Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E02AF16C823111F0B3EF448BDAE4EC9C.roa
File: E02AF16C823111F0B3EF448BDAE4EC9C.roa (raw, json)
Hash identifier: qgfhIr3Q6NiR+WXfKJDTNURUuNlXY3QDFPhuGLTDeJo=
Subject key identifier: 63:1A:FD:36:D3:39:BA:60:43:11:B5:75:55:8C:7D:08:80:B4:44:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019793
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E02AF16C823111F0B3EF448BDAE4EC9C.roa
Signing time: Tue 26 Aug 2025 04:05:18 +0000
ROA not before: Tue 26 Aug 2025 04:03:27 +0000
ROA not after: Thu 25 Sep 2025 04:03:27 +0000
asID: 54801
IP address blocks: 154.201.40.0/23 maxlen: 24
154.222.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104339 (0x19793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 26 04:03:27 2025 GMT
Not After : Sep 25 04:03:27 2025 GMT
Subject: CN=68ad327e-8aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:de:ec:41:0f:cb:22:00:3d:94:77:8b:b3:44:
c1:1d:42:f9:86:2c:03:44:4e:97:83:b4:41:6a:ec:
c4:04:58:c7:af:63:ee:fa:08:e0:c6:cc:1d:bb:27:
0b:37:76:0b:fd:34:a1:37:7e:97:22:be:2c:ee:b0:
db:f2:e2:65:92:60:84:97:d5:72:01:5c:9b:4b:df:
0b:2d:9a:74:07:48:ea:9d:dc:0c:f6:54:99:ed:53:
bd:72:b9:78:18:6b:28:3e:cd:ae:6a:a0:59:fe:c4:
21:e1:bf:04:d5:70:88:3a:a8:8d:6d:d2:31:a2:bd:
3a:30:64:24:b4:f1:7a:ca:86:16:7e:2f:cb:44:ac:
63:67:b1:b7:30:a4:20:e0:27:3a:05:53:9d:df:dc:
d9:9e:0a:b5:d2:be:9c:e5:34:1c:dd:6c:be:5d:e2:
fb:70:d8:8f:f3:7e:73:0d:5a:62:a8:03:c3:2f:55:
41:b0:af:67:12:19:08:79:85:81:64:dc:06:e7:9b:
9b:ee:af:0b:f6:b3:ab:a3:4d:a6:81:67:f2:97:37:
f3:12:4e:7b:e3:47:da:25:e0:0e:fe:63:d9:2f:00:
93:f4:31:51:56:34:70:2a:6a:ba:56:49:c5:03:52:
9b:4e:d8:89:e6:09:4e:a5:29:5b:60:96:86:f0:ff:
c6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:1A:FD:36:D3:39:BA:60:43:11:B5:75:55:8C:7D:08:80:B4:44:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E02AF16C823111F0B3EF448BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.40.0/23
154.222.146.0/23
Signature Algorithm: sha256WithRSAEncryption
22:03:00:19:6b:01:38:43:d7:61:de:9a:d4:d7:d7:77:a0:d2:
a4:1e:2b:21:0d:9e:b3:94:52:c5:0e:69:50:23:7a:68:f4:26:
a8:60:59:ea:d8:24:2c:ff:89:f3:c0:78:12:f9:49:22:f8:ed:
14:b9:c4:91:8d:f0:0f:3b:63:83:83:3c:0d:6d:61:90:d7:5c:
89:b3:ce:d3:c4:45:f0:c6:2e:73:7a:39:73:f3:f2:52:54:96:
a5:4e:c2:b6:f6:69:31:03:9d:5e:d6:6a:0b:36:c6:65:fa:93:
10:bd:81:b8:b5:d1:28:50:e2:35:d7:cc:59:16:3c:6c:10:df:
b5:be:32:ff:cd:13:1c:3c:6d:65:7d:66:47:15:d8:2d:d6:43:
39:89:1b:8a:01:45:99:94:7a:60:ba:01:a5:99:65:3e:b7:0b:
65:29:a8:a5:00:38:46:b9:ca:98:06:94:6a:44:90:9e:ff:ea:
5a:8f:10:07:02:14:0a:d5:14:a7:a7:d4:f1:9d:83:2c:fa:94:
b4:2e:00:fb:dc:96:d0:b8:da:f8:98:5f:35:bc:f3:33:3c:8e:
28:ab:8b:d5:c7:0f:9b:1b:c7:25:1b:7e:4c:e7:11:3d:e5:cb:
9c:61:25:ba:b3:3b:75:c6:ba:e3:08:8b:92:b4:1f:7b:9e:c5:
4a:18:71:82
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZeTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI2MDQwMzI3WhcNMjUwOTI1MDQwMzI3WjAYMRYw
FAYDVQQDEw02OGFkMzI3ZS04YWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp97sQQ/LIgA9lHeLs0TBHUL5hiwDRE6Xg7RBauzEBFjHr2Pu+gjgxswd
uycLN3YL/TShN36XIr4s7rDb8uJlkmCEl9VyAVybS98LLZp0B0jqndwM9lSZ7VO9
crl4GGsoPs2uaqBZ/sQh4b8E1XCIOqiNbdIxor06MGQktPF6yoYWfi/LRKxjZ7G3
MKQg4Cc6BVOd39zZngq10r6c5TQc3Wy+XeL7cNiP835zDVpiqAPDL1VBsK9nEhkI
eYWBZNwG55ub7q8L9rOro02mgWfylzfzEk5740faJeAO/mPZLwCT9DFRVjRwKmq6
VknFA1KbTtiJ5glOpSlbYJaG8P/GtQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGMa
/TbTObpgQxG1dVWMfQiAtERoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMDJBRjE2QzgyMzExMUYwQjNFRjQ0OEJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmskoAwQBmt6SMA0GCSqG
SIb3DQEBCwUAA4IBAQAiAwAZawE4Q9dh3prU19d3oNKkHishDZ6zlFLFDmlQI3po
9CaoYFnq2CQs/4nzwHgS+Uki+O0UucSRjfAPO2ODgzwNbWGQ11yJs87TxEXwxi5z
ejlz8/JSVJalTsK29mkxA51e1moLNsZl+pMQvYG4tdEoUOI118xZFjxsEN+1vjL/
zRMcPG1lfWZHFdgt1kM5iRuKAUWZlHpgugGlmWU+twtlKailADhGucqYBpRqRJCe
/+pajxAHAhQK1RSnp9TxnYMs+pS0LgD73JbQuNr4mF81vPMzPI4oq4vVxw+bG8cl
G35M5xE95cucYSW6szt1xrrjCIuStB97nsVKGHGC
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:41:44 2025 by rpki-client