Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/979D5E688EF111F09B6145C1DAE4EC9C.roa
File: 979D5E688EF111F09B6145C1DAE4EC9C.roa (raw, json)
Hash identifier: vcMScVXnLo87zW/U4pM4ZRJ03s78IUT0Z4lnOMQ6vnw=
Subject key identifier: 81:3E:72:B3:E7:6C:18:DF:A9:93:23:B6:32:5D:00:3A:42:83:9C:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019F5F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/979D5E688EF111F09B6145C1DAE4EC9C.roa
Signing time: Thu 11 Sep 2025 09:27:53 +0000
ROA not before: Thu 11 Sep 2025 09:27:49 +0000
ROA not after: Wed 22 Oct 2025 09:27:49 +0000
asID: 133180
IP address blocks: 154.84.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106335 (0x19f5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 11 09:27:49 2025 GMT
Not After : Oct 22 09:27:49 2025 GMT
Subject: CN=68c29619-e528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:85:a9:6c:b0:97:29:26:0d:b6:5f:f8:00:
bb:03:a8:a2:2b:ed:e4:9d:b3:a2:be:20:2f:1d:8e:
96:0d:e8:1a:70:3e:f4:de:78:62:7b:4f:f5:a5:bc:
fe:02:8a:72:10:57:15:45:cd:95:ad:04:dc:07:94:
30:ca:57:7b:b8:77:d9:af:28:6a:5a:cc:8f:ec:48:
61:54:d4:cf:aa:db:75:01:0e:36:5d:d0:d0:35:32:
a4:17:2d:53:c3:3b:bc:7d:a1:b7:79:e0:94:d2:f8:
d9:99:c8:ad:dc:a5:bf:31:4d:1b:4f:f4:8c:ec:e6:
3a:c8:b4:85:71:03:d7:34:9b:82:c2:90:91:27:d5:
19:a8:e7:ae:6e:2b:a3:06:b1:30:73:3d:96:5b:3b:
ff:8c:d0:28:0c:f3:5b:61:3d:d9:fc:6b:0e:19:49:
c4:5c:d2:3e:7c:d3:0d:78:1c:c9:0e:cc:38:4f:23:
d2:a8:ea:58:fc:92:09:2a:31:bd:72:59:08:cb:88:
99:b2:06:e1:2d:9c:9b:c7:ab:6c:20:c0:1a:08:27:
15:98:b9:4c:c0:c0:2b:f5:1a:75:d8:d4:0a:74:8c:
56:b1:bc:f6:06:f9:5f:2d:55:47:1d:39:38:c6:bb:
59:52:b2:12:69:fc:d3:cd:32:90:b6:6d:9f:3a:28:
72:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:3E:72:B3:E7:6C:18:DF:A9:93:23:B6:32:5D:00:3A:42:83:9C:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/979D5E688EF111F09B6145C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.135.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:04:65:c3:0c:0c:cf:df:49:37:09:6f:be:71:73:8b:70:f2:
9e:55:0f:99:76:43:bb:2d:45:fd:cf:e9:80:68:61:ea:7f:18:
48:dd:a6:b7:c5:bb:07:9a:e8:38:35:b2:c8:c5:64:f6:15:21:
db:3c:14:7e:c3:32:f1:80:2f:8d:97:d8:b2:e8:7e:5b:63:8c:
b0:40:25:e2:cf:d6:e5:3f:05:4e:90:f3:f7:39:3b:50:19:28:
ca:f4:94:05:2f:d9:ab:2c:c4:84:8c:b7:15:e9:45:4e:2a:19:
e0:b2:e1:7d:cb:71:06:cd:f3:58:cd:d1:b5:2b:03:51:8a:21:
93:c6:c5:60:1f:4f:e8:00:a5:55:06:cc:42:c5:44:5b:2c:45:
dd:1e:c6:30:19:e8:b1:66:d7:06:82:36:3e:4c:e3:06:45:3f:
4a:72:3c:4a:54:cf:7a:92:bc:7c:5e:68:00:fe:5f:94:d9:24:
91:2a:24:99:59:57:ec:cb:47:7d:5e:43:cb:1f:76:f9:3f:26:
ae:40:01:46:fd:8f:d2:d4:6f:91:f1:10:84:96:67:92:5a:a1:
9f:a8:17:1a:01:88:0e:85:bb:40:4a:7a:b9:77:29:a6:c9:2f:
dd:a8:af:06:01:8e:7a:4b:67:b7:4d:46:c1:b9:cf:81:7c:7d:
36:95:80:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ9fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTExMDkyNzQ5WhcNMjUxMDIyMDkyNzQ5WjAYMRYw
FAYDVQQDEw02OGMyOTYxOS1lNTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs8mFqWywlykmDbZf+AC7A6iiK+3knbOiviAvHY6WDegacD703nhie0/1
pbz+AopyEFcVRc2VrQTcB5Qwyld7uHfZryhqWsyP7EhhVNTPqtt1AQ42XdDQNTKk
Fy1Twzu8faG3eeCU0vjZmcit3KW/MU0bT/SM7OY6yLSFcQPXNJuCwpCRJ9UZqOeu
biujBrEwcz2WWzv/jNAoDPNbYT3Z/GsOGUnEXNI+fNMNeBzJDsw4TyPSqOpY/JIJ
KjG9clkIy4iZsgbhLZybx6tsIMAaCCcVmLlMwMAr9Rp12NQKdIxWsbz2BvlfLVVH
HTk4xrtZUrISafzTzTKQtm2fOihyCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIE+
crPnbBjfqZMjtjJdADpCg5wPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NzlENUU2ODhFRjExMUYwOUI2MTQ1QzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSHMA0GCSqGSIb3DQEB
CwUAA4IBAQBMBGXDDAzP30k3CW++cXOLcPKeVQ+ZdkO7LUX9z+mAaGHqfxhI3aa3
xbsHmug4NbLIxWT2FSHbPBR+wzLxgC+Nl9iy6H5bY4ywQCXiz9blPwVOkPP3OTtQ
GSjK9JQFL9mrLMSEjLcV6UVOKhngsuF9y3EGzfNYzdG1KwNRiiGTxsVgH0/oAKVV
BsxCxURbLEXdHsYwGeixZtcGgjY+TOMGRT9KcjxKVM96krx8XmgA/l+U2SSRKiSZ
WVfsy0d9XkPLH3b5PyauQAFG/Y/S1G+R8RCElmeSWqGfqBcaAYgOhbtASnq5dymm
yS/dqK8GAY56S2e3TUbBuc+BfH02lYCP
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:55 2025 by rpki-client