Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CB5DBB4663E11F091A51FD1DAE4EC9C.roa
File: 8CB5DBB4663E11F091A51FD1DAE4EC9C.roa (raw, json)
Hash identifier: QoShPaPLU/cPIxbR00cF1qHipDNTBTHQGoFP7SLMYJg=
Subject key identifier: 9F:81:6C:DD:B3:E0:58:DC:2B:69:05:F3:10:DA:E1:79:B0:FD:7F:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CB5DBB4663E11F091A51FD1DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 14:25:29 +0000
ROA not before: Mon 21 Jul 2025 14:25:24 +0000
ROA not after: Wed 16 Sep 2026 14:25:24 +0000
asID: 13335
IP address blocks: 154.223.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 05 Aug 2025 00:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102005 (0x18e75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 21 14:25:24 2025 GMT
Not After : Sep 16 14:25:24 2026 GMT
Subject: CN=687e4dd9-553d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:69:2a:4e:e8:5d:5a:19:02:e6:08:56:c5:
68:08:c1:e3:23:30:8d:d9:6b:3c:98:38:13:15:3b:
75:c4:ec:fa:58:ca:99:cc:9a:a0:6f:92:b5:28:c5:
e2:08:12:5d:58:4e:62:81:12:99:85:91:58:f9:d1:
87:59:5c:c5:19:b3:25:76:a2:60:2d:95:f0:4e:59:
de:65:1c:2a:50:d7:1d:54:70:f5:10:6d:54:91:73:
42:db:7f:1c:2a:03:06:43:d0:03:99:2f:3a:33:f4:
a6:b9:e8:56:14:2d:14:41:b2:54:a1:10:5b:78:9c:
b1:02:ed:9a:6f:d9:40:5c:4e:1f:71:c7:a5:92:d1:
0a:4d:52:91:65:34:76:86:65:a6:5d:b5:e4:1a:ab:
c5:de:25:f2:74:78:91:65:2f:0c:7d:98:20:39:57:
48:45:f7:e2:5d:f7:42:10:d8:21:5e:3c:5d:72:25:
6d:b0:fc:7c:24:9e:e1:13:f8:cb:b2:a0:1a:fa:fd:
97:fd:2c:a2:87:94:f5:b3:9c:a6:e9:03:32:c0:05:
f3:e2:cf:53:96:dd:11:3c:0f:5a:c4:68:9c:df:40:
d7:ed:28:00:eb:b8:c0:ec:3f:63:b3:3e:04:76:24:
f5:60:8b:03:76:20:30:4f:cc:f0:5b:e9:4d:1f:c1:
2a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:81:6C:DD:B3:E0:58:DC:2B:69:05:F3:10:DA:E1:79:B0:FD:7F:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CB5DBB4663E11F091A51FD1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.134.0/23
Signature Algorithm: sha256WithRSAEncryption
56:37:31:5e:d0:86:20:3c:73:66:61:4c:8a:51:47:9c:b6:81:
0f:88:7d:ad:17:91:7c:2c:f5:35:f7:4f:ae:20:ab:c2:f9:7c:
03:52:9c:09:d1:12:51:36:bd:b2:65:62:9b:e2:e4:2b:23:a0:
5c:4b:7e:23:d9:4d:67:4c:23:b1:43:cc:2e:de:a9:64:04:38:
7c:e0:0d:cc:43:79:17:2d:1a:06:8b:3f:32:7a:62:1b:ec:2c:
c8:47:3c:cb:de:0d:a3:16:cd:a3:41:04:d2:76:2a:b9:cb:e6:
9f:42:14:e4:e7:66:9b:a8:16:22:94:bb:e1:4b:69:a2:3b:81:
a3:4e:4b:c5:b8:ae:59:db:85:14:00:79:07:c5:65:c5:1e:e0:
8f:dd:11:5f:e0:e2:d9:d1:78:e8:a2:41:d8:8a:21:62:8c:af:
97:c9:33:df:3f:a1:8b:3c:73:8f:04:45:76:78:96:29:ed:d3:
a6:55:af:a9:a0:24:d0:96:78:66:e0:51:d8:0a:61:ed:c0:f3:
4c:d1:37:e5:a7:29:b3:00:23:1b:b1:f4:d9:a6:d4:60:b4:10:
a6:05:bb:ae:9f:c6:a4:17:6b:b5:a0:96:ed:10:3d:69:5f:ae:
73:66:e5:60:2d:e5:81:bf:da:7f:87:99:e3:a7:ba:e3:aa:08:
a8:87:b9:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY51MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIxMTQyNTI0WhcNMjYwOTE2MTQyNTI0WjAYMRYw
FAYDVQQDEw02ODdlNGRkOS01NTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwRhpKk7oXVoZAuYIVsVoCMHjIzCN2Ws8mDgTFTt1xOz6WMqZzJqgb5K1
KMXiCBJdWE5igRKZhZFY+dGHWVzFGbMldqJgLZXwTlneZRwqUNcdVHD1EG1UkXNC
238cKgMGQ9ADmS86M/SmuehWFC0UQbJUoRBbeJyxAu2ab9lAXE4fccelktEKTVKR
ZTR2hmWmXbXkGqvF3iXydHiRZS8MfZggOVdIRffiXfdCENghXjxdciVtsPx8JJ7h
E/jLsqAa+v2X/Syih5T1s5ym6QMywAXz4s9Tlt0RPA9axGic30DX7SgA67jA7D9j
sz4EdiT1YIsDdiAwT8zwW+lNH8EqnwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ+B
bN2z4FjcK2kF8xDa4Xmw/X85MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Q0I1REJCNDY2M0UxMUYwOTFBNTFGRDFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt+GMA0GCSqGSIb3DQEB
CwUAA4IBAQBWNzFe0IYgPHNmYUyKUUectoEPiH2tF5F8LPU190+uIKvC+XwDUpwJ
0RJRNr2yZWKb4uQrI6BcS34j2U1nTCOxQ8wu3qlkBDh84A3MQ3kXLRoGiz8yemIb
7CzIRzzL3g2jFs2jQQTSdiq5y+afQhTk52abqBYilLvhS2miO4GjTkvFuK5Z24UU
AHkHxWXFHuCP3RFf4OLZ0XjookHYiiFijK+XyTPfP6GLPHOPBEV2eJYp7dOmVa+p
oCTQlnhm4FHYCmHtwPNM0TflpymzACMbsfTZptRgtBCmBbuun8akF2u1oJbtED1p
X65zZuVgLeWBv9p/h5njp7rjqgioh7mK
-----END CERTIFICATE-----
Generated at Mon Aug 4 01:34:47 2025 by rpki-client