Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7138A02843611F0884315C2DAE4EC9C.roa
File: C7138A02843611F0884315C2DAE4EC9C.roa (raw, json)
Hash identifier: 8cjK1WoTmWDBfqg50JU/6LjfmLtTMFRBqNFwZSwLD78=
Subject key identifier: E4:6D:A0:39:C6:14:28:5D:B0:AC:C3:B9:87:3B:5F:BB:13:40:FD:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A0E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7138A02843611F0884315C2DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 17:45:25 +0000
ROA not before: Thu 28 Aug 2025 17:45:20 +0000
ROA not after: Mon 06 Oct 2025 17:45:20 +0000
asID: 202656
IP address blocks: 154.218.28.0/24 maxlen: 24
154.218.29.0/24 maxlen: 24
154.219.196.0/24 maxlen: 24
154.219.198.0/24 maxlen: 24
154.219.199.0/24 maxlen: 24
154.221.56.0/24 maxlen: 24
154.221.57.0/24 maxlen: 24
154.221.58.0/24 maxlen: 24
154.221.59.0/24 maxlen: 24
154.221.61.0/24 maxlen: 24
154.222.1.0/24 maxlen: 24
154.222.12.0/24 maxlen: 24
154.222.13.0/24 maxlen: 24
154.222.14.0/24 maxlen: 24
154.222.15.0/24 maxlen: 24
154.222.43.0/24 maxlen: 24
154.222.44.0/24 maxlen: 24
154.222.45.0/24 maxlen: 24
154.222.46.0/24 maxlen: 24
154.222.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104974 (0x19a0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 17:45:20 2025 GMT
Not After : Oct 6 17:45:20 2025 GMT
Subject: CN=68b095b5-8fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:b5:21:17:fd:8b:7d:d6:cc:a5:19:3d:c1:
09:13:17:6d:e3:5c:ed:68:f8:8f:f4:68:f0:93:5b:
5a:50:79:e6:ac:db:05:78:48:cd:87:3f:06:2b:be:
8d:bf:49:44:9b:9a:ac:92:c7:4c:01:2f:92:d5:8b:
6a:06:9c:51:99:77:6f:07:36:46:3b:cd:f8:ab:b6:
7a:42:b8:5b:f4:76:37:56:b6:45:72:7f:fb:ef:40:
51:96:19:f5:b4:56:fd:14:c8:91:8a:46:54:ed:be:
f3:d3:c6:d5:43:50:28:c4:30:38:1c:70:eb:6b:77:
45:85:fc:dd:19:8c:55:7a:fe:e7:ce:87:76:33:b6:
53:f2:c0:fd:87:14:48:95:0b:d2:82:cb:d6:ea:15:
c1:4a:9c:91:80:23:1c:fc:28:cc:8b:22:7f:2e:cc:
96:6a:f3:b9:c3:4e:03:5c:e9:76:28:38:a5:01:43:
0c:af:56:a0:d0:2f:af:bd:af:c1:0d:07:ad:1f:bb:
14:c9:e0:e6:ec:b3:62:bd:a9:ca:e4:45:5a:a4:34:
80:ae:b9:46:87:83:65:ee:a7:29:e8:9c:7d:ba:d1:
67:d9:d8:12:b4:cb:29:94:a4:77:d3:27:d6:d9:68:
60:8e:09:f7:3e:1f:73:72:80:57:89:b6:cd:46:3c:
40:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:6D:A0:39:C6:14:28:5D:B0:AC:C3:B9:87:3B:5F:BB:13:40:FD:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C7138A02843611F0884315C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.28.0/23
