Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98E949C688CA11F0BD8C0896DAE4EC9C.roa
File: 98E949C688CA11F0BD8C0896DAE4EC9C.roa (raw, json)
Hash identifier: Xg9mNmOrS/6UPQancet+7+yMbjcdOA2aDcZVLM89bLU=
Subject key identifier: 05:2D:24:2D:68:97:69:0E:F5:0D:2F:B6:F6:DF:8B:79:61:CB:8E:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019D23
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98E949C688CA11F0BD8C0896DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 13:33:38 +0000
ROA not before: Wed 03 Sep 2025 13:33:33 +0000
ROA not after: Wed 10 Sep 2025 13:33:33 +0000
asID: 136970
IP address blocks: 154.197.2.0/23 maxlen: 24
154.197.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105763 (0x19d23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 3 13:33:33 2025 GMT
Not After : Sep 10 13:33:33 2025 GMT
Subject: CN=68b843b2-1a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:a8:bf:51:bf:8b:38:0c:14:43:99:3c:11:
12:28:7f:c9:f1:b9:1c:15:f4:6a:8f:6d:30:0a:fa:
0b:b9:45:9d:75:f1:41:7e:84:ef:41:4f:20:9f:bf:
bb:dc:43:0c:e6:ce:78:3f:e6:73:6f:5a:a7:cb:40:
79:d8:75:17:92:52:48:6c:80:a5:ee:2f:26:74:bb:
6f:3c:11:25:d8:3c:e5:74:3d:91:ea:f2:71:ec:c7:
8c:ff:51:83:57:0b:d0:5d:c7:3c:e7:ff:09:9e:e9:
c8:6a:ce:9a:47:7e:79:33:03:75:33:ad:54:01:74:
0c:9e:52:28:f2:05:d9:a9:11:d9:37:e4:6c:1f:75:
4d:42:da:98:c8:96:d3:d1:04:85:c2:33:b4:8c:96:
0f:ae:5b:62:53:ce:a3:0a:0a:c2:7d:d3:a7:06:59:
13:be:bd:6a:06:2d:eb:99:0f:fe:45:f5:c3:ba:db:
17:2e:b7:5d:f3:31:f0:eb:9c:91:c4:0d:2b:c0:8b:
a9:8e:5d:3d:d2:97:62:07:55:37:a5:a0:6d:26:c7:
02:c0:76:b6:d5:23:c5:a9:cb:d5:43:db:da:2c:5a:
8b:44:55:53:45:d5:8e:93:84:d7:d2:11:5e:39:fb:
48:a0:85:64:e8:ec:95:a3:00:71:82:77:81:44:8f:
3c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:2D:24:2D:68:97:69:0E:F5:0D:2F:B6:F6:DF:8B:79:61:CB:8E:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/98E949C688CA11F0BD8C0896DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.2.0-154.197.7.255
Signature Algorithm: sha256WithRSAEncryption
93:d3:bc:d0:f8:2c:4c:09:ad:c7:8c:5e:f4:64:7b:7d:f5:20:
e8:ca:f2:1f:d5:b7:20:2b:5d:5d:6e:d8:53:de:50:45:1f:e5:
18:1a:6b:ab:41:d5:57:b2:62:4e:c0:5b:93:d1:58:03:30:ac:
41:83:52:19:bf:13:ff:21:62:9b:0f:b6:68:b1:51:4d:cb:5a:
ec:ae:e1:bc:9a:ee:c7:56:1c:26:7b:f1:fd:23:8e:a3:68:dc:
35:d2:12:25:e8:c8:5f:9c:83:d5:15:f3:e3:0f:47:97:ac:89:
3b:b0:d1:cc:66:b0:bb:11:84:61:c2:df:96:44:a4:c0:86:3d:
c3:b8:8c:15:f7:b5:cc:f2:2e:ad:07:a8:d5:39:d9:ff:2f:61:
3c:75:c3:fd:66:2b:c4:3b:d5:3b:88:a7:c5:62:a8:36:28:03:
4b:d4:7a:a8:0d:71:4d:4f:cb:44:ec:01:ca:0e:07:f7:02:69:
1f:48:74:0e:a3:e7:fb:0d:8f:9a:66:3d:41:13:f5:a4:f9:40:
a5:99:82:5e:1d:2c:a9:5b:9b:b6:1f:d0:48:98:1e:2c:fa:39:
3e:18:09:1b:15:97:b3:34:9f:31:57:f3:1a:e7:b8:e9:48:eb:
14:b5:2f:e4:7d:9f:93:6c:1e:ee:25:46:71:ba:63:3f:5f:c2:
1f:9b:d7:93
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAZ0jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAzMTMzMzMzWhcNMjUwOTEwMTMzMzMzWjAYMRYw
FAYDVQQDEw02OGI4NDNiMi0xYTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsq+ov1G/izgMFEOZPBESKH/J8bkcFfRqj20wCvoLuUWddfFBfoTvQU8g
n7+73EMM5s54P+Zzb1qny0B52HUXklJIbICl7i8mdLtvPBEl2DzldD2R6vJx7MeM
/1GDVwvQXcc85/8JnunIas6aR355MwN1M61UAXQMnlIo8gXZqRHZN+RsH3VNQtqY
yJbT0QSFwjO0jJYPrltiU86jCgrCfdOnBlkTvr1qBi3rmQ/+RfXDutsXLrdd8zHw
65yRxA0rwIupjl090pdiB1U3paBtJscCwHa21SPFqcvVQ9vaLFqLRFVTRdWOk4TX
0hFeOftIoIVk6OyVowBxgneBRI88FwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFAUt
JC1ol2kO9Q0vtvbfi3lhy45rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OEU5NDlDNjg4Q0ExMUYwQkQ4QzA4OTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaxQIDBAOaxQAwDQYJ
KoZIhvcNAQELBQADggEBAJPTvND4LEwJrceMXvRke331IOjK8h/VtyArXV1u2FPe
UEUf5Rgaa6tB1VeyYk7AW5PRWAMwrEGDUhm/E/8hYpsPtmixUU3LWuyu4bya7sdW
HCZ78f0jjqNo3DXSEiXoyF+cg9UV8+MPR5esiTuw0cxmsLsRhGHC35ZEpMCGPcO4
jBX3tczyLq0HqNU52f8vYTx1w/1mK8Q71TuIp8ViqDYoA0vUeqgNcU1Py0TsAcoO
B/cCaR9IdA6j5/sNj5pmPUET9aT5QKWZgl4dLKlbm7Yf0EiYHiz6OT4YCRsVl7M0
nzFX8xrnuOlI6xS1L+R9n5NsHu4lRnG6Yz9fwh+b15M=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:41:46 2025 by rpki-client