Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7A4FDFE8A5511F0B12A88A8DAE4EC9C.roa
File: D7A4FDFE8A5511F0B12A88A8DAE4EC9C.roa (raw, json)
Hash identifier: +aziiDxNhgKUl3XKDhsCKI8PqUPuzcHh3r60eRfHfvI=
Subject key identifier: 08:89:68:73:30:A3:22:54:94:26:42:CE:E3:04:0D:26:02:E2:B4:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E32
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7A4FDFE8A5511F0B12A88A8DAE4EC9C.roa
Signing time: Fri 05 Sep 2025 12:42:55 +0000
ROA not before: Fri 05 Sep 2025 12:42:50 +0000
ROA not after: Fri 12 Dec 2025 12:42:50 +0000
asID: 54600
IP address blocks: 154.92.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 17 Sep 2025 00:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106034 (0x19e32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 5 12:42:50 2025 GMT
Not After : Dec 12 12:42:50 2025 GMT
Subject: CN=68badacf-798b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:7a:82:8b:d5:64:8c:07:e5:90:9b:5b:4c:
56:aa:8c:3d:ce:a2:20:cc:44:44:f0:33:4a:d8:43:
48:03:dd:6d:4f:69:21:3d:91:95:1d:4b:bb:2f:93:
58:61:3e:a0:6b:a4:20:15:07:65:48:f3:7d:ac:f0:
8c:eb:c1:7e:8c:15:1b:8a:3f:a9:83:3e:2f:b9:64:
13:b6:8d:b5:58:eb:83:8b:64:9e:1e:fe:a1:65:df:
8f:25:ec:d8:09:28:ad:ad:10:2a:0b:9e:a4:78:99:
39:d1:39:79:ea:d3:20:3d:ff:e5:51:1f:8c:ab:da:
4c:90:30:77:9c:78:e2:79:ab:de:af:57:e4:42:c2:
50:9a:9a:34:20:e4:8d:11:a7:a2:f8:f3:db:d8:5f:
f8:41:f4:9a:e2:fa:66:68:a6:75:b5:be:ca:7d:4e:
02:81:37:6c:09:cb:f0:9e:58:29:0f:84:f7:e4:91:
01:9b:26:0b:aa:7b:cd:19:29:a5:2e:65:9f:12:0c:
2d:c1:0f:a1:4d:38:fb:da:a7:bd:5d:1d:d5:a5:07:
2f:0f:2d:9e:20:97:31:48:b7:c5:70:88:fb:41:9a:
48:16:dc:7d:b4:90:5a:f0:03:5c:ff:83:c8:04:c2:
7a:57:9c:61:27:0d:b1:66:f9:eb:93:17:dc:19:cc:
3c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:89:68:73:30:A3:22:54:94:26:42:CE:E3:04:0D:26:02:E2:B4:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7A4FDFE8A5511F0B12A88A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.176.0/20
Signature Algorithm: sha256WithRSAEncryption
13:19:bd:3f:3f:c3:4f:0c:8e:75:88:df:db:3d:a2:e3:55:73:
30:c7:f3:c0:d3:01:5c:18:f3:2c:9b:fc:32:d8:79:c8:65:42:
64:84:c3:79:0f:5d:91:8a:c6:05:63:f2:23:9e:60:f0:1b:39:
11:1a:f6:53:e0:46:53:20:79:f8:7e:14:8a:5b:ff:c0:f9:cc:
be:b4:c2:2f:3f:40:08:0a:f1:9d:ae:9c:12:a8:90:19:86:5d:
b3:76:bf:41:fb:98:00:80:01:77:9a:53:06:cf:7e:6f:90:a6:
3c:bc:52:16:ba:db:4a:dd:74:57:16:d3:7b:2d:85:08:84:56:
47:09:f3:33:3d:50:07:9c:b7:ce:67:53:b0:d2:14:bc:70:25:
15:b6:7c:13:49:e9:41:e8:b2:28:f9:c8:4e:77:9e:96:96:a8:
77:82:f1:6e:d4:25:13:e0:23:22:6a:fb:b1:50:e2:f4:a3:1d:
e8:69:93:fd:77:d4:bf:7a:2d:bc:b2:9b:dc:db:8e:6d:7b:00:
f1:e9:c9:d4:a1:05:73:91:05:ab:e4:60:4d:cd:43:47:74:b8:
5a:fb:6e:b5:fc:8f:db:73:82:5a:70:60:d8:52:a3:db:ec:16:
59:1f:22:31:20:99:f5:82:88:ab:d4:4f:b7:d8:29:b0:1b:79:
bb:cb:6a:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ4yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA1MTI0MjUwWhcNMjUxMjEyMTI0MjUwWjAYMRYw
FAYDVQQDEw02OGJhZGFjZi03OThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzM96govVZIwH5ZCbW0xWqow9zqIgzERE8DNK2ENIA91tT2khPZGVHUu7
L5NYYT6ga6QgFQdlSPN9rPCM68F+jBUbij+pgz4vuWQTto21WOuDi2SeHv6hZd+P
JezYCSitrRAqC56keJk50Tl56tMgPf/lUR+Mq9pMkDB3nHjieaver1fkQsJQmpo0
IOSNEaei+PPb2F/4QfSa4vpmaKZ1tb7KfU4CgTdsCcvwnlgpD4T35JEBmyYLqnvN
GSmlLmWfEgwtwQ+hTTj72qe9XR3VpQcvDy2eIJcxSLfFcIj7QZpIFtx9tJBa8ANc
/4PIBMJ6V5xhJw2xZvnrkxfcGcw8dwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAiJ
aHMwoyJUlCZCzuMEDSYC4rTuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EN0E0RkRGRThBNTUxMUYwQjEyQTg4QThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlywMA0GCSqGSIb3DQEB
CwUAA4IBAQATGb0/P8NPDI51iN/bPaLjVXMwx/PA0wFcGPMsm/wy2HnIZUJkhMN5
D12RisYFY/IjnmDwGzkRGvZT4EZTIHn4fhSKW//A+cy+tMIvP0AICvGdrpwSqJAZ
hl2zdr9B+5gAgAF3mlMGz35vkKY8vFIWuttK3XRXFtN7LYUIhFZHCfMzPVAHnLfO
Z1Ow0hS8cCUVtnwTSelB6LIo+chOd56Wlqh3gvFu1CUT4CMiavuxUOL0ox3oaZP9
d9S/ei28spvc245tewDx6cnUoQVzkQWr5GBNzUNHdLha+261/I/bc4JacGDYUqPb
7BZZHyIxIJn1goir1E+32CmwG3m7y2rb
-----END CERTIFICATE-----
Generated at Mon Sep 15 05:07:38 2025 by rpki-client