154.219.196.0/24
154.219.198.0/23
154.221.56.0/22
154.221.61.0/24
154.222.1.0/24
154.222.12.0/22
154.222.43.0-154.222.47.255
Signature Algorithm: sha256WithRSAEncryption
06:f6:14:7b:be:d3:b6:dd:7d:d5:2a:61:57:dc:11:d2:9a:38:
c3:42:d5:6d:ab:95:85:32:2d:ed:7e:9e:2a:df:6a:94:75:4e:
3e:d0:38:61:23:48:9e:be:24:8f:b3:f5:c5:f7:8e:5e:d4:fa:
38:87:f6:aa:03:d3:46:78:ac:0d:be:1b:51:85:08:3a:d7:66:
ee:68:95:b1:53:39:61:44:0b:89:67:1f:a9:eb:7f:74:eb:0d:
a6:a9:27:3e:68:71:d7:0f:f4:f3:f1:0a:22:0d:11:9b:e9:67:
57:c1:1e:f4:9a:43:8a:c7:0a:1b:17:54:f1:49:99:52:33:87:
33:37:28:f1:3d:db:41:08:24:09:2a:24:5f:d4:16:85:f1:4c:
78:28:47:08:9e:4c:43:3b:49:0f:4d:a1:96:97:cf:a9:dc:3d:
80:1f:ed:43:b4:3c:e2:08:31:b1:81:be:ad:5c:08:c6:2d:20:
21:38:eb:73:38:93:a3:af:fb:fa:12:eb:9c:bf:a6:cc:4c:d2:
33:e4:98:7f:61:43:76:f0:da:f6:15:96:75:da:d9:99:a1:00:
4d:4f:06:81:38:78:f3:7d:e8:ef:25:64:20:76:b2:f4:96:09:
0a:b1:00:00:02:30:ee:6e:8a:78:1e:7f:34:c1:b6:b9:41:36:
17:75:b5:e5
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIDAZoOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTc0NTIwWhcNMjUxMDA2MTc0NTIwWjAYMRYw
FAYDVQQDEw02OGIwOTViNS04ZmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArZi1IRf9i33WzKUZPcEJExdt41ztaPiP9Gjwk1taUHnmrNsFeEjNhz8G
K76Nv0lEm5qsksdMAS+S1YtqBpxRmXdvBzZGO834q7Z6Qrhb9HY3VrZFcn/770BR
lhn1tFb9FMiRikZU7b7z08bVQ1AoxDA4HHDra3dFhfzdGYxVev7nzod2M7ZT8sD9
hxRIlQvSgsvW6hXBSpyRgCMc/CjMiyJ/LsyWavO5w04DXOl2KDilAUMMr1ag0C+v
va/BDQetH7sUyeDm7LNivanK5EVapDSArrlGh4Nl7qcp6Jx9utFn2dgStMsplKR3
0yfW2Whgjgn3Ph9zcoBXibbNRjxATwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFORt
oDnGFChdsKzDuYc7X7sTQP3+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNzEzOEEwMjg0MzYxMUYwODg0MzE1QzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBmtocAwQAmtvEAwQBmtvG
AwQCmt04AwQAmt09AwQAmt4BAwQCmt4MMAwDBACa3isDBASa3iAwDQYJKoZIhvcN
AQELBQADggEBAAb2FHu+07bdfdUqYVfcEdKaOMNC1W2rlYUyLe1+nirfapR1Tj7Q
OGEjSJ6+JI+z9cX3jl7U+jiH9qoD00Z4rA2+G1GFCDrXZu5olbFTOWFEC4lnH6nr
f3TrDaapJz5ocdcP9PPxCiINEZvpZ1fBHvSaQ4rHChsXVPFJmVIzhzM3KPE920EI
JAkqJF/UFoXxTHgoRwieTEM7SQ9NoZaXz6ncPYAf7UO0POIIMbGBvq1cCMYtICE4
63M4k6Ov+/oS65y/psxM0jPkmH9hQ3bw2vYVlnXa2ZmhAE1PBoE4ePN96O8lZCB2
svSWCQqxAAACMO5uingefzTBtrlBNhd1teU=
-----END CERTIFICATE-----
Generated at Wed Sep 3 20:37:02 2025 by rpki-client