Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0390CAD0688011F08F953C8ADAE4EC9C.roa
File: 0390CAD0688011F08F953C8ADAE4EC9C.roa (raw, json)
Hash identifier: 4Ev74AxL1ASf+f1ldwVguES0RXc/mLdymAtu1hKgs4E=
Subject key identifier: 8B:B7:C9:54:ED:D9:A3:10:E0:84:2B:76:A7:2B:A9:5E:2E:54:51:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F69
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0390CAD0688011F08F953C8ADAE4EC9C.roa
Signing time: Thu 24 Jul 2025 11:19:08 +0000
ROA not before: Thu 24 Jul 2025 11:19:03 +0000
ROA not after: Fri 29 Aug 2025 11:19:03 +0000
asID: 32043
IP address blocks: 154.194.5.0/24 maxlen: 24
154.203.8.0/22 maxlen: 24
154.203.12.0/22 maxlen: 24
154.203.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 10:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102249 (0x18f69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 24 11:19:03 2025 GMT
Not After : Aug 29 11:19:03 2025 GMT
Subject: CN=688216ac-f403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b7:a9:fb:f0:0e:7b:70:45:82:21:bd:20:53:
ba:5c:4a:6d:94:bb:84:44:cd:98:4e:50:7c:3a:2c:
be:ae:ae:e5:b2:de:03:58:b5:27:05:a1:20:93:b8:
7e:f4:a0:4c:62:bc:32:2d:fd:c3:f7:05:65:a2:6e:
74:e2:36:a2:3d:1c:a3:07:c5:c0:3d:dc:2b:61:46:
c5:d3:ac:29:b5:11:f7:d1:71:5f:60:da:23:ef:d8:
9f:5a:ac:63:27:ba:f1:e8:b9:f5:76:28:cc:ad:b3:
0f:f2:c5:a2:f8:d2:59:17:2d:cf:94:2f:a4:af:59:
ba:76:b5:46:55:82:b5:b0:90:c0:82:ef:a5:04:30:
ab:ce:a9:2b:e2:ab:79:9d:de:a6:98:b9:f8:24:31:
24:6c:4b:96:4e:36:fe:72:6a:76:46:a5:41:cc:c5:
08:eb:ce:a7:8f:0b:05:21:e5:62:0f:d6:cb:49:79:
7d:b1:86:b9:a2:af:67:2c:7d:5e:c3:b0:6c:f1:8d:
b3:11:d9:82:8f:34:6f:a9:93:07:d5:c5:b3:02:0b:
a5:da:0f:a8:9a:3f:ae:c1:61:60:db:02:99:6e:38:
43:89:55:9c:b2:94:fb:55:18:20:4d:a0:6d:ac:1c:
e2:43:1f:53:cd:d1:4c:8a:24:65:e8:55:3a:7c:9c:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B7:C9:54:ED:D9:A3:10:E0:84:2B:76:A7:2B:A9:5E:2E:54:51:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0390CAD0688011F08F953C8ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.5.0/24
154.203.8.0/21
154.203.243.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:8c:cd:64:90:79:52:02:f5:1c:9f:53:d0:f0:58:72:40:a4:
9e:f6:2f:a4:87:8c:a4:79:e1:5f:5c:bd:a1:05:56:7e:de:34:
2b:04:bb:53:8c:91:29:4f:64:7e:c6:28:9f:b7:9d:b7:c5:26:
4f:8c:be:e1:d7:2d:58:f5:f3:e6:8c:04:43:00:83:80:51:f8:
b5:88:95:e9:0b:16:fd:ed:8b:45:21:2a:9d:16:c4:ce:fe:1d:
3d:c9:77:52:33:5b:e6:f2:b3:d2:e4:66:0d:4d:fb:2c:84:99:
a9:ee:d3:72:7d:43:fc:66:ba:27:a8:8f:59:b6:15:b8:22:9b:
e8:13:c6:7a:01:e8:27:47:2f:a3:75:9f:b1:43:92:ea:32:11:
38:f1:52:f0:9d:9e:1b:34:22:bb:ef:09:78:f0:64:f1:f5:00:
4f:b2:b0:a5:e3:24:3b:b7:e3:e4:75:cd:e8:8c:cd:4b:a4:79:
4c:c1:a3:dd:08:06:56:7d:71:ac:f7:02:86:5e:c2:be:f9:19:
8d:d6:0b:b8:ff:bd:3d:37:8b:10:90:ef:00:b5:c0:d3:c8:02:
7a:2c:d7:bd:aa:66:16:54:90:70:f1:6e:0b:41:45:b2:bf:d8:
5b:6d:26:99:87:9f:59:63:a2:c8:47:28:bd:ab:f1:b8:ab:15:
24:12:81:f2
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAY9pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI0MTExOTAzWhcNMjUwODI5MTExOTAzWjAYMRYw
FAYDVQQDEw02ODgyMTZhYy1mNDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA47ep+/AOe3BFgiG9IFO6XEptlLuERM2YTlB8Oiy+rq7lst4DWLUnBaEg
k7h+9KBMYrwyLf3D9wVlom504jaiPRyjB8XAPdwrYUbF06wptRH30XFfYNoj79if
WqxjJ7rx6Ln1dijMrbMP8sWi+NJZFy3PlC+kr1m6drVGVYK1sJDAgu+lBDCrzqkr
4qt5nd6mmLn4JDEkbEuWTjb+cmp2RqVBzMUI686njwsFIeViD9bLSXl9sYa5oq9n
LH1ew7Bs8Y2zEdmCjzRvqZMH1cWzAgul2g+omj+uwWFg2wKZbjhDiVWcspT7VRgg
TaBtrBziQx9TzdFMiiRl6FU6fJwN7wIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIu3
yVTt2aMQ4IQrdqcrqV4uVFGEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzkwQ0FEMDY4ODAxMUYwOEY5NTNDOEFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAmsIFAwQDmssIAwQAmsvz
MA0GCSqGSIb3DQEBCwUAA4IBAQA6jM1kkHlSAvUcn1PQ8FhyQKSe9i+kh4ykeeFf
XL2hBVZ+3jQrBLtTjJEpT2R+xiift523xSZPjL7h1y1Y9fPmjARDAIOAUfi1iJXp
Cxb97YtFISqdFsTO/h09yXdSM1vm8rPS5GYNTfsshJmp7tNyfUP8ZronqI9ZthW4
IpvoE8Z6AegnRy+jdZ+xQ5LqMhE48VLwnZ4bNCK77wl48GTx9QBPsrCl4yQ7t+Pk
dc3ojM1LpHlMwaPdCAZWfXGs9wKGXsK++RmN1gu4/709N4sQkO8AtcDTyAJ6LNe9
qmYWVJBw8W4LQUWyv9hbbSaZh59ZY6LIRyi9q/G4qxUkEoHy
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:25:41 2025 by rpki-client