Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7C41AE688911F0B40ADEC5DAE4EC9C.roa
File: AF7C41AE688911F0B40ADEC5DAE4EC9C.roa (raw, json)
Hash identifier: 5GoGVVbSniGW+nkMTp8cHc9ujq8jb0P7Nk4TTP3er9w=
Subject key identifier: 37:10:F7:FF:31:80:C8:49:70:C0:47:50:BD:46:F1:92:F9:4C:51:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7C41AE688911F0B40ADEC5DAE4EC9C.roa
Signing time: Thu 24 Jul 2025 12:28:22 +0000
ROA not before: Thu 24 Jul 2025 12:28:15 +0000
ROA not after: Thu 04 Sep 2025 12:28:15 +0000
asID: 271956
IP address blocks: 154.88.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Jul 2025 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102260 (0x18f74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 24 12:28:15 2025 GMT
Not After : Sep 4 12:28:15 2025 GMT
Subject: CN=688226e5-feb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:3c:a5:c2:88:9e:ef:9c:db:c0:9d:91:c9:
ee:b7:8d:30:12:d1:a1:7f:d4:ba:85:0b:13:55:c9:
c5:2a:e5:c8:df:ac:23:9d:6f:5d:2a:d7:11:ef:d9:
6a:8e:a5:d9:3e:6f:76:38:3e:22:83:31:4a:92:96:
9a:8e:27:7b:ad:90:31:7d:1b:d3:42:ed:d3:de:06:
c3:24:a0:30:77:79:d5:23:9a:85:56:65:0d:d7:c0:
0d:fe:d6:df:a5:db:d7:2f:8f:50:8c:e0:ee:46:a3:
ad:6f:76:ed:1e:e6:c9:3d:4e:74:e3:7a:75:08:ed:
1f:c7:fa:8c:c0:e5:48:2c:34:13:af:ca:11:fb:78:
90:9f:6c:1b:a7:42:7f:34:41:72:e0:e3:a1:fe:1c:
6a:47:11:9c:72:9b:18:f3:70:6a:a7:4d:66:b5:74:
76:61:e8:11:ab:f5:24:08:a6:78:84:74:58:6a:07:
31:c2:8c:c6:83:2c:26:1e:3a:72:eb:19:da:f2:a2:
6d:47:0c:85:b1:ef:cb:d0:ba:4a:13:eb:bb:f4:2c:
f5:61:ac:64:24:1f:10:dc:83:15:19:2c:6a:b8:2e:
e0:b7:47:7c:3d:ee:55:fb:8a:e9:46:8e:e7:5f:b7:
9f:90:7c:d5:ef:c6:d4:fc:6f:ed:7d:c4:45:8a:80:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:10:F7:FF:31:80:C8:49:70:C0:47:50:BD:46:F1:92:F9:4C:51:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7C41AE688911F0B40ADEC5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.190.0/23
Signature Algorithm: sha256WithRSAEncryption
61:af:6f:58:66:c4:18:d9:2d:ce:98:7a:4c:80:28:18:87:aa:
9e:84:da:5e:b0:90:6b:76:fb:42:22:fd:98:c4:0b:aa:ef:bd:
d0:c8:0b:14:cc:a9:87:03:5e:98:e3:ac:db:5e:f1:4c:e5:fc:
51:d7:5d:74:06:b2:f6:ea:02:03:e9:03:6e:88:f2:74:0e:3d:
9c:47:49:d2:82:83:55:5a:07:8a:cc:2a:6d:17:18:ca:a5:c1:
ce:55:46:5e:c5:46:de:27:8f:56:3c:af:85:b7:6c:55:09:a0:
bd:38:99:86:ef:d7:2a:21:16:15:60:6a:41:b6:c1:d5:4e:8c:
0f:e3:a6:2c:11:53:9a:45:f4:51:7f:1e:2c:78:4c:d1:88:8e:
84:9b:8a:af:fb:45:7f:9c:d1:fc:60:c9:02:01:12:40:29:76:
4b:8c:7a:dc:99:35:fb:95:fe:55:80:ad:d6:fd:2f:98:20:20:
32:da:c0:d3:8c:f0:30:c1:d9:3e:f5:3a:08:ee:f8:0e:96:2b:
f0:da:7c:6b:09:18:32:20:80:fe:77:29:ac:ce:b4:2f:ce:52:
56:2b:ae:7b:d0:6f:0a:10:6c:b9:7f:6e:c5:dc:71:e4:67:23:
16:48:9c:89:a9:30:8c:45:cf:1f:78:9c:8e:e0:ba:43:60:32:
8e:c4:24:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY90MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI0MTIyODE1WhcNMjUwOTA0MTIyODE1WjAYMRYw
FAYDVQQDEw02ODgyMjZlNS1mZWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAukY8pcKInu+c28Cdkcnut40wEtGhf9S6hQsTVcnFKuXI36wjnW9dKtcR
79lqjqXZPm92OD4igzFKkpaajid7rZAxfRvTQu3T3gbDJKAwd3nVI5qFVmUN18AN
/tbfpdvXL49QjODuRqOtb3btHubJPU5043p1CO0fx/qMwOVILDQTr8oR+3iQn2wb
p0J/NEFy4OOh/hxqRxGccpsY83Bqp01mtXR2YegRq/UkCKZ4hHRYagcxwozGgywm
Hjpy6xna8qJtRwyFse/L0LpKE+u79Cz1YaxkJB8Q3IMVGSxquC7gt0d8Pe5V+4rp
Ro7nX7efkHzV78bU/G/tfcRFioCeHQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDcQ
9/8xgMhJcMBHUL1G8ZL5TFFnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjdDNDFBRTY4ODkxMUYwQjQwQURFQzVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmli+MA0GCSqGSIb3DQEB
CwUAA4IBAQBhr29YZsQY2S3OmHpMgCgYh6qehNpesJBrdvtCIv2YxAuq773QyAsU
zKmHA16Y46zbXvFM5fxR1110BrL26gID6QNuiPJ0Dj2cR0nSgoNVWgeKzCptFxjK
pcHOVUZexUbeJ49WPK+Ft2xVCaC9OJmG79cqIRYVYGpBtsHVTowP46YsEVOaRfRR
fx4seEzRiI6Em4qv+0V/nNH8YMkCARJAKXZLjHrcmTX7lf5VgK3W/S+YICAy2sDT
jPAwwdk+9ToI7vgOlivw2nxrCRgyIID+dymszrQvzlJWK6570G8KEGy5f27F3HHk
ZyMWSJyJqTCMRc8feJyO4LpDYDKOxCRJ
-----END CERTIFICATE-----
Generated at Sat Jul 26 10:36:50 2025 by rpki-client