Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD7EB0BC889611F0B6625EC9DAE4EC9C.roa
File: AD7EB0BC889611F0B6625EC9DAE4EC9C.roa (raw, json)
Hash identifier: rWyQ/euY2CNjU8Tcd2lGv13wbZJpB72dpT6ylvjjHLs=
Subject key identifier: DC:88:20:76:08:C6:2B:AF:50:DA:5B:2A:4C:61:82:2D:D2:15:0C:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019C9B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD7EB0BC889611F0B6625EC9DAE4EC9C.roa
Signing time: Wed 03 Sep 2025 07:21:59 +0000
ROA not before: Wed 03 Sep 2025 07:21:54 +0000
ROA not after: Mon 01 Dec 2025 07:21:54 +0000
asID: 399077
IP address blocks: 154.91.107.0/24 maxlen: 24
154.91.108.0/24 maxlen: 24
154.91.109.0/24 maxlen: 24
154.91.110.0/24 maxlen: 24
154.91.111.0/24 maxlen: 24
154.91.112.0/24 maxlen: 24
154.91.113.0/24 maxlen: 24
154.91.114.0/24 maxlen: 24
154.91.115.0/24 maxlen: 24
154.91.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105627 (0x19c9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 3 07:21:54 2025 GMT
Not After : Dec 1 07:21:54 2025 GMT
Subject: CN=68b7ec97-0be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:09:0e:fb:05:c5:fe:b1:61:6b:c3:63:0e:53:
cd:74:5a:48:da:ee:30:3f:f8:c0:3b:de:89:93:0e:
40:77:ae:d7:76:a8:bc:2f:5e:ea:05:1f:8c:f6:fe:
27:6c:a5:f5:3f:bc:68:7e:49:c2:c1:a8:95:e7:02:
55:eb:4a:39:f3:6b:08:b6:74:c1:d5:49:07:7d:ce:
98:20:65:46:91:70:29:79:d4:a1:8f:3d:28:25:7c:
3e:63:6e:6a:a6:b1:cc:48:8b:69:1d:0e:e9:b5:a2:
76:ac:c1:26:84:4d:cd:d1:5f:cc:90:f8:14:29:0b:
f5:6b:30:9e:a2:bf:62:52:3b:8f:60:be:be:7e:38:
ec:56:70:80:99:6e:9f:20:fd:f7:2b:8b:f5:fe:a2:
fa:a3:cb:6e:aa:19:50:01:1f:6d:3b:d4:3a:ec:a3:
51:0d:5d:19:5a:8a:51:60:a5:86:aa:e9:23:cd:12:
79:03:a8:87:a4:f9:8b:7b:ab:05:8b:24:e8:0d:ed:
88:b6:ae:53:4b:3c:63:50:b1:c2:9a:f1:16:6d:e3:
17:6a:e5:9f:ec:9e:b6:f9:27:f5:dc:1b:88:bd:af:
36:27:c2:27:07:69:8f:4c:14:52:23:5e:c2:10:d9:
18:df:62:a1:c7:7c:f0:8b:a6:b3:7e:d5:25:07:b0:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:88:20:76:08:C6:2B:AF:50:DA:5B:2A:4C:61:82:2D:D2:15:0C:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD7EB0BC889611F0B6625EC9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.107.0-154.91.116.255
Signature Algorithm: sha256WithRSAEncryption
9a:af:8d:1c:04:8f:39:44:5d:cf:23:9f:03:99:3c:96:4e:6f:
b4:e4:07:37:95:9b:37:70:f2:36:14:3b:68:f8:b7:e3:eb:2f:
96:21:69:6e:d9:c8:7c:73:ce:1d:66:37:80:1f:c9:09:5f:0a:
05:61:3c:7d:f0:9f:9f:5b:c3:aa:8c:6b:97:75:f7:ff:ea:ed:
04:68:ea:1e:c5:8a:3e:5f:46:94:b3:af:56:b1:cd:ca:ad:93:
60:2a:49:8b:bb:90:8a:df:d6:e5:f8:b7:82:a4:6c:d7:c0:82:
b1:fc:17:df:ce:61:b3:4b:1e:60:1f:75:27:b4:ad:17:24:ce:
cb:2a:b6:fb:14:d9:30:ab:a4:3d:f3:37:64:c9:86:d8:23:14:
1d:6e:01:46:e6:33:5b:38:10:fb:21:6a:fa:11:73:76:3a:61:
24:d4:64:ce:08:43:07:05:23:0b:ef:36:da:72:00:ba:ed:f3:
0f:06:30:40:a4:ea:11:0f:f5:a5:f9:27:23:1d:e9:0c:29:de:
7e:3f:8d:2f:58:a9:d0:be:aa:3b:bf:ef:34:0a:11:90:45:5f:
eb:57:ad:41:cd:5c:b3:63:a5:98:1b:6d:b9:52:94:a1:ec:57:
19:5c:2f:a6:10:0e:90:61:3c:e7:c2:14:ed:2a:87:d2:25:0d:
23:62:e4:ab
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAZybMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTAzMDcyMTU0WhcNMjUxMjAxMDcyMTU0WjAYMRYw
FAYDVQQDEw02OGI3ZWM5Ny0wYmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwAkO+wXF/rFha8NjDlPNdFpI2u4wP/jAO96Jkw5Ad67Xdqi8L17qBR+M
9v4nbKX1P7xofknCwaiV5wJV60o582sItnTB1UkHfc6YIGVGkXApedShjz0oJXw+
Y25qprHMSItpHQ7ptaJ2rMEmhE3N0V/MkPgUKQv1azCeor9iUjuPYL6+fjjsVnCA
mW6fIP33K4v1/qL6o8tuqhlQAR9tO9Q67KNRDV0ZWopRYKWGqukjzRJ5A6iHpPmL
e6sFiyToDe2Itq5TSzxjULHCmvEWbeMXauWf7J62+Sf13BuIva82J8InB2mPTBRS
I17CENkY32Khx3zwi6azftUlB7DlXQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNyI
IHYIxiuvUNpbKkxhgi3SFQxFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRDdFQjBCQzg4OTYxMUYwQjY2MjVFQzlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACaW2sDBACaW3QwDQYJ
KoZIhvcNAQELBQADggEBAJqvjRwEjzlEXc8jnwOZPJZOb7TkBzeVmzdw8jYUO2j4
t+PrL5YhaW7ZyHxzzh1mN4AfyQlfCgVhPH3wn59bw6qMa5d19//q7QRo6h7Fij5f
RpSzr1axzcqtk2AqSYu7kIrf1uX4t4KkbNfAgrH8F9/OYbNLHmAfdSe0rRckzssq
tvsU2TCrpD3zN2TJhtgjFB1uAUbmM1s4EPshavoRc3Y6YSTUZM4IQwcFIwvvNtpy
ALrt8w8GMECk6hEP9aX5JyMd6Qwp3n4/jS9YqdC+qju/7zQKEZBFX+tXrUHNXLNj
pZgbbblSlKHsVxlcL6YQDpBhPOfCFO0qh9IlDSNi5Ks=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:32:26 2025 by rpki-client