Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E5A31486E1011F096D0B1C2DAE4EC9C.roa
File: 3E5A31486E1011F096D0B1C2DAE4EC9C.roa (raw, json)
Hash identifier: 2ciyR3RL3vf74u9EEHlx1SuuvcCJm2+lOrd4vJ0yWYs=
Subject key identifier: 44:EE:5F:A8:9B:81:6F:F8:D2:02:AD:32:FA:0C:55:A8:B4:38:A3:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019016
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E5A31486E1011F096D0B1C2DAE4EC9C.roa
Signing time: Thu 31 Jul 2025 13:14:10 +0000
ROA not before: Thu 31 Jul 2025 13:14:04 +0000
ROA not after: Fri 31 Jul 2026 13:14:04 +0000
asID: 328608
IP address blocks: 154.83.240.0/24 maxlen: 24
154.83.242.0/24 maxlen: 24
154.83.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102422 (0x19016)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 31 13:14:04 2025 GMT
Not After : Jul 31 13:14:04 2026 GMT
Subject: CN=688b6c22-09da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:05:2e:84:60:01:c7:f0:6a:f4:0e:f8:dd:85:
38:b2:b1:0a:31:5e:7f:65:cc:68:70:78:3e:a5:e9:
3e:5c:6c:83:63:92:97:61:d1:6a:49:6a:0b:bd:4a:
d7:38:99:b3:9d:56:64:49:a4:fd:b9:7c:88:c4:9a:
93:d2:cb:43:0e:ba:11:db:4f:be:5a:06:0a:c5:c8:
02:91:f7:87:00:f5:52:16:bc:cc:f0:c7:f4:2b:08:
c9:8e:ea:4c:03:f9:0b:77:ab:8b:53:6f:11:5a:6a:
e9:c9:aa:a3:9e:bd:99:ab:86:09:14:8d:05:5b:f9:
1f:5a:6c:ae:d5:7e:d8:db:c6:ac:65:d7:18:fa:9c:
ed:a8:4c:8b:f4:6f:da:eb:8f:fb:37:5a:88:4b:43:
00:db:12:aa:27:95:4e:13:5e:2d:0a:73:1d:e7:bd:
e3:de:e2:13:f8:5b:ff:d9:e3:18:2e:06:da:a9:f9:
ec:24:5e:c1:f6:93:da:2b:a2:3b:bd:4b:b9:57:7b:
03:8b:a6:46:c9:3c:41:d9:42:a3:42:2e:5e:ee:38:
fd:2f:3b:1c:6a:ba:88:5a:cf:f0:33:44:a3:dc:ff:
d6:db:34:bd:0d:58:14:f3:aa:e9:cf:13:f9:6e:f3:
b1:8d:ec:41:36:2a:c8:a4:21:be:67:c2:2e:b7:17:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:EE:5F:A8:9B:81:6F:F8:D2:02:AD:32:FA:0C:55:A8:B4:38:A3:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E5A31486E1011F096D0B1C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.240.0/24
154.83.242.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:63:ba:d2:40:b6:a5:83:54:88:47:ff:24:b7:a7:94:6e:e9:
cb:0e:57:d8:38:9a:9f:1f:d5:95:f2:76:a7:d3:8e:b6:96:01:
e2:b7:de:9e:1d:dd:55:9b:58:5d:40:cf:95:08:a8:ed:46:eb:
b3:cd:5f:a3:0c:1b:3e:c1:2d:3d:33:4a:41:5b:b2:28:5a:56:
19:15:2c:ee:67:30:a0:d8:2e:78:af:b4:68:b3:11:af:c1:d7:
3a:93:59:57:0b:83:37:9c:0d:ca:ab:04:32:b8:7d:80:7d:37:
69:86:0a:5f:ba:e4:c8:c8:54:8d:86:96:0f:38:2a:78:22:a1:
0c:62:5b:44:d0:94:17:c2:e5:f5:72:60:8a:2f:50:39:54:1e:
c8:0c:02:c7:e5:19:5d:79:0e:88:e3:15:a4:e0:94:a9:b3:60:
60:be:ac:62:9b:59:e8:61:8b:9a:d3:bf:f1:3e:6b:3b:a6:f0:
15:1f:6a:f4:fd:44:52:f0:53:4b:34:94:30:c9:9c:b1:d1:8b:
44:a0:fb:e2:13:8b:8a:2d:17:d0:68:6c:8a:25:0e:3a:18:d0:
cc:13:b2:6b:f0:f4:05:fe:dc:5b:c3:da:0e:f1:e5:9d:5d:4d:
15:f2:bd:20:dc:2f:9b:80:6a:22:5b:88:dc:56:5b:71:2d:8f:
79:f1:96:5a
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZAWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzMxMTMxNDA0WhcNMjYwNzMxMTMxNDA0WjAYMRYw
FAYDVQQDEw02ODhiNmMyMi0wOWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6wUuhGABx/Bq9A743YU4srEKMV5/ZcxocHg+pek+XGyDY5KXYdFqSWoL
vUrXOJmznVZkSaT9uXyIxJqT0stDDroR20++WgYKxcgCkfeHAPVSFrzM8Mf0KwjJ
jupMA/kLd6uLU28RWmrpyaqjnr2Zq4YJFI0FW/kfWmyu1X7Y28asZdcY+pztqEyL
9G/a64/7N1qIS0MA2xKqJ5VOE14tCnMd573j3uIT+Fv/2eMYLgbaqfnsJF7B9pPa
K6I7vUu5V3sDi6ZGyTxB2UKjQi5e7jj9LzscarqIWs/wM0Sj3P/W2zS9DVgU86rp
zxP5bvOxjexBNirIpCG+Z8Iutxd7kwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFETu
X6ibgW/40gKtMvoMVai0OKOeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTVBMzE0ODZFMTAxMUYwOTZEMEIxQzJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlPwAwQBmlPyMA0GCSqG
SIb3DQEBCwUAA4IBAQBaY7rSQLalg1SIR/8kt6eUbunLDlfYOJqfH9WV8nan0462
lgHit96eHd1Vm1hdQM+VCKjtRuuzzV+jDBs+wS09M0pBW7IoWlYZFSzuZzCg2C54
r7RosxGvwdc6k1lXC4M3nA3KqwQyuH2AfTdphgpfuuTIyFSNhpYPOCp4IqEMYltE
0JQXwuX1cmCKL1A5VB7IDALH5RldeQ6I4xWk4JSps2Bgvqxim1noYYua07/xPms7
pvAVH2r0/URS8FNLNJQwyZyx0YtEoPviE4uKLRfQaGyKJQ46GNDME7Jr8PQF/txb
w9oO8eWdXU0V8r0g3C+bgGoiW4jcVltxLY958ZZa
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:06:27 2025 by rpki-client