Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D71434AC842611F0886D04DCDAE4EC9C.roa
File: D71434AC842611F0886D04DCDAE4EC9C.roa (raw, json)
Hash identifier: viVAKPcMUqWoy+CWIpnmGp39jYJ1Sdwt1N+P9FrjZYo=
Subject key identifier: F0:EA:67:C1:AB:CA:5B:99:12:AA:D7:53:C2:8D:AB:34:45:21:D8:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0199F8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D71434AC842611F0886D04DCDAE4EC9C.roa
Signing time: Thu 28 Aug 2025 15:51:21 +0000
ROA not before: Thu 28 Aug 2025 15:51:05 +0000
ROA not after: Wed 01 Oct 2025 15:51:05 +0000
asID: 44559
IP address blocks: 154.198.37.0/24 maxlen: 24
154.198.38.0/24 maxlen: 24
154.198.39.0/24 maxlen: 24
154.203.206.0/24 maxlen: 24
154.203.207.0/24 maxlen: 24
154.203.212.0/24 maxlen: 24
154.203.213.0/24 maxlen: 24
154.203.214.0/24 maxlen: 24
154.203.215.0/24 maxlen: 24
154.203.217.0/24 maxlen: 24
154.203.226.0/24 maxlen: 24
154.203.227.0/24 maxlen: 24
154.203.228.0/24 maxlen: 24
154.203.229.0/24 maxlen: 24
154.203.250.0/24 maxlen: 24
154.205.28.0/24 maxlen: 24
154.205.29.0/24 maxlen: 24
154.205.241.0/24 maxlen: 24
154.205.242.0/24 maxlen: 24
154.205.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104952 (0x199f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 28 15:51:05 2025 GMT
Not After : Oct 1 15:51:05 2025 GMT
Subject: CN=68b07af8-29d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:de:de:b0:ed:e4:66:b9:28:63:e3:af:1c:d2:
8c:b0:76:42:6a:72:4c:6b:3f:57:c2:e9:b3:55:00:
0c:b6:36:cd:67:4f:5f:0e:ff:e7:07:7a:04:24:7a:
4b:50:e4:28:aa:55:fd:5b:ba:54:ae:b1:db:15:56:
a3:2f:35:06:6b:a6:2a:1d:a8:d5:aa:b1:42:91:c7:
d5:1c:0f:fa:2d:96:d8:3b:49:6f:c9:33:5d:13:43:
19:1b:dc:32:1d:e6:c1:44:38:ba:42:f5:88:67:4f:
d1:84:2b:46:82:22:f5:4f:22:36:f1:94:4a:d9:c7:
f3:89:ec:45:85:f2:89:ad:71:69:03:e6:a9:9e:d8:
2a:6f:ee:47:c4:e8:22:31:00:e1:4b:ad:2a:71:81:
90:87:f9:de:6e:5c:27:3a:94:bb:df:92:94:1d:b9:
e3:0d:45:9a:27:a4:57:74:fe:07:01:56:68:48:d4:
9e:23:c6:ee:87:54:d0:c5:f0:39:06:51:d8:5d:78:
c2:82:6a:af:af:86:fe:66:04:2b:6b:a1:56:9f:cc:
05:9f:9f:01:ac:08:27:a3:ab:f1:4f:31:12:b5:b4:
42:66:56:fb:34:6e:18:73:c7:12:b5:93:28:bb:1e:
67:19:ea:76:c8:d3:31:b6:0f:99:33:c7:7d:99:fb:
d6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EA:67:C1:AB:CA:5B:99:12:AA:D7:53:C2:8D:AB:34:45:21:D8:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D71434AC842611F0886D04DCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.37.0-154.198.39.255
