Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D92F7196822F11F0BC48A57CDAE4EC9C.roa
File: D92F7196822F11F0BC48A57CDAE4EC9C.roa (raw, json)
Hash identifier: CVUTHxORR2jhP2BzegJNRbg7QFMFhCyWjpnpkpAkmkQ=
Subject key identifier: 99:91:1B:36:8C:3E:1F:57:46:F4:C9:1E:89:AA:B5:AF:9D:4B:58:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01978D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D92F7196822F11F0BC48A57CDAE4EC9C.roa
Signing time: Tue 26 Aug 2025 03:50:47 +0000
ROA not before: Tue 26 Aug 2025 03:50:40 +0000
ROA not after: Thu 25 Sep 2025 03:50:40 +0000
asID: 54801
IP address blocks: 154.90.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104333 (0x1978d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 26 03:50:40 2025 GMT
Not After : Sep 25 03:50:40 2025 GMT
Subject: CN=68ad2f17-7dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:03:a8:1b:31:6b:89:b8:c9:22:b8:48:1c:f4:
50:44:78:b2:13:a0:3b:d9:8f:3d:a8:d4:e3:a6:17:
b0:93:58:a4:68:57:d1:fb:49:dc:f8:fd:69:33:88:
e1:96:8f:75:7a:68:ea:83:bc:43:1a:e3:a0:28:f0:
56:fb:c7:33:58:dd:0d:08:a7:d7:5c:61:28:64:65:
1f:0d:fc:43:99:ab:98:ff:52:98:7a:4e:e0:8a:e9:
c6:bb:96:fd:46:1b:ba:53:e3:d2:9a:81:9b:2c:45:
02:f9:3e:20:85:36:75:bf:72:93:a5:ed:78:6f:2d:
3b:c2:c8:a6:95:ee:25:e5:9d:a0:4e:2e:b3:c4:55:
d3:6e:2b:12:7f:a5:64:ce:59:bf:a7:43:85:5e:1f:
09:28:22:6c:1e:5d:c0:27:ba:8e:f6:67:9c:55:c4:
68:52:5a:52:8c:ed:59:66:a7:7a:4d:03:52:67:68:
a1:bd:a7:2b:d0:1f:2d:3e:db:86:35:1f:99:90:46:
c5:8f:ef:20:dc:e3:3d:23:33:9d:59:a2:c8:6f:2d:
71:cf:99:78:f0:80:4e:c8:25:ab:f7:a2:e6:67:89:
b6:fe:f7:7b:5c:8c:b8:77:b3:79:df:84:fe:df:c8:
30:d3:03:a9:ad:43:2e:e5:57:93:90:23:24:b2:fa:
df:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:91:1B:36:8C:3E:1F:57:46:F4:C9:1E:89:AA:B5:AF:9D:4B:58:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D92F7196822F11F0BC48A57CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.28.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:32:87:ac:b4:f6:6d:20:02:d9:06:52:7e:70:19:a2:ff:a2:
af:c4:a5:13:cc:c7:df:cc:98:5b:c4:07:34:a2:3e:be:b6:8c:
a0:2e:13:56:3e:16:2f:f7:41:94:40:d2:dd:53:c4:82:bc:76:
1e:03:6b:5b:a8:17:8d:56:36:2a:0f:5b:c1:bd:a0:aa:2a:d1:
0d:53:ef:63:a9:5a:2f:f4:23:0c:dc:8e:ff:fb:6a:02:85:58:
15:f3:c6:7a:87:18:17:8b:f9:17:66:85:37:42:0b:0d:ca:ab:
01:e4:05:86:cd:95:87:48:e8:e4:f0:d4:95:0d:c5:21:7c:35:
07:26:57:22:7f:6b:56:cc:00:96:8c:a5:4e:ab:95:b4:c2:16:
83:7f:8d:a4:9d:ba:4f:b6:ae:cd:0a:f4:23:28:07:65:75:eb:
99:76:a4:ae:2d:5f:50:78:b4:6d:82:2d:eb:6d:25:b2:fd:12:
c4:82:28:e8:91:09:4b:88:69:90:62:2b:75:26:66:a3:32:e1:
d2:74:f5:57:e5:30:95:7c:69:ba:53:46:4f:d2:8e:9d:c3:9e:
8f:93:50:73:36:4e:d5:04:b5:9c:0d:62:77:c7:3b:fe:4f:33:
a8:bc:64:e7:93:31:22:79:75:ad:3a:36:e9:06:64:23:05:d8:
b7:75:54:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZeNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI2MDM1MDQwWhcNMjUwOTI1MDM1MDQwWjAYMRYw
FAYDVQQDEw02OGFkMmYxNy03ZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3AOoGzFribjJIrhIHPRQRHiyE6A72Y89qNTjphewk1ikaFfR+0nc+P1p
M4jhlo91emjqg7xDGuOgKPBW+8czWN0NCKfXXGEoZGUfDfxDmauY/1KYek7giunG
u5b9Rhu6U+PSmoGbLEUC+T4ghTZ1v3KTpe14by07wsimle4l5Z2gTi6zxFXTbisS
f6Vkzlm/p0OFXh8JKCJsHl3AJ7qO9mecVcRoUlpSjO1ZZqd6TQNSZ2ihvacr0B8t
PtuGNR+ZkEbFj+8g3OM9IzOdWaLIby1xz5l48IBOyCWr96LmZ4m2/vd7XIy4d7N5
34T+38gw0wOprUMu5VeTkCMksvrfKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJmR
GzaMPh9XRvTJHomqta+dS1gcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTJGNzE5NjgyMkYxMUYwQkM0OEE1N0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlocMA0GCSqGSIb3DQEB
CwUAA4IBAQCNMoestPZtIALZBlJ+cBmi/6KvxKUTzMffzJhbxAc0oj6+toygLhNW
PhYv90GUQNLdU8SCvHYeA2tbqBeNVjYqD1vBvaCqKtENU+9jqVov9CMM3I7/+2oC
hVgV88Z6hxgXi/kXZoU3QgsNyqsB5AWGzZWHSOjk8NSVDcUhfDUHJlcif2tWzACW
jKVOq5W0whaDf42knbpPtq7NCvQjKAdldeuZdqSuLV9QeLRtgi3rbSWy/RLEgijo
kQlLiGmQYit1JmajMuHSdPVX5TCVfGm6U0ZP0o6dw56Pk1BzNk7VBLWcDWJ3xzv+
TzOovGTnkzEieXWtOjbpBmQjBdi3dVSI
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:11 2025 by rpki-client