Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A17BCF7C8AC911F097EA908FDAE4EC9C.roa
File: A17BCF7C8AC911F097EA908FDAE4EC9C.roa (raw, json)
Hash identifier: gycNFNyZx7oWqtUsBkKMeJZEwFUyUAsUumzN4Lt2tjQ=
Subject key identifier: AC:C4:DE:32:34:51:1A:57:4A:D9:5B:4B:EB:9C:16:0F:EC:1A:FE:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E49
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A17BCF7C8AC911F097EA908FDAE4EC9C.roa
Signing time: Sat 06 Sep 2025 02:31:45 +0000
ROA not before: Sat 06 Sep 2025 02:31:41 +0000
ROA not after: Wed 06 May 2026 02:31:41 +0000
asID: 395886
IP address blocks: 154.86.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106057 (0x19e49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 6 02:31:41 2025 GMT
Not After : May 6 02:31:41 2026 GMT
Subject: CN=68bb9d11-6526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4b:e5:e9:b6:3f:6d:d9:e6:0f:8a:bc:23:be:
d4:0a:da:e7:d2:a0:4e:d0:1f:72:74:2b:2a:6f:d8:
53:46:15:24:5c:97:32:6d:98:a0:ab:01:7c:29:1a:
7f:4e:aa:2f:5f:25:5a:06:b8:f1:fe:31:b9:11:0c:
ea:42:a5:b3:ef:05:9a:12:e3:7a:09:85:2e:67:48:
20:65:c5:12:d3:18:82:d2:51:b3:d6:24:32:f5:65:
fc:4f:9c:cc:b3:ea:ae:f1:63:be:e5:da:49:c9:e4:
d5:50:6e:8c:ae:8b:c9:df:e9:59:98:6d:9a:3f:fa:
de:55:06:05:89:56:4b:78:11:21:09:7d:7b:c7:f5:
2a:e3:fa:d5:f8:bf:4a:7e:16:85:c4:da:b7:31:4e:
04:85:36:af:3a:69:e8:44:f0:c9:2a:ad:f8:a5:d4:
2e:6e:a2:a3:52:4d:19:d5:e9:e1:27:cc:a6:5e:97:
ba:06:7e:4b:2f:75:d9:fa:02:7b:df:17:3b:bd:cf:
39:e9:83:af:03:f2:db:7d:d5:50:43:66:9b:58:05:
25:c7:41:67:cc:ee:54:fe:3a:69:08:60:a3:92:89:
8e:01:35:39:5a:d7:52:75:23:6d:4d:74:d8:4f:50:
f4:ed:27:90:96:84:34:b7:a3:f2:50:ac:12:f5:c6:
89:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C4:DE:32:34:51:1A:57:4A:D9:5B:4B:EB:9C:16:0F:EC:1A:FE:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A17BCF7C8AC911F097EA908FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ee:6b:a9:b8:86:ac:f5:f9:6f:cb:f5:3a:5c:7e:65:bd:32:
fa:22:62:d4:89:d7:e5:94:49:89:71:bb:7e:6d:6d:03:2d:19:
00:f6:5a:e3:75:20:1b:42:e5:cc:e0:c3:f9:86:57:5c:63:9b:
e3:52:81:57:09:99:3c:27:9d:9e:40:b1:6b:f5:6e:5e:af:b0:
0d:0e:7c:64:93:60:9c:e3:30:59:2f:71:17:41:5c:52:4f:33:
8e:d4:fd:0e:d0:1b:3d:b5:96:dd:09:83:df:ce:0d:b0:32:cb:
12:48:14:c0:a6:e9:88:a9:60:a6:00:f7:56:25:99:11:b8:89:
69:72:d2:9b:26:f9:e0:66:88:5e:f6:33:3b:60:5e:4c:83:01:
9c:f3:c6:2c:44:e3:d5:a6:81:e8:4a:66:4d:70:fc:de:f8:ae:
a9:e4:d9:cd:ce:59:e0:c7:d5:82:75:07:b8:67:86:ea:06:9b:
34:af:49:e4:cb:81:e1:3b:37:a7:3d:ea:f8:b6:90:0d:0c:13:
8e:8f:a2:72:54:84:0e:35:8a:38:87:a3:ab:ef:d0:cd:28:56:
ea:a4:3a:c9:bb:9b:9a:30:63:1a:c4:bc:29:b4:75:3f:53:d5:
0d:8c:7c:25:c7:c3:7c:99:f0:14:36:9a:f6:ae:0a:73:2b:f9:
24:4c:a2:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ5JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA2MDIzMTQxWhcNMjYwNTA2MDIzMTQxWjAYMRYw
FAYDVQQDEw02OGJiOWQxMS02NTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy0vl6bY/bdnmD4q8I77UCtrn0qBO0B9ydCsqb9hTRhUkXJcybZigqwF8
KRp/TqovXyVaBrjx/jG5EQzqQqWz7wWaEuN6CYUuZ0ggZcUS0xiC0lGz1iQy9WX8
T5zMs+qu8WO+5dpJyeTVUG6MrovJ3+lZmG2aP/reVQYFiVZLeBEhCX17x/Uq4/rV
+L9KfhaFxNq3MU4EhTavOmnoRPDJKq34pdQubqKjUk0Z1enhJ8ymXpe6Bn5LL3XZ
+gJ73xc7vc856YOvA/LbfdVQQ2abWAUlx0FnzO5U/jppCGCjkomOATU5WtdSdSNt
TXTYT1D07SeQloQ0t6PyUKwS9caJwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKzE
3jI0URpXStlbS+ucFg/sGv6NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMTdCQ0Y3QzhBQzkxMUYwOTdFQTkwOEZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYQMA0GCSqGSIb3DQEB
CwUAA4IBAQA27mupuIas9flvy/U6XH5lvTL6ImLUidfllEmJcbt+bW0DLRkA9lrj
dSAbQuXM4MP5hldcY5vjUoFXCZk8J52eQLFr9W5er7ANDnxkk2Cc4zBZL3EXQVxS
TzOO1P0O0Bs9tZbdCYPfzg2wMssSSBTApumIqWCmAPdWJZkRuIlpctKbJvngZohe
9jM7YF5MgwGc88YsROPVpoHoSmZNcPze+K6p5NnNzlngx9WCdQe4Z4bqBps0r0nk
y4HhOzenPer4tpANDBOOj6JyVIQONYo4h6Or79DNKFbqpDrJu5uaMGMaxLwptHU/
U9UNjHwlx8N8mfAUNpr2rgpzK/kkTKLt
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:19:44 2025 by rpki-client