Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DD2EE00694C11F09E61E6BADAE4EC9C.roa
File: 2DD2EE00694C11F09E61E6BADAE4EC9C.roa (raw, json)
Hash identifier: NzzJIFm6cOnro38DEWmWkTGRFKcsbwLULsZ2Bg3pris=
Subject key identifier: 95:FD:F3:A2:AC:C1:95:ED:72:72:6A:C2:BB:AB:65:A8:75:9C:91:F9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FB1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DD2EE00694C11F09E61E6BADAE4EC9C.roa
Signing time: Fri 25 Jul 2025 11:40:36 +0000
ROA not before: Fri 25 Jul 2025 11:40:31 +0000
ROA not after: Mon 01 Sep 2025 11:40:31 +0000
asID: 32043
IP address blocks: 154.193.99.0/24 maxlen: 24
154.193.100.0/22 maxlen: 24
154.193.104.0/22 maxlen: 24
154.193.108.0/23 maxlen: 24
154.193.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102321 (0x18fb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 25 11:40:31 2025 GMT
Not After : Sep 1 11:40:31 2025 GMT
Subject: CN=68836d34-40ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:1e:ea:34:70:bc:43:ed:c0:1e:d6:7b:c0:
f0:4f:0e:99:ed:a4:0b:e5:fc:74:2e:35:cf:4a:5c:
e0:f0:c8:78:9a:ac:55:78:b2:87:09:d4:28:6c:00:
56:2c:f4:be:4d:60:e1:75:bc:1f:9c:2a:32:7d:5e:
33:70:e4:cd:8b:7d:73:39:82:40:72:33:22:e8:80:
7e:93:ed:bd:21:61:d8:78:ab:ce:7e:f0:9a:08:4e:
4b:54:b9:08:5e:94:f0:dc:c6:80:38:c3:47:27:e0:
78:aa:46:18:35:ad:db:5c:a4:ab:72:ff:d0:a0:8d:
a1:58:c3:11:99:38:03:f5:8c:5a:91:27:e4:8d:3d:
29:b3:d4:50:2c:44:3a:8a:1f:d6:cb:3a:98:bb:0f:
95:3f:1e:41:26:5f:e0:db:1a:ba:33:8a:79:cf:04:
27:32:b7:5c:1c:41:37:05:1f:d1:fd:e9:e2:d7:a1:
98:41:22:46:13:d9:6d:00:7e:96:29:0a:33:52:11:
fa:5a:a8:09:bf:4e:da:f7:8e:30:25:6f:b2:0e:df:
7a:e0:a9:18:6f:4c:37:c4:80:2b:08:f4:e2:9a:a5:
33:44:5d:4b:be:20:9a:c2:90:f5:04:cf:e7:f6:6c:
f6:ce:fb:c6:85:0c:2a:3e:16:85:7f:b2:37:9b:a9:
3e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FD:F3:A2:AC:C1:95:ED:72:72:6A:C2:BB:AB:65:A8:75:9C:91:F9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DD2EE00694C11F09E61E6BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.99.0-154.193.110.255
Signature Algorithm: sha256WithRSAEncryption
33:cf:34:35:e0:5c:26:06:64:82:8a:5a:03:fc:8e:f4:24:bd:
fb:e0:c2:61:7e:0f:6a:e3:2f:72:aa:b9:70:43:33:4b:c9:08:
9d:31:ba:8b:83:18:59:3e:bf:6a:f9:6f:c6:4a:60:53:ff:f7:
30:63:06:85:bd:a8:08:b8:17:dc:41:8e:c9:80:1b:43:d0:7c:
0b:08:2f:84:d4:08:02:31:cf:81:5c:09:83:f3:31:07:b9:94:
0e:51:65:30:a7:a9:45:f4:53:a7:eb:c7:38:70:7b:fa:62:12:
90:90:7b:af:9c:0b:d4:8f:9f:56:6f:c6:a8:e1:e8:9c:ca:d0:
0d:e2:79:d2:ce:29:c9:00:c0:ff:ad:22:bd:25:a7:9b:10:24:
3a:40:b0:49:2c:40:42:2b:59:e1:bb:c0:1f:76:0b:63:d6:2a:
3a:78:23:79:38:fc:5d:08:89:fc:c9:36:1a:43:6e:94:01:7d:
f7:86:f4:eb:7a:03:1c:e7:d2:a8:bf:6e:41:80:d0:70:a7:80:
b1:86:35:aa:9c:54:80:3b:84:ee:77:d3:56:e3:6e:b2:bb:7f:
84:08:1f:a3:b3:0f:1a:bc:ec:26:fa:2b:a2:a0:ff:5a:88:c3:
60:60:7d:be:89:9e:c6:fe:98:d1:02:e6:10:69:2d:a4:7b:f2:
dc:88:0f:1d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAY+xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI1MTE0MDMxWhcNMjUwOTAxMTE0MDMxWjAYMRYw
FAYDVQQDEw02ODgzNmQzNC00MGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArHke6jRwvEPtwB7We8DwTw6Z7aQL5fx0LjXPSlzg8Mh4mqxVeLKHCdQo
bABWLPS+TWDhdbwfnCoyfV4zcOTNi31zOYJAcjMi6IB+k+29IWHYeKvOfvCaCE5L
VLkIXpTw3MaAOMNHJ+B4qkYYNa3bXKSrcv/QoI2hWMMRmTgD9YxakSfkjT0ps9RQ
LEQ6ih/WyzqYuw+VPx5BJl/g2xq6M4p5zwQnMrdcHEE3BR/R/eni16GYQSJGE9lt
AH6WKQozUhH6WqgJv07a944wJW+yDt964KkYb0w3xIArCPTimqUzRF1LviCawpD1
BM/n9mz2zvvGhQwqPhaFf7I3m6k+1QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJX9
86KswZXtcnJqwrurZah1nJH5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yREQyRUUwMDY5NEMxMUYwOUU2MUU2QkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACawWMDBACawW4wDQYJ
KoZIhvcNAQELBQADggEBADPPNDXgXCYGZIKKWgP8jvQkvfvgwmF+D2rjL3KquXBD
M0vJCJ0xuouDGFk+v2r5b8ZKYFP/9zBjBoW9qAi4F9xBjsmAG0PQfAsIL4TUCAIx
z4FcCYPzMQe5lA5RZTCnqUX0U6frxzhwe/piEpCQe6+cC9SPn1Zvxqjh6JzK0A3i
edLOKckAwP+tIr0lp5sQJDpAsEksQEIrWeG7wB92C2PWKjp4I3k4/F0IifzJNhpD
bpQBffeG9Ot6Axzn0qi/bkGA0HCngLGGNaqcVIA7hO5301bjbrK7f4QIH6OzDxq8
7Cb6K6Kg/1qIw2Bgfb6Jnsb+mNEC5hBpLaR78tyIDx0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:53:46 2025 by rpki-client