Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3FDB828819111F0B03400F2DAE4EC9C.roa
File: A3FDB828819111F0B03400F2DAE4EC9C.roa (raw, json)
Hash identifier: fxrzjwB+l6gfPR+++sAZgj4xYrsraogGPEMl/5HRUog=
Subject key identifier: 3E:91:18:96:1B:8B:75:77:FD:12:33:62:39:E0:A4:1B:C5:AA:85:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0196F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3FDB828819111F0B03400F2DAE4EC9C.roa
Signing time: Mon 25 Aug 2025 08:58:17 +0000
ROA not before: Mon 25 Aug 2025 08:58:12 +0000
ROA not after: Mon 29 Sep 2025 08:58:12 +0000
asID: 4760
IP address blocks: 154.213.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104176 (0x196f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 25 08:58:12 2025 GMT
Not After : Sep 29 08:58:12 2025 GMT
Subject: CN=68ac25a9-2583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:d4:d5:f9:19:31:fe:79:2f:f3:ec:0b:5a:
7c:eb:55:8a:17:d9:c9:76:3f:9f:f3:33:4f:97:b4:
ed:a0:20:3f:ea:e7:da:d7:fc:37:f9:70:b3:9e:af:
f8:cd:87:4c:20:bb:94:77:54:8f:91:90:13:bc:f2:
ac:cf:10:8a:c4:19:7f:b9:2c:74:4f:db:0f:aa:7f:
73:cc:3d:61:57:4e:6b:1f:89:2c:e7:f2:43:a6:7a:
e9:e8:28:93:76:d7:cd:df:57:a9:81:e2:02:81:ce:
09:bd:4a:dd:57:53:30:a0:c9:b6:8b:91:c1:a7:7d:
d9:0a:11:43:50:a2:64:fe:67:ec:59:a7:8c:84:15:
d0:83:84:b7:d7:6e:96:d1:bb:ec:0b:d3:9c:f6:f9:
c4:74:bd:02:7f:48:2d:b6:9e:94:f0:1b:2a:5d:92:
5a:9f:79:c4:d8:73:63:f9:f7:f8:68:91:08:48:1c:
4f:bf:bf:55:a7:59:5c:b6:95:b8:03:8a:69:72:26:
90:6c:22:bb:37:1a:65:91:5c:fc:71:1c:bf:e8:b6:
20:a9:5e:48:a3:24:d9:bd:cf:f8:6f:9a:c5:e0:3f:
76:4c:d6:f5:fc:c8:91:9a:03:18:83:18:39:9b:84:
e7:83:f8:84:6a:46:61:23:05:f6:54:c6:86:34:13:
9f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:91:18:96:1B:8B:75:77:FD:12:33:62:39:E0:A4:1B:C5:AA:85:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3FDB828819111F0B03400F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.16.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:08:7d:79:bd:c9:39:17:95:2c:48:04:ce:a2:51:28:60:01:
4e:be:da:ea:61:fa:41:29:03:4d:d8:93:47:b5:98:3f:da:89:
d8:cb:98:00:6c:e5:72:b4:48:5f:e1:3e:8e:83:68:46:68:43:
34:d6:84:3c:60:63:5d:79:27:de:d3:2d:29:3e:f9:4b:69:b9:
41:3e:42:73:b5:36:c9:10:2e:6c:08:51:8d:7e:2f:40:6f:c0:
d6:ac:98:2b:88:de:28:53:26:64:52:3e:8d:80:1b:0f:0e:f1:
9b:47:10:00:4d:ce:c6:45:12:c2:ff:6c:8e:6d:41:f5:de:34:
ba:27:2a:e6:c8:ed:78:7f:9b:48:39:8d:22:78:15:7f:6e:97:
25:8c:80:24:52:7a:64:69:14:62:28:97:b9:5f:38:83:84:d6:
67:24:4c:5b:1b:9d:9f:05:b5:c9:28:64:0f:92:e8:45:d1:0b:
d3:3a:26:d4:6a:28:65:c0:1d:9f:5e:e7:61:b7:8e:96:a4:ae:
59:9e:eb:54:2e:dd:57:4b:0a:4d:9c:2a:1e:86:6a:f6:f2:6d:
8d:c0:d8:73:41:62:0e:8b:9d:ed:fc:5c:07:0d:84:6d:2c:b2:
77:bb:b5:07:15:c2:67:4a:19:29:64:3f:21:70:5e:91:49:d4:
c3:0e:be:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZbwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI1MDg1ODEyWhcNMjUwOTI5MDg1ODEyWjAYMRYw
FAYDVQQDEw02OGFjMjVhOS0yNTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqivU1fkZMf55L/PsC1p861WKF9nJdj+f8zNPl7TtoCA/6ufa1/w3+XCz
nq/4zYdMILuUd1SPkZATvPKszxCKxBl/uSx0T9sPqn9zzD1hV05rH4ks5/JDpnrp
6CiTdtfN31epgeICgc4JvUrdV1MwoMm2i5HBp33ZChFDUKJk/mfsWaeMhBXQg4S3
126W0bvsC9Oc9vnEdL0Cf0gttp6U8BsqXZJan3nE2HNj+ff4aJEISBxPv79Vp1lc
tpW4A4ppciaQbCK7NxplkVz8cRy/6LYgqV5IoyTZvc/4b5rF4D92TNb1/MiRmgMY
gxg5m4Tng/iEakZhIwX2VMaGNBOfRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD6R
GJYbi3V3/RIzYjngpBvFqoVpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BM0ZEQjgyODgxOTExMUYwQjAzNDAwRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtUQMA0GCSqGSIb3DQEB
CwUAA4IBAQBfCH15vck5F5UsSATOolEoYAFOvtrqYfpBKQNN2JNHtZg/2onYy5gA
bOVytEhf4T6Og2hGaEM01oQ8YGNdeSfe0y0pPvlLablBPkJztTbJEC5sCFGNfi9A
b8DWrJgriN4oUyZkUj6NgBsPDvGbRxAATc7GRRLC/2yObUH13jS6JyrmyO14f5tI
OY0ieBV/bpcljIAkUnpkaRRiKJe5XziDhNZnJExbG52fBbXJKGQPkuhF0QvTOibU
aihlwB2fXudht46WpK5ZnutULt1XSwpNnCoehmr28m2NwNhzQWIOi53t/FwHDYRt
LLJ3u7UHFcJnShkpZD8hcF6RSdTDDr73
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:34:40 2025 by rpki-client