Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D67B5866EAE11F097F192CCDAE4EC9C.roa
File: 9D67B5866EAE11F097F192CCDAE4EC9C.roa (raw, json)
Hash identifier: 2O+zOEtT680aogpv3E/PWcG7vB8PV1bcRF66eANpz5Y=
Subject key identifier: FD:F0:A7:7F:D4:A5:DD:C2:C0:1F:77:EF:FC:3D:CF:CC:88:8D:86:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01901F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D67B5866EAE11F097F192CCDAE4EC9C.roa
Signing time: Fri 01 Aug 2025 08:07:50 +0000
ROA not before: Fri 01 Aug 2025 08:07:42 +0000
ROA not after: Sat 06 Sep 2025 08:07:42 +0000
asID: 20326
IP address blocks: 154.202.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102431 (0x1901f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 1 08:07:42 2025 GMT
Not After : Sep 6 08:07:42 2025 GMT
Subject: CN=688c75d6-d097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:55:0b:52:b0:06:0a:f0:91:0e:05:57:14:52:
8c:19:c3:bb:cc:2a:d4:b1:e9:a6:35:3b:a7:cf:4c:
97:e7:10:69:29:02:44:5d:52:b3:14:2c:2d:e9:59:
09:98:fd:71:13:8f:61:31:38:87:24:ef:b4:bc:f7:
be:d1:72:41:e4:97:59:b1:9d:64:c5:5b:1f:e1:bc:
3e:0b:60:5f:5a:4f:4a:27:55:ac:49:5d:4c:4f:23:
de:87:ed:37:ff:07:16:c2:14:5f:7d:9b:11:85:e2:
41:29:ed:24:ce:96:90:4f:1d:f9:52:64:72:45:87:
c6:61:e4:78:9c:cb:1b:54:67:7a:a6:c1:99:83:85:
0b:91:53:2e:9f:dd:80:3a:0c:6d:85:05:6c:78:d5:
56:a8:b5:30:5d:a4:3d:5b:65:00:4b:0c:e5:4b:8a:
66:6f:a2:fd:e4:ce:1d:c5:9c:c1:71:c4:41:94:41:
ae:34:3c:d9:d1:51:81:0a:73:b7:91:de:09:a1:54:
33:46:2e:65:b3:9c:a2:43:3a:fd:56:90:7e:c8:e5:
f5:4d:67:35:df:0c:24:79:3d:62:8d:0c:15:c8:63:
e8:d0:24:8b:50:97:8f:04:1c:70:7b:ff:1c:64:4a:
17:8e:72:50:1a:e0:6f:f3:ba:5d:b6:da:bd:86:a0:
f6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F0:A7:7F:D4:A5:DD:C2:C0:1F:77:EF:FC:3D:CF:CC:88:8D:86:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D67B5866EAE11F097F192CCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.4.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c1:03:cf:bf:49:7e:12:c3:42:38:35:b5:74:e2:54:ed:d4:
33:4f:47:6d:f1:97:2a:98:4b:1a:27:d8:2c:b7:84:4f:47:bd:
f9:58:9b:84:51:04:6a:ff:07:e3:35:ef:81:f4:0a:d1:1f:02:
74:16:b4:92:87:f5:c7:22:e0:3e:4a:ad:0c:58:ea:29:ed:73:
68:d7:c2:9c:31:29:d5:fe:82:21:7e:8f:b6:e2:22:d3:1d:46:
03:0b:46:42:a4:6a:a2:1f:d0:f1:d8:56:bc:ee:2f:6b:9e:f0:
83:11:61:99:ae:12:90:71:48:37:55:2e:38:12:bf:e6:00:47:
c2:72:df:09:7f:38:59:3f:f1:68:94:c1:8a:df:68:ce:40:aa:
a1:9b:78:25:9b:a2:52:0c:0d:74:3d:6a:35:42:88:76:ae:2a:
d6:0f:bf:5b:5c:02:7c:52:6f:ff:ac:dc:38:fb:0c:1e:3f:e2:
82:08:97:a3:12:ac:07:cf:7c:90:6b:e7:51:79:00:68:1e:01:
4d:1f:ba:d6:ba:84:4d:3c:41:d1:66:ed:d6:cd:11:ac:d2:12:
b6:62:40:1e:59:b2:9a:01:e9:d0:ab:9d:d5:25:72:e9:bc:b0:
b7:d4:ae:44:90:a6:d3:63:4d:a2:61:da:98:86:a9:3f:b7:04:
f5:40:9e:8e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZAfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAxMDgwNzQyWhcNMjUwOTA2MDgwNzQyWjAYMRYw
FAYDVQQDEw02ODhjNzVkNi1kMDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqVULUrAGCvCRDgVXFFKMGcO7zCrUsemmNTunz0yX5xBpKQJEXVKzFCwt
6VkJmP1xE49hMTiHJO+0vPe+0XJB5JdZsZ1kxVsf4bw+C2BfWk9KJ1WsSV1MTyPe
h+03/wcWwhRffZsRheJBKe0kzpaQTx35UmRyRYfGYeR4nMsbVGd6psGZg4ULkVMu
n92AOgxthQVseNVWqLUwXaQ9W2UASwzlS4pmb6L95M4dxZzBccRBlEGuNDzZ0VGB
CnO3kd4JoVQzRi5ls5yiQzr9VpB+yOX1TWc13wwkeT1ijQwVyGPo0CSLUJePBBxw
e/8cZEoXjnJQGuBv87pdttq9hqD2cQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP3w
p3/Upd3CwB937/w9z8yIjYbSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDY3QjU4NjZFQUUxMUYwOTdGMTkyQ0NEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoEMA0GCSqGSIb3DQEB
CwUAA4IBAQBkwQPPv0l+EsNCODW1dOJU7dQzT0dt8ZcqmEsaJ9gst4RPR735WJuE
UQRq/wfjNe+B9ArRHwJ0FrSSh/XHIuA+Sq0MWOop7XNo18KcMSnV/oIhfo+24iLT
HUYDC0ZCpGqiH9Dx2Fa87i9rnvCDEWGZrhKQcUg3VS44Er/mAEfCct8JfzhZP/Fo
lMGK32jOQKqhm3glm6JSDA10PWo1Qoh2rirWD79bXAJ8Um//rNw4+wweP+KCCJej
EqwHz3yQa+dReQBoHgFNH7rWuoRNPEHRZu3WzRGs0hK2YkAeWbKaAenQq53VJXLp
vLC31K5EkKbTY02iYdqYhqk/twT1QJ6O
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:17:37 2025 by rpki-client