Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3911270A6FF011F082FD87EDDAE4EC9C.roa
File: 3911270A6FF011F082FD87EDDAE4EC9C.roa (raw, json)
Hash identifier: xU9LtO+dwS3EH4K8ARJY2gOiyBtUPMomPhnxj+GuL1c=
Subject key identifier: CD:50:09:C6:56:E7:A7:CE:2F:FC:31:E7:A9:04:6E:F1:BB:70:33:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019084
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3911270A6FF011F082FD87EDDAE4EC9C.roa
Signing time: Sat 02 Aug 2025 22:29:59 +0000
ROA not before: Sat 02 Aug 2025 22:29:54 +0000
ROA not after: Sun 05 Oct 2025 22:29:54 +0000
asID: 394432
IP address blocks: 154.90.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102532 (0x19084)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 22:29:54 2025 GMT
Not After : Oct 5 22:29:54 2025 GMT
Subject: CN=688e9167-b8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a9:04:db:28:c5:e8:27:88:65:29:4a:2a:1a:
e7:fe:bf:38:ab:f5:f0:0c:cf:25:fd:b5:42:36:37:
46:c5:d1:b6:30:ad:64:90:5b:8c:8b:4c:cf:1f:8d:
96:24:ca:20:b2:ce:44:bc:90:5f:d1:8a:c9:5b:1f:
91:45:71:4c:e6:1f:09:24:4c:46:b9:ba:40:a4:e4:
52:ce:1d:66:72:bc:f6:c9:18:e6:cd:85:ac:30:6f:
03:d8:3b:45:cd:c8:35:10:26:7d:83:97:77:46:51:
67:15:7d:d4:64:42:bb:81:c7:21:0f:86:4c:8e:b3:
f0:fd:28:6c:74:2e:31:77:2f:f9:61:a2:d6:e6:64:
04:97:b0:16:5d:fe:e6:49:8f:a8:a3:cd:28:f0:f9:
34:b2:a9:f2:58:1c:a8:34:bc:9c:6c:33:cf:cf:69:
4c:62:be:fc:30:db:80:ed:dd:f2:d9:6b:35:5e:c9:
45:29:d2:be:b3:b3:d4:cc:b2:a6:a0:b8:82:fe:30:
b7:d8:f0:75:a1:4c:91:9e:3d:59:29:e8:91:5c:49:
6e:c9:95:09:de:fb:58:ed:b1:54:c8:0e:17:01:c1:
9a:0e:20:5b:0f:a8:3f:81:40:c8:51:3e:d7:af:e1:
05:61:3d:42:f0:57:40:22:be:b7:fc:ce:91:5d:61:
60:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:50:09:C6:56:E7:A7:CE:2F:FC:31:E7:A9:04:6E:F1:BB:70:33:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3911270A6FF011F082FD87EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
Signature Algorithm: sha256WithRSAEncryption
24:33:d4:8c:21:73:0e:28:e4:ae:d3:b9:1d:c0:8d:ed:f6:be:
1d:c6:ec:9d:b5:a5:d1:9a:91:fd:e0:23:7c:62:6c:07:e4:94:
41:1a:e4:70:3c:cc:90:55:8f:0b:5e:3c:ff:63:d2:7b:a7:76:
e2:e2:b1:b2:d9:46:24:21:65:6d:9f:7c:9d:bc:6d:65:db:42:
91:e6:cc:e4:c9:c0:82:06:fb:53:c5:76:ac:3b:26:9b:9e:89:
cc:48:c9:4a:12:b9:37:81:35:0e:8d:b1:42:c0:3f:9d:22:98:
b3:d5:48:f1:76:4a:d6:25:29:a7:39:1c:7f:11:cb:a8:c6:e2:
b0:75:7c:f8:1a:7f:7a:83:0d:44:09:0e:61:96:e1:e2:64:e8:
93:59:1f:ad:67:d4:82:72:41:86:2c:e6:96:0d:9c:a4:8e:ce:
96:47:0a:d3:98:39:4e:4e:fd:67:dd:07:52:a3:a1:ba:5a:73:
c5:58:e7:92:d3:cb:53:73:b5:32:f5:c0:99:20:74:b2:2c:b8:
da:fa:3d:38:56:a4:5f:ba:ba:4a:cf:4c:6e:f6:b5:08:2b:d9:
09:32:d8:e0:57:46:69:21:25:d2:c6:5c:40:54:82:d1:06:3f:
dc:57:31:00:7a:3f:13:89:9d:99:dd:5b:d4:28:9d:ca:2e:0a:
17:02:6a:7c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZCEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMjIyOTU0WhcNMjUxMDA1MjIyOTU0WjAYMRYw
FAYDVQQDEw02ODhlOTE2Ny1iOGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5qkE2yjF6CeIZSlKKhrn/r84q/XwDM8l/bVCNjdGxdG2MK1kkFuMi0zP
H42WJMogss5EvJBf0YrJWx+RRXFM5h8JJExGubpApORSzh1mcrz2yRjmzYWsMG8D
2DtFzcg1ECZ9g5d3RlFnFX3UZEK7gcchD4ZMjrPw/ShsdC4xdy/5YaLW5mQEl7AW
Xf7mSY+oo80o8Pk0sqnyWByoNLycbDPPz2lMYr78MNuA7d3y2Ws1XslFKdK+s7PU
zLKmoLiC/jC32PB1oUyRnj1ZKeiRXEluyZUJ3vtY7bFUyA4XAcGaDiBbD6g/gUDI
UT7Xr+EFYT1C8FdAIr63/M6RXWFgSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM1Q
CcZW56fOL/wx56kEbvG7cDNHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOTExMjcwQTZGRjAxMUYwODJGRDg3RUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQAkM9SMIXMOKOSu07kdwI3t9r4dxuydtaXRmpH94CN8YmwH5JRBGuRw
PMyQVY8LXjz/Y9J7p3bi4rGy2UYkIWVtn3ydvG1l20KR5szkycCCBvtTxXasOyab
nonMSMlKErk3gTUOjbFCwD+dIpiz1UjxdkrWJSmnORx/EcuoxuKwdXz4Gn96gw1E
CQ5hluHiZOiTWR+tZ9SCckGGLOaWDZykjs6WRwrTmDlOTv1n3QdSo6G6WnPFWOeS
08tTc7Uy9cCZIHSyLLja+j04VqRfurpKz0xu9rUIK9kJMtjgV0ZpISXSxlxAVILR
Bj/cVzEAej8TiZ2Z3VvUKJ3KLgoXAmp8
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:54:54 2025 by rpki-client