
52:e5:f8:8f:0e:bb:18:29:27:b8:57:2b:cf:26:22:50:d3:62:
aa:61:77:6d:2a:97:1e:e2:02:58:3b:16:94:3d:bf:a0:f7:f3:
82:bf:7a:ca:5c:02:50:7e:92:b9:0e:45:c0:b4:4b:19:a1:9d:
28:7b:a7:92:1c:da:4b:60:d9:15:f9:47:21:39:70:1b:dc:14:
4f:77:61:2a:15:b2:48:87:55:8d:e9:16:f5:50:a2:33:00:48:
9b:f0:b2:99:da:e8:31:eb:d3:c3:82:b3:33:06:98:7f:f2:dd:
d2:7f:2b:0c:d5:6a:ba:cf:a2:c2:6c:99:ad:3e:36:3c:d3:21:
3d:d5:b0:e5:35:28:f7:b2:ae:9a:44:ec:d8:17:7b:03:85:e7:
a7:d7:43:c3
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAZoeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTg0MTA0WhcNMjUxMDA2MTg0MTA0WjAYMRYw
FAYDVQQDEw02OGIwYTJjNi1lNDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA32Sj8VumImsODHKBFCddYHkStjP4AGDj+rQIkvRiFnuueh9YemM6IdGY
pGGdpD9y7aH9eXk9GjQfUXiw+TXh9fGUjT400c0kOdaYwO1OJzPogDjs+Dx/OIIm
L1iWoTjuF+Iw9LLXGPra8+FHyu2NTBXSwxQXWm2KLmsS18hYK+TcgmVNuLJWtEP6
K1sP9kZgMzdBM3tnwT402ceRl/6HFp8Wf68vKMnul5xoq1g4IwEhJDMjQTZCK/Mj
c4SFzFzf8gpc5TuSDRZ/PbmNM3gxWy8othy0ytEZI9YdU8csFsrPIzbpgNzYvdLY
Gehb91CZWuN5sSJ3iu92zJzzu7RxSwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFId7
zIws3ZqQRoZ93gCg+Sgwl4oKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDU2RDEyRTg0M0UxMUYwQjEyODFCRjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmtsXAwQAmtsZAwQBmtse
MA0GCSqGSIb3DQEBCwUAA4IBAQCpSB0YW5PzgPv41e/VQFWle7IMHRTF2/HyV/xd
6FkXAP/y2QoV+HrREJgLaMVwqOO7WLYyMmFGjg+dOw8lwlwIW/auxnHbVjdlKvti
tvyGl71zsN4aXCtSCRGlWs+3M/QLnvXGgsj3q30Wh3RS5fiPDrsYKSe4VyvPJiJQ
02KqYXdtKpce4gJYOxaUPb+g9/OCv3rKXAJQfpK5DkXAtEsZoZ0oe6eSHNpLYNkV
+UchOXAb3BRPd2EqFbJIh1WN6Rb1UKIzAEib8LKZ2ugx69PDgrMzBph/8t3SfysM
1Wq6z6LCbJmtPjY80yE91bDlNSj3sq6aROzYF3sDheen10PD
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:40:17 2025 by rpki-client