Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/659C996E6FDF11F096419483DAE4EC9C.roa
File: 659C996E6FDF11F096419483DAE4EC9C.roa (raw, json)
Hash identifier: j5qaQDB3Xq0Rw9h9uA6i7mPgsSDx2g1S/DwMzoiVXSs=
Subject key identifier: 46:CC:0A:8E:5E:E5:6B:40:70:A3:F0:0F:14:58:1E:DF:F6:E6:72:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019070
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/659C996E6FDF11F096419483DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 20:29:32 +0000
ROA not before: Sat 02 Aug 2025 20:29:26 +0000
ROA not after: Wed 24 Sep 2025 20:29:26 +0000
asID: 214432
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102512 (0x19070)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 20:29:26 2025 GMT
Not After : Sep 24 20:29:26 2025 GMT
Subject: CN=688e752c-c318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fe:5c:e4:7a:fc:50:5c:9a:39:8f:6e:5d:b2:
41:e3:a4:9e:e8:0b:ac:22:e5:b2:a6:80:6e:b4:81:
f8:0d:1a:2d:bc:ea:2a:29:84:8f:82:b4:e0:03:40:
1b:cc:58:7a:90:c7:da:6b:97:ea:47:7f:7e:66:b5:
af:91:65:ed:67:dc:fe:52:61:e3:34:a0:2e:9d:6c:
87:39:ee:c0:ce:9f:1d:48:61:41:37:a5:a9:13:44:
db:cf:9a:fb:6d:3b:de:d6:4b:81:39:31:e5:93:13:
f0:9e:4f:3c:59:6a:32:85:bf:1f:4d:5d:f7:89:b6:
a1:9e:b6:eb:15:79:a6:de:3a:3e:32:3c:64:63:9f:
74:6c:d2:f2:14:f7:c4:ee:4a:7f:0a:3c:cf:99:14:
6c:c7:de:71:45:67:e4:f6:7f:42:e9:99:f9:e4:3b:
32:c2:68:de:af:79:dc:ba:ae:ec:44:96:4f:89:1a:
14:14:58:1d:e9:8b:42:8e:a8:5c:07:ad:c3:0f:b9:
35:92:47:e1:6f:70:7d:93:47:4d:ab:36:64:53:22:
e4:5f:8d:3a:4a:05:2d:36:c0:ca:67:b4:05:72:55:
f1:8e:69:66:dc:54:09:69:40:2e:4b:d1:9e:aa:9f:
7d:f6:89:8c:9f:26:5a:c1:f0:0f:00:81:c7:3c:0d:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CC:0A:8E:5E:E5:6B:40:70:A3:F0:0F:14:58:1E:DF:F6:E6:72:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/659C996E6FDF11F096419483DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e3:34:f4:85:9d:50:e6:97:16:a1:45:f1:39:60:59:c2:b8:
b2:7e:57:e1:1d:c8:17:11:fe:93:bd:b0:a9:9b:c4:6d:24:3f:
ff:68:4e:8c:29:cd:7d:d0:72:4a:13:8e:4c:ba:d4:18:bc:5f:
73:b2:83:48:2d:70:85:73:58:64:01:88:7e:df:29:a3:32:1f:
b3:08:02:37:2a:a5:48:0a:1d:9c:01:72:29:40:c9:5b:f3:0d:
10:88:c1:8c:b2:c9:99:36:ac:03:e4:ad:d3:28:cf:f7:3a:ed:
d6:a8:72:38:e3:b6:3f:86:d2:e5:fc:f2:38:6e:16:48:f2:c8:
d1:f8:6e:18:21:48:b2:13:99:83:50:ea:6c:5b:41:d3:28:f2:
86:98:2b:ce:e0:61:b0:32:3d:43:d9:af:c4:d9:83:d8:1a:a7:
04:fb:27:41:37:84:34:59:a9:f9:47:a9:3d:25:9f:84:ab:f1:
d9:a0:fe:31:73:92:da:1f:52:ae:6f:5b:a0:15:35:65:fe:46:
b9:0d:0e:1f:1f:0c:c8:1c:92:c3:c5:61:37:56:9e:54:c8:57:
fd:54:ca:de:7e:98:55:de:34:69:9c:56:0f:d2:01:5a:f1:0c:
58:80:a5:be:31:8e:49:d2:54:09:12:8d:bb:26:84:7c:c3:3e:
68:8f:03:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZBwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMjAyOTI2WhcNMjUwOTI0MjAyOTI2WjAYMRYw
FAYDVQQDEw02ODhlNzUyYy1jMzE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6/5c5Hr8UFyaOY9uXbJB46Se6AusIuWypoButIH4DRotvOoqKYSPgrTg
A0AbzFh6kMfaa5fqR39+ZrWvkWXtZ9z+UmHjNKAunWyHOe7Azp8dSGFBN6WpE0Tb
z5r7bTve1kuBOTHlkxPwnk88WWoyhb8fTV33ibahnrbrFXmm3jo+MjxkY590bNLy
FPfE7kp/CjzPmRRsx95xRWfk9n9C6Zn55Dsywmjer3ncuq7sRJZPiRoUFFgd6YtC
jqhcB63DD7k1kkfhb3B9k0dNqzZkUyLkX406SgUtNsDKZ7QFclXxjmlm3FQJaUAu
S9Geqp999omMnyZawfAPAIHHPA2JpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEbM
Co5e5WtAcKPwDxRYHt/25nIAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTlDOTk2RTZGREYxMUYwOTY0MTk0ODNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQAm4zT0hZ1Q5pcWoUXxOWBZwriyflfhHcgXEf6TvbCpm8RtJD//aE6M
Kc190HJKE45MutQYvF9zsoNILXCFc1hkAYh+3ymjMh+zCAI3KqVICh2cAXIpQMlb
8w0QiMGMssmZNqwD5K3TKM/3Ou3WqHI447Y/htLl/PI4bhZI8sjR+G4YIUiyE5mD
UOpsW0HTKPKGmCvO4GGwMj1D2a/E2YPYGqcE+ydBN4Q0Wan5R6k9JZ+Eq/HZoP4x
c5LaH1Kub1ugFTVl/ka5DQ4fHwzIHJLDxWE3Vp5UyFf9VMrefphV3jRpnFYP0gFa
8QxYgKW+MY5J0lQJEo27JoR8wz5ojwNt
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:00:47 2025 by rpki-client