Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AFF850488C511F0BA815FF5DAE4EC9C.roa
File: 9AFF850488C511F0BA815FF5DAE4EC9C.roa (raw, json)
Hash identifier: pHPP9dHBjBQnk0bh7OrWh1x1QTai3btEBf6ODlg+nSM=
Subject key identifier: 4B:1D:AF:E0:71:42:4D:72:22:23:40:82:20:9A:DD:32:24:E5:4A:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019D10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AFF850488C511F0BA815FF5DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 12:57:54 +0000
ROA not before: Wed 03 Sep 2025 12:57:48 +0000
ROA not after: Fri 10 Oct 2025 12:57:48 +0000
asID: 142032
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105744 (0x19d10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 3 12:57:48 2025 GMT
Not After : Oct 10 12:57:48 2025 GMT
Subject: CN=68b83b52-8253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d7:50:90:62:91:5e:eb:71:96:f5:89:30:5b:
4a:68:63:73:d4:3d:2c:6f:f6:eb:f7:11:88:6d:6b:
04:c5:cc:4f:54:8c:11:7a:f1:11:0d:0e:1e:b8:1c:
ff:8f:4d:5f:ba:cd:8b:d3:d7:93:e9:d6:2f:4a:74:
39:0c:49:ae:85:a1:3f:6a:e7:5f:6a:c6:c5:5a:d5:
40:0c:07:0f:68:82:8c:84:e1:92:ae:2f:80:47:db:
7a:9d:65:09:c1:2c:4e:da:08:38:28:f1:aa:0c:5b:
4d:53:1c:06:9e:20:ec:3e:ad:ca:64:34:cf:b3:c7:
b1:53:05:c6:18:3f:30:13:4c:fa:e2:6a:b4:20:8b:
1c:a4:d7:9d:d0:3b:bc:f6:ea:c8:79:a8:77:45:a4:
15:83:c1:0a:b7:54:68:9c:65:7d:5a:a2:8a:16:ae:
72:83:da:36:7c:e3:9c:d6:e5:7f:8d:3b:eb:1b:e7:
82:50:c7:fa:99:a0:23:d8:e1:73:7f:81:f7:b7:4d:
d4:a7:37:c0:ef:30:de:cc:25:63:4a:bb:a7:87:d2:
dc:7a:45:e6:df:ef:ee:a7:81:e4:64:4a:fb:ca:cd:
cd:3b:99:75:ed:fc:ba:ab:09:d5:a0:08:22:25:75:
5b:df:4e:58:5d:73:fd:97:01:b7:a9:47:8c:da:44:
09:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1D:AF:E0:71:42:4D:72:22:23:40:82:20:9A:DD:32:24:E5:4A:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AFF850488C511F0BA815FF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
98:3d:4e:da:71:d6:d8:ef:a4:99:2b:f7:66:f8:34:8e:d1:97:
66:dd:1c:a4:e9:1a:88:21:e5:04:13:56:2f:ac:91:30:6f:4a:
04:4d:96:43:e6:15:c0:f3:42:69:fb:d8:86:59:08:65:ef:24:
6a:d9:8b:1d:9d:f6:c6:23:24:cc:4a:56:af:3b:55:df:28:ee:
ee:70:0d:b3:62:92:37:d1:0e:97:e0:3d:b5:3a:d1:b1:e9:0f:
4c:27:cf:0d:91:7c:63:40:27:11:3a:de:7b:61:9b:33:f9:04:
b2:3c:0c:6a:1f:4c:65:eb:11:54:d4:c3:81:f0:7c:7f:cd:f5:
5e:49:fb:a5:bd:7e:9e:5c:c3:a5:33:6b:f9:a5:c3:e2:22:5b:
69:b8:9e:c1:01:64:bb:4f:3f:d4:7a:03:c4:99:43:e4:c1:f5:
44:9f:5c:95:47:8a:68:e6:71:10:11:93:b8:9a:47:63:ae:b1:
a9:47:c0:38:39:a0:b5:be:c5:0e:72:cd:67:0b:f8:c2:86:5d:
71:be:94:aa:4f:bd:5d:75:b3:60:75:49:59:1f:ed:28:18:72:
a0:f3:a1:12:e3:de:56:ac:dc:c7:f5:ff:ab:e4:19:80:38:0a:
a0:d7:20:a3:1c:00:7f:f7:10:da:0e:ba:4e:ef:f0:4f:33:47:
f7:c9:81:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ0QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAzMTI1NzQ4WhcNMjUxMDEwMTI1NzQ4WjAYMRYw
FAYDVQQDEw02OGI4M2I1Mi04MjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAztdQkGKRXutxlvWJMFtKaGNz1D0sb/br9xGIbWsExcxPVIwRevERDQ4e
uBz/j01fus2L09eT6dYvSnQ5DEmuhaE/audfasbFWtVADAcPaIKMhOGSri+AR9t6
nWUJwSxO2gg4KPGqDFtNUxwGniDsPq3KZDTPs8exUwXGGD8wE0z64mq0IIscpNed
0Du89urIeah3RaQVg8EKt1RonGV9WqKKFq5yg9o2fOOc1uV/jTvrG+eCUMf6maAj
2OFzf4H3t03UpzfA7zDezCVjSrunh9LcekXm3+/up4HkZEr7ys3NO5l17fy6qwnV
oAgiJXVb305YXXP9lwG3qUeM2kQJiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEsd
r+BxQk1yIiNAgiCa3TIk5UobMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QUZGODUwNDg4QzUxMUYwQkE4MTVGRjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQCYPU7acdbY76SZK/dm+DSO0Zdm3Ryk6RqIIeUEE1YvrJEwb0oETZZD
5hXA80Jp+9iGWQhl7yRq2YsdnfbGIyTMSlavO1XfKO7ucA2zYpI30Q6X4D21OtGx
6Q9MJ88NkXxjQCcROt57YZsz+QSyPAxqH0xl6xFU1MOB8Hx/zfVeSfulvX6eXMOl
M2v5pcPiIltpuJ7BAWS7Tz/UegPEmUPkwfVEn1yVR4po5nEQEZO4mkdjrrGpR8A4
OaC1vsUOcs1nC/jChl1xvpSqT71ddbNgdUlZH+0oGHKg86ES495WrNzH9f+r5BmA
OAqg1yCjHAB/9xDaDrpO7/BPM0f3yYFc
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:36 2025 by rpki-client