154.203.206.0/23
154.203.212.0/22
154.203.217.0/24
154.203.226.0-154.203.229.255
154.203.250.0/24
154.205.28.0/23
154.205.241.0-154.205.243.255
Signature Algorithm: sha256WithRSAEncryption
3d:b7:a9:c5:67:be:3c:53:65:5e:10:a4:95:c5:97:ff:cc:b1:
81:78:f8:33:a6:9b:68:35:ff:20:6c:5d:f5:d7:ce:74:c7:2a:
91:75:84:4b:5a:2c:c2:b2:d5:7e:54:a7:4d:8d:63:a3:b1:59:
28:63:73:4c:3d:66:22:a1:da:69:be:2e:ec:d3:43:5e:b7:b1:
c9:04:23:bc:a4:da:5b:43:94:b7:94:21:7d:b9:e4:6a:48:9e:
1e:bc:16:e2:76:d4:e0:77:53:06:40:5d:f5:bf:3d:09:81:c6:
b7:b6:46:54:46:bf:21:6a:38:c9:4b:2f:8f:e5:78:ed:13:74:
be:7c:ca:66:8f:d5:1f:b6:15:cd:67:3d:f0:0d:af:f0:d7:0c:
02:c3:7d:9e:57:6f:41:c6:e2:78:bc:62:d8:53:d0:b2:ba:3b:
7a:ce:ae:22:b1:f5:db:50:19:03:22:b6:43:bb:f1:ee:91:98:
b7:d4:ac:42:86:86:19:f5:bc:79:59:f0:ec:b7:bc:1d:a9:01:
0c:6f:72:9a:08:1b:2b:6f:57:22:1d:70:8c:c4:c2:b2:4e:bd:
06:b2:eb:3d:54:70:a9:53:60:fd:2e:d7:cb:4a:4a:7a:62:b1:
14:e4:ee:71:ec:c6:d6:2e:d1:79:ab:33:4b:3d:d7:27:cd:14:
75:dc:05:a9
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIDAZn4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI4MTU1MTA1WhcNMjUxMDAxMTU1MTA1WjAYMRYw
FAYDVQQDEw02OGIwN2FmOC0yOWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+t7esO3kZrkoY+OvHNKMsHZCanJMaz9XwumzVQAMtjbNZ09fDv/nB3oE
JHpLUOQoqlX9W7pUrrHbFVajLzUGa6YqHajVqrFCkcfVHA/6LZbYO0lvyTNdE0MZ
G9wyHebBRDi6QvWIZ0/RhCtGgiL1TyI28ZRK2cfziexFhfKJrXFpA+apntgqb+5H
xOgiMQDhS60qcYGQh/neblwnOpS735KUHbnjDUWaJ6RXdP4HAVZoSNSeI8buh1TQ
xfA5BlHYXXjCgmqvr4b+ZgQra6FWn8wFn58BrAgno6vxTzEStbRCZlb7NG4Yc8cS
tZMoux5nGep2yNMxtg+ZM8d9mfvWCQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFPDq
Z8GryluZEqrXU8KNqzRFIdjzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENzE0MzRBQzg0MjYxMUYwODg2RDA0RENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBACaxiUDBAOaxiADBAGa
y84DBAKay9QDBACay9kwDAMEAZrL4gMEAZrL5AMEAJrL+gMEAZrNHDAMAwQAms3x
AwQCms3wMA0GCSqGSIb3DQEBCwUAA4IBAQA9t6nFZ748U2VeEKSVxZf/zLGBePgz
pptoNf8gbF311850xyqRdYRLWizCstV+VKdNjWOjsVkoY3NMPWYiodppvi7s00Ne
t7HJBCO8pNpbQ5S3lCF9ueRqSJ4evBbidtTgd1MGQF31vz0Jgca3tkZURr8hajjJ
Sy+P5XjtE3S+fMpmj9UfthXNZz3wDa/w1wwCw32eV29BxuJ4vGLYU9Cyujt6zq4i
sfXbUBkDIrZDu/HukZi31KxChoYZ9bx5WfDst7wdqQEMb3KaCBsrb1ciHXCMxMKy
Tr0Gsus9VHCpU2D9LtfLSkp6YrEU5O5x7MbWLtF5qzNLPdcnzRR13AWp
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:14 2025 by rpki-client