Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661E196E66D711F0BDCC52BCDAE4EC9C.roa
File: 661E196E66D711F0BDCC52BCDAE4EC9C.roa (raw, json)
Hash identifier: ePYSTVCfhp1j/41OvfSZHM55mhzGAET8ogR72LwNVZM=
Subject key identifier: 87:38:FC:2F:88:6F:D8:85:F7:82:D0:AD:85:96:BC:88:C7:79:22:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018ECA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661E196E66D711F0BDCC52BCDAE4EC9C.roa
Signing time: Tue 22 Jul 2025 08:39:37 +0000
ROA not before: Tue 22 Jul 2025 08:39:32 +0000
ROA not after: Sat 30 Aug 2025 08:39:32 +0000
asID: 401696
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102090 (0x18eca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 22 08:39:32 2025 GMT
Not After : Aug 30 08:39:32 2025 GMT
Subject: CN=687f4e49-abfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a0:69:79:6b:fb:8b:f3:48:14:cf:73:1e:bf:
b9:85:ec:e5:8c:7f:ac:fd:9c:91:92:e7:26:81:62:
74:5b:88:04:38:49:5c:9b:59:cb:5c:63:20:fa:de:
0e:2f:21:ac:1e:3d:af:27:25:99:2e:08:d0:80:8f:
ca:a3:22:9e:33:11:c1:78:99:12:30:41:5e:b5:8d:
b9:5f:d5:5a:e9:bd:86:1f:62:20:11:49:7a:15:c4:
31:37:8a:8a:0a:12:19:78:3a:04:88:3b:b8:ab:d0:
45:5d:e7:7d:6f:e2:ee:cf:c4:c4:10:d8:d1:9a:3d:
68:2b:1d:72:52:dc:e1:21:af:0b:9b:88:1f:7c:56:
48:a5:6d:6f:33:64:33:c3:e9:ac:76:7b:ad:89:a8:
f2:e8:b4:3f:ee:f0:d6:09:8d:c6:a2:1d:18:08:e3:
34:c1:06:42:dd:f3:c0:27:16:73:c9:9e:a0:ea:36:
9b:81:e8:dc:68:9c:08:75:aa:64:75:5e:69:c3:1f:
29:08:63:a2:e1:c9:67:3b:15:fd:cf:0b:38:d9:f9:
b7:09:e7:df:f8:45:b4:e1:69:8d:93:b9:26:e9:3d:
87:39:b2:dc:6b:2e:b8:b9:22:49:96:23:93:cd:b8:
a5:9f:30:fc:9a:28:90:2d:ae:15:a6:6c:c0:6e:cc:
f4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:38:FC:2F:88:6F:D8:85:F7:82:D0:AD:85:96:BC:88:C7:79:22:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/661E196E66D711F0BDCC52BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
60:01:b3:4d:27:80:17:4a:f0:09:4e:24:f5:05:b7:35:41:58:
4e:d1:ac:fc:c6:9f:25:f7:81:65:59:eb:7e:a9:fe:c9:85:78:
d6:80:44:a7:c8:f3:fa:a1:42:dc:52:46:55:c1:10:83:84:ce:
a1:de:f5:13:36:55:87:13:11:82:6a:4b:c7:91:ef:42:32:6e:
54:3e:fe:1c:a8:96:c4:f9:6c:5c:70:a5:ee:8b:b6:37:30:ee:
27:49:d2:49:84:2e:28:f8:54:df:6d:a4:1a:9a:86:44:60:5a:
cc:ab:a9:36:c6:7f:24:0f:c2:e6:45:42:0a:ad:f0:db:04:4e:
e3:76:42:57:26:38:e0:fe:44:11:fa:a7:f4:2a:2b:a3:dc:9c:
c3:4d:f4:1b:26:23:1f:38:89:16:be:1d:6d:e0:4f:51:95:ef:
fd:c9:7d:90:40:75:2c:82:22:bc:44:d8:70:ea:ab:1c:e0:29:
97:9f:76:92:f9:a7:ea:c9:e8:60:cb:ff:c4:98:c9:d2:c4:2e:
0a:7f:2f:00:a5:93:04:9f:30:f8:d8:7f:e1:24:21:cd:e8:c7:
e4:81:bc:92:4d:3b:12:cb:ce:f3:7e:74:66:26:9a:ba:05:bd:
39:13:9e:ea:f1:5f:cf:83:6a:07:f1:58:7d:bf:60:30:79:6c:
7a:35:d3:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY7KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIyMDgzOTMyWhcNMjUwODMwMDgzOTMyWjAYMRYw
FAYDVQQDEw02ODdmNGU0OS1hYmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqqBpeWv7i/NIFM9zHr+5hezljH+s/ZyRkucmgWJ0W4gEOElcm1nLXGMg
+t4OLyGsHj2vJyWZLgjQgI/KoyKeMxHBeJkSMEFetY25X9Va6b2GH2IgEUl6FcQx
N4qKChIZeDoEiDu4q9BFXed9b+Luz8TEENjRmj1oKx1yUtzhIa8Lm4gffFZIpW1v
M2Qzw+msdnutiajy6LQ/7vDWCY3Goh0YCOM0wQZC3fPAJxZzyZ6g6jabgejcaJwI
dapkdV5pwx8pCGOi4clnOxX9zws42fm3Ceff+EW04WmNk7km6T2HObLcay64uSJJ
liOTzbilnzD8miiQLa4VpmzAbsz0EwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIc4
/C+Ib9iF94LQrYWWvIjHeSJ7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NjFFMTk2RTY2RDcxMUYwQkRDQzUyQkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBgAbNNJ4AXSvAJTiT1Bbc1QVhO0az8xp8l94FlWet+qf7JhXjWgESn
yPP6oULcUkZVwRCDhM6h3vUTNlWHExGCakvHke9CMm5UPv4cqJbE+WxccKXui7Y3
MO4nSdJJhC4o+FTfbaQamoZEYFrMq6k2xn8kD8LmRUIKrfDbBE7jdkJXJjjg/kQR
+qf0Kiuj3JzDTfQbJiMfOIkWvh1t4E9Rle/9yX2QQHUsgiK8RNhw6qsc4CmXn3aS
+afqyehgy//EmMnSxC4Kfy8ApZMEnzD42H/hJCHN6MfkgbySTTsSy87zfnRmJpq6
Bb05E57q8V/Pg2oH8Vh9v2AweWx6NdNz
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:08:26 2025 by rpki-client