Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/209DB4826FF411F0B2F7F985DAE4EC9C.roa
File: 209DB4826FF411F0B2F7F985DAE4EC9C.roa (raw, json)
Hash identifier: aCNmi94OJOJlD7QiapMhvNS2LRiUdYlVeE7G3jcinYE=
Subject key identifier: A5:3C:36:BE:90:E2:AD:6A:FB:51:64:A2:8D:E8:DB:38:D2:03:7C:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01908E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/209DB4826FF411F0B2F7F985DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 22:57:56 +0000
ROA not before: Sat 02 Aug 2025 22:57:51 +0000
ROA not after: Sun 05 Oct 2025 22:57:51 +0000
asID: 398993
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102542 (0x1908e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 22:57:51 2025 GMT
Not After : Oct 5 22:57:51 2025 GMT
Subject: CN=688e97f4-3ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:84:b1:05:30:46:9c:b4:0b:6c:1d:95:06:cb:
3e:e5:d7:c4:8f:cf:43:7b:32:3c:14:f4:95:12:1a:
22:78:af:b0:50:e8:93:0d:de:5d:1e:6f:8d:49:f3:
9b:ae:c1:e2:ed:08:97:e8:ca:3c:6c:6b:d5:28:14:
3f:53:da:27:fe:96:35:b0:4f:cd:1c:92:47:4c:a5:
95:f8:28:34:00:c0:19:05:36:ee:77:9a:3d:d6:42:
1c:89:14:3d:01:3b:d9:6f:a9:03:9a:39:71:63:c4:
58:78:9c:82:61:12:a4:85:51:1d:ee:1d:0c:0c:bd:
64:70:e6:85:b5:0b:c6:6e:a7:ac:67:e3:69:49:f9:
79:4b:c3:f9:44:86:b7:9b:48:6c:6b:a0:c7:42:2a:
e3:de:30:2e:74:8c:21:70:88:3b:45:b7:30:94:de:
03:77:83:2e:34:b3:01:0b:fb:a5:4b:bd:2b:b3:61:
f3:93:79:c1:e0:4d:19:ca:7a:19:5e:f0:e7:5b:de:
90:a3:7e:6d:e3:07:b1:f2:0c:30:da:56:6a:d3:88:
45:cf:af:f0:43:c8:6f:5a:a8:78:48:64:2e:1d:05:
3a:f6:b9:3e:79:ea:7d:36:2e:94:97:14:f8:d4:61:
92:5a:01:c2:d1:11:14:6a:81:9b:52:5b:b7:9d:45:
0b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3C:36:BE:90:E2:AD:6A:FB:51:64:A2:8D:E8:DB:38:D2:03:7C:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/209DB4826FF411F0B2F7F985DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:22:1a:2e:eb:e3:82:01:e3:70:37:33:b5:fe:47:90:a0:1f:
f6:56:45:ef:bf:9b:3b:77:64:0a:37:1e:2e:5f:0a:34:3c:c4:
9d:21:0b:7f:85:88:a2:ae:48:ac:41:9c:ae:06:39:2b:70:81:
0f:8b:87:01:98:3e:35:c9:7f:51:2d:2e:a8:e0:79:b1:bb:fa:
c4:be:a0:1a:e9:ec:d3:13:4d:9d:a1:9c:15:11:fc:87:c5:11:
55:e4:dd:c6:3a:b4:56:7c:96:63:d4:4c:7f:1a:fe:2d:5b:82:
40:c2:93:66:41:c8:e5:78:22:1c:75:7d:08:24:14:9d:67:f9:
21:ed:65:ab:ff:bd:86:5a:65:52:f6:ea:44:cc:cf:41:a5:2a:
dc:98:cb:e7:6c:91:d8:8b:bc:4a:6f:bd:a9:50:67:cf:d0:3c:
a7:5d:27:64:c5:d8:20:30:18:31:8f:78:2e:1d:6a:d1:9f:b1:
1c:51:b7:1a:9b:59:26:9f:cc:46:ab:d2:3a:f0:20:65:66:60:
29:c0:bf:20:ed:94:28:0a:5a:3c:fb:ec:e5:01:92:d7:1c:2a:
bd:d4:9c:0f:57:df:bf:10:16:80:6f:19:5b:52:ed:14:93:8a:
2a:81:ce:35:e1:72:45:9c:23:47:c0:17:5c:d2:2b:e2:e4:45:
b6:70:32:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZCOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMjI1NzUxWhcNMjUxMDA1MjI1NzUxWjAYMRYw
FAYDVQQDEw02ODhlOTdmNC0zYWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwYSxBTBGnLQLbB2VBss+5dfEj89DezI8FPSVEhoieK+wUOiTDd5dHm+N
SfObrsHi7QiX6Mo8bGvVKBQ/U9on/pY1sE/NHJJHTKWV+Cg0AMAZBTbud5o91kIc
iRQ9ATvZb6kDmjlxY8RYeJyCYRKkhVEd7h0MDL1kcOaFtQvGbqesZ+NpSfl5S8P5
RIa3m0hsa6DHQirj3jAudIwhcIg7RbcwlN4Dd4MuNLMBC/ulS70rs2Hzk3nB4E0Z
ynoZXvDnW96Qo35t4wex8gww2lZq04hFz6/wQ8hvWqh4SGQuHQU69rk+eep9Ni6U
lxT41GGSWgHC0REUaoGbUlu3nUULzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKU8
Nr6Q4q1q+1Fkoo3o2zjSA3xBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDlEQjQ4MjZGRjQxMUYwQjJGN0Y5ODVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQChIhou6+OCAeNwNzO1/keQoB/2VkXvv5s7d2QKNx4uXwo0PMSdIQt/
hYiirkisQZyuBjkrcIEPi4cBmD41yX9RLS6o4Hmxu/rEvqAa6ezTE02doZwVEfyH
xRFV5N3GOrRWfJZj1Ex/Gv4tW4JAwpNmQcjleCIcdX0IJBSdZ/kh7WWr/72GWmVS
9upEzM9BpSrcmMvnbJHYi7xKb72pUGfP0DynXSdkxdggMBgxj3guHWrRn7EcUbca
m1kmn8xGq9I68CBlZmApwL8g7ZQoClo8++zlAZLXHCq91JwPV9+/EBaAbxlbUu0U
k4oqgc414XJFnCNHwBdc0ivi5EW2cDIp
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:17:57 2025 by rpki-client