Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8943BC0837611F0B1C07AD4DAE4EC9C.roa
File: D8943BC0837611F0B1C07AD4DAE4EC9C.roa (raw, json)
Hash identifier: M3c1ZvQyImcP9DNb7JNjJ13Bnf/hHmYGym+Ye0oy/n4=
Subject key identifier: 4E:BF:F7:C0:45:B3:DE:6F:E2:CE:F3:AD:A9:BE:A0:DE:2B:8E:A8:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0198F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8943BC0837611F0B1C07AD4DAE4EC9C.roa
Signing time: Wed 27 Aug 2025 18:51:31 +0000
ROA not before: Wed 27 Aug 2025 18:51:26 +0000
ROA not after: Mon 03 Nov 2025 18:51:26 +0000
asID: 138915
IP address blocks: 154.94.66.0/23 maxlen: 24
154.94.86.0/24 maxlen: 24
154.94.87.0/24 maxlen: 24
154.94.116.0/24 maxlen: 24
154.94.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104693 (0x198f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 27 18:51:26 2025 GMT
Not After : Nov 3 18:51:26 2025 GMT
Subject: CN=68af53b3-618a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:d1:30:a9:3e:96:f1:8e:8b:c1:69:2d:f1:
f1:1c:9f:24:b0:12:2e:98:ab:51:08:78:6b:6a:4f:
6f:b4:5e:b3:df:e6:d6:7f:51:ee:4e:0f:54:a4:9f:
e7:cd:5b:93:18:69:dd:1b:0d:94:26:be:f3:7e:51:
68:ee:f6:e7:64:47:86:47:0b:f7:87:93:2f:3a:63:
89:ec:33:a8:ac:20:de:23:c4:69:d9:1c:97:99:05:
50:73:11:00:2e:44:d1:61:d5:3f:c9:dd:f2:d9:7a:
0e:c3:64:95:d6:79:14:a6:d0:9f:52:bd:e7:ca:86:
e2:a5:50:87:e3:56:0d:ef:c2:cd:f7:f6:ad:09:6b:
d7:fb:a7:ab:d9:25:b7:e5:45:3e:c0:bb:bf:0d:04:
72:c6:37:a3:4f:72:4d:33:5d:ba:21:32:87:d5:cd:
11:d3:74:ba:d1:27:fa:cf:12:a2:de:8c:57:04:f2:
54:9c:21:12:ca:00:91:c2:b9:7c:96:3f:de:7e:09:
f8:e2:3e:44:76:e8:6f:df:88:06:79:ed:b2:36:09:
8b:2f:02:16:d9:2c:19:6c:01:41:57:2f:4e:77:c1:
eb:4c:e2:cf:b5:35:5b:4f:10:f1:f5:17:be:38:21:
65:67:a5:c0:53:7d:53:22:d5:99:f3:78:0a:73:02:
c0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BF:F7:C0:45:B3:DE:6F:E2:CE:F3:AD:A9:BE:A0:DE:2B:8E:A8:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8943BC0837611F0B1C07AD4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.66.0/23
154.94.86.0/23
154.94.116.0/24
154.94.125.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:6d:76:4d:36:ef:1a:c8:be:37:a7:db:99:f6:0f:b3:fd:8e:
32:41:e0:4b:c2:9a:b6:e1:da:c5:c8:0f:37:3f:7d:0f:10:a1:
53:a5:7e:e7:ea:66:00:bd:96:75:0f:1a:19:26:ef:4f:11:1f:
9e:11:55:6a:89:60:98:1c:ce:77:1a:d1:8f:75:27:c3:07:1c:
3d:16:45:d1:e7:f3:b1:ac:fe:34:76:23:e2:22:12:e0:32:d3:
69:13:66:58:2d:97:da:4b:a0:c1:ea:da:83:b0:43:ad:2a:a8:
00:1a:d7:8c:e2:e0:e6:b4:b1:71:a5:2d:e0:07:a7:f9:b1:cd:
83:b7:01:46:79:79:b7:25:16:35:b0:71:d6:09:69:77:93:6d:
eb:d8:3d:76:57:6d:5c:a0:7a:eb:9c:a4:8c:1d:8c:05:58:e4:
09:dc:1b:02:cc:b4:a9:44:00:47:c9:25:05:a2:42:44:09:78:
fb:b7:a3:60:1a:99:b8:66:28:34:d8:bc:db:86:33:3b:44:35:
75:ec:54:25:8b:25:48:35:ab:ff:e7:95:9e:16:b8:59:46:72:
18:8d:39:a8:a0:4b:be:59:fc:03:5d:7c:6b:83:86:62:00:83:
22:9e:89:d6:f0:68:80:4b:c6:6a:52:f2:70:7f:65:b5:a3:d4:
c8:38:e9:dd
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAZj1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI3MTg1MTI2WhcNMjUxMTAzMTg1MTI2WjAYMRYw
FAYDVQQDEw02OGFmNTNiMy02MThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyMHRMKk+lvGOi8FpLfHxHJ8ksBIumKtRCHhrak9vtF6z3+bWf1HuTg9U
pJ/nzVuTGGndGw2UJr7zflFo7vbnZEeGRwv3h5MvOmOJ7DOorCDeI8Rp2RyXmQVQ
cxEALkTRYdU/yd3y2XoOw2SV1nkUptCfUr3nyobipVCH41YN78LN9/atCWvX+6er
2SW35UU+wLu/DQRyxjejT3JNM126ITKH1c0R03S60Sf6zxKi3oxXBPJUnCESygCR
wrl8lj/efgn44j5Eduhv34gGee2yNgmLLwIW2SwZbAFBVy9Od8HrTOLPtTVbTxDx
9Re+OCFlZ6XAU31TItWZ83gKcwLAAQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFE6/
98BFs95v4s7zram+oN4rjqgwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EODk0M0JDMDgzNzYxMUYwQjFDMDdBRDREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBml5CAwQBml5WAwQAml50
AwQAml59MA0GCSqGSIb3DQEBCwUAA4IBAQC4bXZNNu8ayL43p9uZ9g+z/Y4yQeBL
wpq24drFyA83P30PEKFTpX7n6mYAvZZ1DxoZJu9PER+eEVVqiWCYHM53GtGPdSfD
Bxw9FkXR5/OxrP40diPiIhLgMtNpE2ZYLZfaS6DB6tqDsEOtKqgAGteM4uDmtLFx
pS3gB6f5sc2DtwFGeXm3JRY1sHHWCWl3k23r2D12V21coHrrnKSMHYwFWOQJ3BsC
zLSpRABHySUFokJECXj7t6NgGpm4Zig02LzbhjM7RDV17FQliyVINav/55WeFrhZ
RnIYjTmooEu+WfwDXXxrg4ZiAIMinonW8GiAS8ZqUvJwf2W1o9TIOOnd
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:36:03 2025 by rpki-client