Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85B3DC50664611F09EE69183DAE4EC9C.roa
File: 85B3DC50664611F09EE69183DAE4EC9C.roa (raw, json)
Hash identifier: sp76LELq6xZR3A2P5v4z6kDHyDBjG9rnSbLxWjblkbc=
Subject key identifier: 35:87:03:85:51:7C:B3:54:EC:7F:77:C7:2F:A8:01:46:19:FF:64:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E83
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85B3DC50664611F09EE69183DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 15:22:33 +0000
ROA not before: Mon 21 Jul 2025 15:22:28 +0000
ROA not after: Wed 03 Sep 2025 15:22:28 +0000
asID: 140666
IP address blocks: 154.93.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102019 (0x18e83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 21 15:22:28 2025 GMT
Not After : Sep 3 15:22:28 2025 GMT
Subject: CN=687e5b39-23d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:29:9e:67:4e:d7:b9:8a:ea:f5:33:06:4c:
75:fe:2d:64:1e:36:b7:28:a0:9b:cf:b5:22:e3:64:
c8:4f:c5:17:ad:9d:c5:9a:85:6d:bc:fa:84:8a:c2:
ff:ad:f4:e2:ae:66:ad:ca:ea:a5:4d:39:96:10:9c:
5b:2a:c1:13:8d:6c:43:bf:17:b7:be:3d:fe:a5:47:
e4:44:f1:ed:5c:6c:61:73:3b:35:93:ee:3e:f0:3a:
bb:03:f8:10:2b:92:51:4e:7b:26:63:5d:5e:50:8e:
8d:35:b5:d2:96:36:6e:81:e2:28:3b:c8:df:c0:c6:
f1:a1:89:73:07:5e:e2:3e:ee:1e:5e:6c:44:76:23:
d1:fb:1f:7e:f7:19:08:63:7e:8b:b1:f6:41:be:83:
cc:7c:de:ce:3d:ff:24:d1:9b:2c:ae:08:22:8b:07:
07:26:e1:28:b2:50:3f:78:42:cb:f7:02:60:3f:8c:
66:a8:b9:a3:ca:98:ff:3b:59:40:81:48:fe:e1:95:
00:25:78:82:ac:b7:3d:34:ee:71:56:ba:ba:09:f4:
0f:b8:a1:ed:e9:16:a0:ef:ad:37:08:81:8f:7b:3f:
c7:2c:63:c9:d6:5c:99:df:25:19:5b:8b:1a:a5:a8:
bf:30:06:2a:24:74:72:07:66:ea:5d:a8:28:0b:d9:
66:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:87:03:85:51:7C:B3:54:EC:7F:77:C7:2F:A8:01:46:19:FF:64:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85B3DC50664611F09EE69183DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.123.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:66:4e:c5:e2:10:b9:e7:11:ea:25:55:b6:34:d2:fc:3f:92:
b4:d9:97:37:49:56:13:5e:12:e3:04:85:4e:e2:bc:6f:73:ee:
83:05:61:6a:8f:13:3b:17:61:c8:b4:d7:8d:ce:61:49:58:ed:
aa:01:08:3c:19:96:df:2a:9d:a9:19:03:8b:82:ee:27:d3:fb:
53:aa:ac:69:99:c6:1d:16:65:3e:9c:8b:ef:d5:ea:7b:43:1b:
60:30:a2:71:8e:e6:51:89:d2:a7:d2:01:11:8e:9b:61:3a:86:
32:e9:37:22:9f:24:c8:35:ac:01:6b:12:9e:d9:3f:46:f8:f2:
8b:ed:5d:de:8e:87:c6:d4:c2:ec:49:93:98:67:b3:22:c1:91:
50:f4:9e:23:e8:97:9e:86:1d:d3:7d:50:3c:2f:7d:07:14:56:
25:81:cd:52:0b:4b:f3:f5:71:5a:59:2b:32:42:9d:03:a0:04:
50:65:64:81:44:82:3c:d6:e4:93:e8:99:4e:d3:34:07:55:88:
87:f0:10:f6:0e:89:8c:98:38:6b:a9:3a:e5:c4:bf:2c:6c:53:
ef:a6:a6:6c:52:3f:59:d2:b9:3a:1e:d4:26:04:eb:b9:19:d3:
dd:03:09:e7:24:21:8f:54:3a:34:bb:cb:2f:6b:f9:15:20:06:
4c:c8:66:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY6DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIxMTUyMjI4WhcNMjUwOTAzMTUyMjI4WjAYMRYw
FAYDVQQDEw02ODdlNWIzOS0yM2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyg8pnmdO17mK6vUzBkx1/i1kHja3KKCbz7Ui42TIT8UXrZ3FmoVtvPqE
isL/rfTirmatyuqlTTmWEJxbKsETjWxDvxe3vj3+pUfkRPHtXGxhczs1k+4+8Dq7
A/gQK5JRTnsmY11eUI6NNbXSljZugeIoO8jfwMbxoYlzB17iPu4eXmxEdiPR+x9+
9xkIY36LsfZBvoPMfN7OPf8k0ZssrggiiwcHJuEoslA/eELL9wJgP4xmqLmjypj/
O1lAgUj+4ZUAJXiCrLc9NO5xVrq6CfQPuKHt6Rag7603CIGPez/HLGPJ1lyZ3yUZ
W4sapai/MAYqJHRyB2bqXagoC9lmVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDWH
A4VRfLNU7H93xy+oAUYZ/2SHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUIzREM1MDY2NDYxMUYwOUVFNjkxODNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml17MA0GCSqGSIb3DQEB
CwUAA4IBAQDCZk7F4hC55xHqJVW2NNL8P5K02Zc3SVYTXhLjBIVO4rxvc+6DBWFq
jxM7F2HItNeNzmFJWO2qAQg8GZbfKp2pGQOLgu4n0/tTqqxpmcYdFmU+nIvv1ep7
QxtgMKJxjuZRidKn0gERjpthOoYy6TcinyTINawBaxKe2T9G+PKL7V3ejofG1MLs
SZOYZ7MiwZFQ9J4j6Jeehh3TfVA8L30HFFYlgc1SC0vz9XFaWSsyQp0DoARQZWSB
RII81uST6JlO0zQHVYiH8BD2DomMmDhrqTrlxL8sbFPvpqZsUj9Z0rk6HtQmBOu5
GdPdAwnnJCGPVDo0u8sva/kVIAZMyGZd
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:30:55 2025 by rpki-client