Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DB388F2694B11F0BB9F3BB6DAE4EC9C.roa
File: 4DB388F2694B11F0BB9F3BB6DAE4EC9C.roa (raw, json)
Hash identifier: 1q9d61cO18ZvpyR5aUaSum6yLtwpmvST+1TfXWoql3Y=
Subject key identifier: E7:99:7B:88:FE:C5:EC:AE:1E:6D:68:17:3D:40:F5:EB:D9:84:6A:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FAF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DB388F2694B11F0BB9F3BB6DAE4EC9C.roa
Signing time: Fri 25 Jul 2025 11:34:20 +0000
ROA not before: Fri 25 Jul 2025 11:34:15 +0000
ROA not after: Sun 31 Aug 2025 11:34:15 +0000
asID: 14315
IP address blocks: 154.194.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102319 (0x18faf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 25 11:34:15 2025 GMT
Not After : Aug 31 11:34:15 2025 GMT
Subject: CN=68836bbc-7ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:47:c3:c1:29:3b:ca:0d:fa:fb:ae:07:c0:6e:
9c:50:e0:f0:ce:bd:38:86:b4:f9:2f:26:3b:13:ec:
c6:27:99:ee:d2:1d:63:52:71:51:e2:f3:74:34:1b:
4a:84:e1:dd:35:06:c2:85:ad:57:c2:db:0f:0a:5c:
87:39:09:e2:90:46:e4:7d:a0:0c:6e:89:b3:94:60:
94:a1:32:72:1a:c4:54:d3:98:ef:ed:8f:88:0f:cd:
74:5f:44:f2:38:fa:1e:bb:90:6d:3d:e7:ee:3a:68:
e1:c0:69:43:20:5c:72:e1:81:55:50:ad:b3:c9:ef:
84:bf:17:29:c7:68:90:3b:c9:a8:3a:fa:02:2c:ac:
94:0b:9b:42:b1:88:02:1e:30:b3:74:61:e9:a6:77:
f5:b9:2a:80:3a:1b:85:79:e0:10:6d:e9:f4:d9:2f:
b2:63:e3:77:b4:80:7d:6d:19:a3:1b:4f:ed:b5:db:
2f:cf:8a:63:19:07:24:be:14:f5:91:61:22:0e:0e:
79:ea:4b:79:0b:56:50:18:07:28:4a:59:85:af:52:
c4:b9:8c:7f:21:c8:99:00:3f:ef:b3:87:91:cb:04:
27:ca:f2:89:a1:d8:c0:98:67:a4:05:74:3b:16:9e:
df:5c:14:2d:ea:30:35:2d:ab:26:6d:1d:e0:24:25:
35:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:99:7B:88:FE:C5:EC:AE:1E:6D:68:17:3D:40:F5:EB:D9:84:6A:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DB388F2694B11F0BB9F3BB6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.50.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:d1:a2:8d:27:56:95:17:8a:5c:df:6f:6e:ce:29:28:96:c1:
bb:a5:45:12:c0:58:c8:58:71:97:f2:f6:20:23:2d:01:9f:d1:
38:a1:84:62:4c:2d:3c:a4:ff:22:63:b0:ce:09:b5:73:80:42:
66:5b:8d:33:1a:b9:fd:ac:99:c1:df:07:5a:f1:1d:85:81:28:
48:f8:2c:2e:8c:ea:d1:dd:c3:81:49:10:11:41:09:40:a4:06:
08:15:16:a7:dc:d0:c7:d5:17:ba:84:ef:7f:ce:e0:5e:3d:a6:
d5:f8:1b:f8:04:32:20:82:9f:ae:72:e9:03:22:b8:e4:05:06:
85:cf:31:a4:97:7f:e3:97:18:de:57:94:9b:dc:b5:7f:b6:92:
47:0f:b2:99:fb:8c:4a:8e:dc:06:74:68:c0:bc:45:15:1c:f8:
04:05:72:4d:10:57:7c:76:99:81:a9:22:86:2c:24:79:5a:65:
bb:20:c9:04:0e:3f:23:2f:28:15:5d:67:85:eb:c1:49:fd:7d:
d1:2d:9b:f5:35:a2:c6:20:91:15:97:69:b8:1c:5e:99:b4:4a:
5e:ac:1c:7a:11:5b:f4:fb:7f:67:c8:20:b5:ed:56:db:74:80:
b7:03:72:a2:8c:52:f8:13:f4:46:f6:91:fb:ca:a6:b8:52:dd:
70:72:9b:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY+vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI1MTEzNDE1WhcNMjUwODMxMTEzNDE1WjAYMRYw
FAYDVQQDEw02ODgzNmJiYy03ZWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA60fDwSk7yg36+64HwG6cUODwzr04hrT5LyY7E+zGJ5nu0h1jUnFR4vN0
NBtKhOHdNQbCha1XwtsPClyHOQnikEbkfaAMbomzlGCUoTJyGsRU05jv7Y+ID810
X0TyOPoeu5BtPefuOmjhwGlDIFxy4YFVUK2zye+Evxcpx2iQO8moOvoCLKyUC5tC
sYgCHjCzdGHppnf1uSqAOhuFeeAQben02S+yY+N3tIB9bRmjG0/ttdsvz4pjGQck
vhT1kWEiDg556kt5C1ZQGAcoSlmFr1LEuYx/IciZAD/vs4eRywQnyvKJodjAmGek
BXQ7Fp7fXBQt6jA1LasmbR3gJCU1oQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOeZ
e4j+xeyuHm1oFz1A9evZhGraMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80REIzODhGMjY5NEIxMUYwQkI5RjNCQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIyMA0GCSqGSIb3DQEB
CwUAA4IBAQCn0aKNJ1aVF4pc329uzikolsG7pUUSwFjIWHGX8vYgIy0Bn9E4oYRi
TC08pP8iY7DOCbVzgEJmW40zGrn9rJnB3wda8R2FgShI+CwujOrR3cOBSRARQQlA
pAYIFRan3NDH1Re6hO9/zuBePabV+Bv4BDIggp+ucukDIrjkBQaFzzGkl3/jlxje
V5Sb3LV/tpJHD7KZ+4xKjtwGdGjAvEUVHPgEBXJNEFd8dpmBqSKGLCR5WmW7IMkE
Dj8jLygVXWeF68FJ/X3RLZv1NaLGIJEVl2m4HF6ZtEperBx6EVv0+39nyCC17Vbb
dIC3A3KijFL4E/RG9pH7yqa4Ut1wcpsD
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:10:34 2025 by rpki-client