Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F353266C2E11F09A74997DDAE4EC9C.roa
File: 29F353266C2E11F09A74997DDAE4EC9C.roa (raw, json)
Hash identifier: dHf6mDtQB2J6W+5/WmPWXAJ75zP64dFT0fI7DXoQazc=
Subject key identifier: CF:AA:E9:E4:61:94:02:52:FB:6D:AE:FB:34:16:A7:E0:E2:90:5F:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FDF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F353266C2E11F09A74997DDAE4EC9C.roa
Signing time: Tue 29 Jul 2025 03:43:18 +0000
ROA not before: Tue 29 Jul 2025 03:43:13 +0000
ROA not after: Wed 27 Aug 2025 03:43:13 +0000
asID: 62610
IP address blocks: 154.81.12.0/24 maxlen: 24
154.81.13.0/24 maxlen: 24
154.81.14.0/24 maxlen: 24
154.81.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 10:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102367 (0x18fdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 29 03:43:13 2025 GMT
Not After : Aug 27 03:43:13 2025 GMT
Subject: CN=68884356-5b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:12:71:df:14:8c:9c:8a:8a:52:b5:aa:c2:b1:
5e:e5:41:ca:5d:9b:21:95:a9:36:63:6f:f2:49:76:
b7:94:3c:73:c7:70:6f:c4:38:a2:d5:1c:62:89:4c:
dd:0f:76:13:35:2f:05:37:6a:ef:4d:b8:36:7d:35:
cc:be:73:af:2c:4f:cf:50:81:20:9b:aa:28:e7:30:
76:6e:40:d4:68:5b:47:1d:15:d7:e3:6a:30:1d:cc:
0b:e7:9f:48:ea:a6:30:57:bf:22:c0:0b:d9:ff:bb:
98:c5:9d:bb:75:10:ba:a8:1f:9b:5f:2a:a9:a0:1b:
a2:57:07:8a:f8:61:e3:e9:33:b6:1d:df:56:7c:87:
18:0d:df:e6:2d:a3:cb:34:ae:ce:f9:c0:9b:4e:02:
1f:ec:b6:c1:4c:19:30:c4:c0:be:40:57:ad:0d:40:
3c:58:80:4d:90:b1:b0:41:ab:e3:15:e7:55:a3:da:
81:23:ae:87:72:85:3b:76:b1:aa:8f:08:f1:92:71:
cf:4c:35:65:22:23:fe:69:a6:0a:8c:d8:06:47:99:
28:69:a6:e7:b8:35:0f:28:f6:27:8f:7f:c4:f4:6d:
8b:0c:6f:98:5a:8a:ff:32:09:93:36:94:8c:56:f2:
73:32:77:66:fa:43:22:ef:c9:6a:18:c7:11:22:c5:
5f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AA:E9:E4:61:94:02:52:FB:6D:AE:FB:34:16:A7:E0:E2:90:5F:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F353266C2E11F09A74997DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.12.0/22
Signature Algorithm: sha256WithRSAEncryption
72:a1:4c:c1:60:59:d5:73:22:01:74:64:af:b3:80:03:68:25:
cf:ad:8c:4a:48:52:2f:bd:5f:6f:b3:a9:9b:73:de:4b:08:48:
bd:3a:4e:aa:88:88:14:56:44:70:c1:95:de:46:83:da:f2:a3:
86:af:f9:ca:7b:4a:4f:35:4a:07:36:58:99:e0:1f:3a:99:1e:
52:01:8a:43:b0:83:a4:6f:86:28:96:f6:4c:b9:7b:32:52:45:
aa:ac:c3:8d:a8:d6:ac:6a:48:88:50:78:cb:68:8f:1f:85:07:
e5:df:fb:c4:20:d0:f8:53:11:27:8d:eb:76:f8:48:91:c5:98:
2f:4a:b2:bd:d8:e2:21:43:2f:d6:96:68:86:c9:c7:0a:32:7c:
8b:bb:67:4f:e7:fa:f7:01:59:c2:ca:b8:b3:a3:7b:bf:e6:b3:
ea:d6:ea:ab:f0:bb:62:a0:b3:0e:12:5a:8a:d7:d5:55:33:cb:
54:89:ab:95:81:53:05:50:ca:33:eb:25:79:5b:6e:79:e5:9c:
21:f0:13:28:58:70:a2:3b:37:3b:3c:c8:c5:29:1b:04:07:d2:
ab:9a:b8:c6:17:74:e4:38:22:61:e1:d5:61:9a:a7:1f:b5:d4:
0c:d2:dc:11:e6:29:2d:ad:08:85:42:88:c0:f3:97:55:8c:19:
e0:eb:43:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY/fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI5MDM0MzEzWhcNMjUwODI3MDM0MzEzWjAYMRYw
FAYDVQQDEw02ODg4NDM1Ni01YjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0xJx3xSMnIqKUrWqwrFe5UHKXZshlak2Y2/ySXa3lDxzx3BvxDii1Rxi
iUzdD3YTNS8FN2rvTbg2fTXMvnOvLE/PUIEgm6oo5zB2bkDUaFtHHRXX42owHcwL
559I6qYwV78iwAvZ/7uYxZ27dRC6qB+bXyqpoBuiVweK+GHj6TO2Hd9WfIcYDd/m
LaPLNK7O+cCbTgIf7LbBTBkwxMC+QFetDUA8WIBNkLGwQavjFedVo9qBI66HcoU7
drGqjwjxknHPTDVlIiP+aaYKjNgGR5koaabnuDUPKPYnj3/E9G2LDG+YWor/MgmT
NpSMVvJzMndm+kMi78lqGMcRIsVfFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM+q
6eRhlAJS+22u+zQWp+DikF/cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUYzNTMyNjZDMkUxMUYwOUE3NDk5N0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlEMMA0GCSqGSIb3DQEB
CwUAA4IBAQByoUzBYFnVcyIBdGSvs4ADaCXPrYxKSFIvvV9vs6mbc95LCEi9Ok6q
iIgUVkRwwZXeRoPa8qOGr/nKe0pPNUoHNliZ4B86mR5SAYpDsIOkb4YolvZMuXsy
UkWqrMONqNasakiIUHjLaI8fhQfl3/vEIND4UxEnjet2+EiRxZgvSrK92OIhQy/W
lmiGyccKMnyLu2dP5/r3AVnCyrizo3u/5rPq1uqr8LtioLMOElqK19VVM8tUiauV
gVMFUMoz6yV5W2555Zwh8BMoWHCiOzc7PMjFKRsEB9KrmrjGF3TkOCJh4dVhmqcf
tdQM0twR5iktrQiFQojA85dVjBng60Nz
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:15:08 2025 by rpki-client