Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09C74A306FD511F098FE69BFDAE4EC9C.roa
File: 09C74A306FD511F098FE69BFDAE4EC9C.roa (raw, json)
Hash identifier: xZh3FQtXL/TvXwN7dt1qhBvpsdAlFOPz4D44yf/Hogc=
Subject key identifier: EB:68:2D:17:A1:C8:43:E1:53:FD:6C:24:C4:28:CB:C9:11:69:65:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019066
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09C74A306FD511F098FE69BFDAE4EC9C.roa
Signing time: Sat 02 Aug 2025 19:15:23 +0000
ROA not before: Sat 02 Aug 2025 19:15:19 +0000
ROA not after: Sat 13 Sep 2025 19:15:19 +0000
asID: 211826
IP address blocks: 154.197.91.0/24 maxlen: 24
154.197.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102502 (0x19066)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 19:15:19 2025 GMT
Not After : Sep 13 19:15:19 2025 GMT
Subject: CN=688e63cb-9583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a8:00:6a:d4:76:dd:54:7f:94:36:02:f7:ce:
a0:ab:c0:00:4b:fe:67:a6:9e:fa:55:96:f6:a3:1b:
80:b3:bc:3e:60:6a:6a:01:20:19:6e:9f:26:e7:ab:
7f:1e:ee:87:8f:0d:30:60:a9:bb:98:f2:31:bc:88:
15:c0:a2:de:97:44:d1:d9:80:38:c2:2b:de:a8:fc:
76:15:51:8a:3b:18:12:31:66:2d:7d:ce:ec:8d:0f:
97:2e:11:f6:d5:bc:09:16:33:74:12:e2:62:31:16:
b3:07:e9:ef:d4:6e:ec:0e:04:cc:3d:9c:5d:66:b7:
26:13:dd:30:ca:b6:9c:cd:01:f8:14:8b:00:47:4f:
e8:80:ab:e2:1d:7c:72:35:9b:0c:76:3b:52:5a:4b:
73:10:ad:3d:90:cb:5b:3c:6d:cf:17:64:11:22:70:
67:df:f6:60:17:ae:1a:d1:56:df:63:cc:9b:15:87:
0e:d8:47:b6:98:ea:c0:bf:de:90:7f:ca:69:8b:16:
3e:1f:05:2d:e9:3b:32:fc:7b:b0:a7:2a:83:c2:0b:
4b:ff:d7:e7:a8:7e:6e:b1:8a:1b:7c:97:05:23:8c:
dd:f0:a1:60:46:73:23:4e:b4:1e:e5:92:47:42:ed:
1b:81:92:93:15:d9:5b:4f:73:35:86:60:f6:d9:32:
c7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:68:2D:17:A1:C8:43:E1:53:FD:6C:24:C4:28:CB:C9:11:69:65:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09C74A306FD511F098FE69BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.91.0/24
154.197.110.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:76:70:58:a6:04:e8:00:33:75:49:be:22:e5:11:52:fd:5e:
d1:e7:bf:ba:35:a4:12:61:83:ad:1e:09:b6:9b:81:21:e5:50:
27:d9:47:8d:2a:ce:c8:1d:ab:ff:eb:31:62:9c:c7:a9:51:e2:
78:4f:94:de:10:30:03:b7:f0:7a:87:16:0e:9f:f4:65:b9:3c:
8c:47:23:8f:f9:57:db:d5:27:74:63:d8:25:a4:6c:42:76:e4:
04:35:cd:8a:c8:48:20:50:73:ec:9e:46:2d:27:d4:7e:6c:fe:
a9:bf:2c:b0:c9:a7:55:8d:28:28:3e:40:45:7b:83:76:23:89:
0f:f2:b5:57:62:71:f7:7c:bc:62:f2:b2:2a:df:2d:6e:f1:89:
0c:7d:39:7b:de:a5:37:6f:cc:5c:31:ff:3b:48:19:8a:c9:ea:
02:fe:28:11:21:3c:a8:5e:e4:d4:d8:3d:dd:4b:f2:c9:57:e7:
66:b8:d5:a1:68:1f:d1:9f:d2:7a:e9:fd:77:73:72:19:5e:dc:
24:22:da:9b:ae:4b:47:72:ad:fe:1b:6f:0a:be:80:a6:43:a4:
f3:10:c6:4c:aa:c6:48:94:14:4b:3f:cb:f5:60:d4:31:f7:d2:
e9:ae:c4:e6:28:8c:67:cb:5a:87:ce:9f:58:3b:c9:c5:50:d5:
1b:96:86:70
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZBmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMTkxNTE5WhcNMjUwOTEzMTkxNTE5WjAYMRYw
FAYDVQQDEw02ODhlNjNjYi05NTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3qgAatR23VR/lDYC986gq8AAS/5npp76VZb2oxuAs7w+YGpqASAZbp8m
56t/Hu6Hjw0wYKm7mPIxvIgVwKLel0TR2YA4wiveqPx2FVGKOxgSMWYtfc7sjQ+X
LhH21bwJFjN0EuJiMRazB+nv1G7sDgTMPZxdZrcmE90wyraczQH4FIsAR0/ogKvi
HXxyNZsMdjtSWktzEK09kMtbPG3PF2QRInBn3/ZgF64a0VbfY8ybFYcO2Ee2mOrA
v96Qf8ppixY+HwUt6Tsy/HuwpyqDwgtL/9fnqH5usYobfJcFI4zd8KFgRnMjTrQe
5ZJHQu0bgZKTFdlbT3M1hmD22TLHKwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOto
LRehyEPhU/1sJMQoy8kRaWUHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOUM3NEEzMDZGRDUxMUYwOThGRTY5QkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsVbAwQAmsVuMA0GCSqG
SIb3DQEBCwUAA4IBAQDMdnBYpgToADN1Sb4i5RFS/V7R57+6NaQSYYOtHgm2m4Eh
5VAn2UeNKs7IHav/6zFinMepUeJ4T5TeEDADt/B6hxYOn/RluTyMRyOP+Vfb1Sd0
Y9glpGxCduQENc2KyEggUHPsnkYtJ9R+bP6pvyywyadVjSgoPkBFe4N2I4kP8rVX
YnH3fLxi8rIq3y1u8YkMfTl73qU3b8xcMf87SBmKyeoC/igRITyoXuTU2D3dS/LJ
V+dmuNWhaB/Rn9J66f13c3IZXtwkItqbrktHcq3+G28KvoCmQ6TzEMZMqsZIlBRL
P8v1YNQx99LprsTmKIxny1qHzp9YO8nFUNUbloZw
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:51:29 2025 by rpki-client