Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661D09E267AF11F08DCCF3B8DAE4EC9C.roa
File: 661D09E267AF11F08DCCF3B8DAE4EC9C.roa (raw, json)
Hash identifier: CVRTiNiKrqdnjWTGrbeEQwFAOZeap47S6gTcFFfu5kQ=
Subject key identifier: 2A:02:2D:B9:D0:DD:A9:1F:FA:1D:DF:CD:E1:1B:50:61:9A:45:C2:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F07
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661D09E267AF11F08DCCF3B8DAE4EC9C.roa
Signing time: Wed 23 Jul 2025 10:25:48 +0000
ROA not before: Wed 23 Jul 2025 10:25:43 +0000
ROA not after: Sat 30 Aug 2025 10:25:43 +0000
asID: 401075
IP address blocks: 154.201.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102151 (0x18f07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 23 10:25:43 2025 GMT
Not After : Aug 30 10:25:43 2025 GMT
Subject: CN=6880b8ac-5e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ea:07:59:6e:c4:c4:3e:82:6a:66:47:52:59:
05:bf:ec:c2:04:14:95:26:be:77:20:42:7d:34:e9:
a2:8f:ee:9c:30:76:d2:d8:0e:7d:8f:a6:db:cc:f1:
d8:55:ff:74:01:4a:57:d1:7f:8a:a1:c1:f3:7a:5a:
54:68:65:8a:cf:e8:af:c1:bd:f2:21:31:7e:4d:77:
3f:67:7b:ad:f4:1e:8d:bf:79:14:3d:86:82:76:e7:
30:83:b3:d1:89:ee:17:d3:b0:bb:63:9a:1c:74:5e:
fa:ba:76:a1:3b:27:d9:89:dc:23:4f:8e:1e:13:af:
9f:fc:b4:6d:e8:35:90:31:e8:bb:bd:81:15:bd:fc:
9c:a7:8b:72:c6:a1:9b:d1:64:0a:3f:84:8f:63:83:
0d:9a:f9:ce:52:81:80:86:16:8d:62:be:22:fa:d7:
db:e4:70:39:ed:41:a7:e5:f0:10:03:ab:d0:81:e9:
6b:59:39:f5:7e:4a:65:bd:ef:7b:dc:86:ff:95:d2:
83:5b:71:c9:d0:9c:73:93:92:0a:30:ae:d1:fe:a2:
10:a4:04:51:c9:96:8a:10:4b:c5:72:16:71:26:aa:
26:99:c7:78:4d:c2:b3:4e:39:16:e1:24:e7:bf:64:
9d:42:e2:11:b4:bc:af:80:8d:40:fa:ee:f6:e4:9d:
1a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:02:2D:B9:D0:DD:A9:1F:FA:1D:DF:CD:E1:1B:50:61:9A:45:C2:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661D09E267AF11F08DCCF3B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.94.0/23
Signature Algorithm: sha256WithRSAEncryption
68:77:61:b6:47:69:81:f5:70:9f:cb:f4:34:ae:88:bd:fa:09:
dd:ea:e6:61:a0:a4:d4:c6:f0:c4:93:84:92:c1:74:73:2c:66:
90:33:f2:ac:bf:76:94:66:d2:da:f2:00:4f:be:c9:a1:8b:59:
39:34:62:9b:87:3f:ec:ae:a9:af:6f:ac:3b:1b:db:6b:1b:53:
f6:04:fd:8a:1b:10:e4:a1:6c:5e:a9:af:8b:e6:60:38:7b:69:
4a:28:97:88:b0:61:da:6f:71:d6:28:66:1b:2e:64:ee:61:dd:
d4:6d:78:e1:f2:f7:ff:59:ac:0c:f4:89:7c:55:09:17:4c:08:
90:a4:cb:4a:4e:ac:b1:c3:19:50:ac:6f:bf:47:d6:bd:5b:f2:
d5:b0:ee:7c:9b:84:0c:f5:7c:9b:4f:4d:ba:7e:d5:b2:29:76:
72:27:19:ba:91:0e:40:65:14:b4:68:71:b6:5c:64:ec:b6:08:
c3:f0:83:04:de:da:c9:34:69:b7:7b:22:8c:0f:fe:90:2e:44:
dc:ac:f4:43:8d:15:d0:d9:dc:1e:a6:b0:a7:18:37:83:e7:1f:
86:b3:a3:31:ad:27:48:45:51:60:17:ce:6b:8c:9c:f6:c8:c3:
3a:ca:41:99:09:cb:76:52:56:27:e1:e5:64:a4:8e:0c:ca:a6:
d5:b0:ff:ea
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY8HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIzMTAyNTQzWhcNMjUwODMwMTAyNTQzWjAYMRYw
FAYDVQQDEw02ODgwYjhhYy01ZTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyeoHWW7ExD6CamZHUlkFv+zCBBSVJr53IEJ9NOmij+6cMHbS2A59j6bb
zPHYVf90AUpX0X+KocHzelpUaGWKz+ivwb3yITF+TXc/Z3ut9B6Nv3kUPYaCducw
g7PRie4X07C7Y5ocdF76unahOyfZidwjT44eE6+f/LRt6DWQMei7vYEVvfycp4ty
xqGb0WQKP4SPY4MNmvnOUoGAhhaNYr4i+tfb5HA57UGn5fAQA6vQgelrWTn1fkpl
ve973Ib/ldKDW3HJ0Jxzk5IKMK7R/qIQpARRyZaKEEvFchZxJqommcd4TcKzTjkW
4STnv2SdQuIRtLyvgI1A+u725J0ajQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCoC
LbnQ3akf+h3fzeEbUGGaRcIAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjFEMDlFMjY3QUYxMUYwOERDQ0YzQjhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsleMA0GCSqGSIb3DQEB
CwUAA4IBAQBod2G2R2mB9XCfy/Q0roi9+gnd6uZhoKTUxvDEk4SSwXRzLGaQM/Ks
v3aUZtLa8gBPvsmhi1k5NGKbhz/srqmvb6w7G9trG1P2BP2KGxDkoWxeqa+L5mA4
e2lKKJeIsGHab3HWKGYbLmTuYd3UbXjh8vf/WawM9Il8VQkXTAiQpMtKTqyxwxlQ
rG+/R9a9W/LVsO58m4QM9XybT026ftWyKXZyJxm6kQ5AZRS0aHG2XGTstgjD8IME
3trJNGm3eyKMD/6QLkTcrPRDjRXQ2dweprCnGDeD5x+Gs6MxrSdIRVFgF85rjJz2
yMM6ykGZCct2UlYn4eVkpI4MyqbVsP/q
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:47:33 2025 by rpki-client