Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ACDB6B4A6FE211F0B5B1B395DAE4EC9C.roa
File: ACDB6B4A6FE211F0B5B1B395DAE4EC9C.roa (raw, json)
Hash identifier: ZEBfnu8k7slYxXxv/JuCGSGCYNXYcyDQH38WuZQdbTk=
Subject key identifier: 6A:FF:DF:D0:80:52:5F:6A:D4:5E:9F:96:D1:17:4F:2F:EC:D8:52:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019076
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ACDB6B4A6FE211F0B5B1B395DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 20:53:01 +0000
ROA not before: Sat 02 Aug 2025 20:52:55 +0000
ROA not after: Wed 24 Sep 2025 20:52:55 +0000
asID: 8796
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102518 (0x19076)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 20:52:55 2025 GMT
Not After : Sep 24 20:52:55 2025 GMT
Subject: CN=688e7aac-c9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:13:d6:ca:31:8c:4d:53:cf:fb:0a:c5:77:07:
88:bd:95:05:7a:e7:8e:1c:3d:bf:1d:02:f3:b8:f2:
54:33:3b:bc:52:c0:e9:6d:a2:74:ee:5f:c4:3a:c4:
43:94:43:15:a6:e7:cf:07:09:36:8d:67:17:67:aa:
c8:f6:79:6e:bf:e2:c8:ca:f0:6d:b2:95:89:0b:2e:
9a:e1:57:83:78:d5:3a:63:c9:c1:0c:07:33:7c:0e:
60:8f:8f:84:38:1a:4f:1b:71:0f:62:4c:2e:59:85:
36:bc:f7:de:ef:97:54:52:7a:09:db:65:77:3a:c7:
c6:c4:e7:dd:96:0b:f6:18:41:94:6a:a6:b4:6f:b8:
0c:f2:96:c7:6b:37:0b:22:8a:0a:6e:d7:a0:86:13:
6f:04:b2:9b:bf:67:b5:c0:e1:43:61:fc:64:2f:8c:
6d:3d:ef:78:0a:92:5a:f7:e0:44:3c:c3:62:ee:4e:
56:ad:39:f1:89:06:53:16:80:b0:0e:c4:64:67:f5:
29:7b:a3:32:d7:69:df:42:77:69:4a:5a:8a:97:dd:
69:94:09:a2:c3:44:0b:0d:50:45:b4:ed:b3:3b:8a:
cf:95:0e:43:f2:05:ba:cc:24:58:2f:7e:5f:00:14:
a5:ea:4f:b3:88:d8:eb:f1:48:51:a5:dc:d8:c3:eb:
9b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FF:DF:D0:80:52:5F:6A:D4:5E:9F:96:D1:17:4F:2F:EC:D8:52:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ACDB6B4A6FE211F0B5B1B395DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e2:d3:9a:21:aa:d9:4e:18:a6:11:56:70:d8:f5:fd:71:51:
fd:b3:ae:96:26:93:20:fd:c9:82:8f:7c:c7:5f:70:93:a6:7e:
56:b3:74:ec:23:d2:9d:1e:65:5c:1f:fc:4f:e3:49:0d:b7:bc:
dd:24:eb:61:e6:0b:fe:06:c0:55:c5:99:5b:dc:e9:c0:a5:d0:
9f:11:f0:e6:71:c9:0d:57:4e:70:4a:69:42:24:42:56:e8:b0:
27:a7:b1:54:f4:52:20:f5:4e:95:13:19:b6:df:b5:29:05:14:
5a:b5:e5:39:3a:cd:6c:27:53:7a:1b:75:90:03:25:b4:b4:aa:
24:c2:ce:3b:80:d3:05:0b:73:8e:07:41:4d:52:4f:ea:87:57:
01:87:6b:e5:75:5b:da:24:d3:3e:ad:1c:29:7b:3d:09:d9:2f:
f2:bd:d7:ae:c3:10:12:96:56:b4:d4:f0:d5:84:51:30:0a:53:
3a:4a:26:2b:a9:9e:a6:0c:53:f1:1b:6e:2b:8c:42:4c:2c:96:
89:8e:aa:ec:ec:c6:03:5d:49:b1:60:78:99:bc:ae:1d:22:60:
b8:11:7b:ef:c0:9e:ca:d8:fa:10:b3:4b:6c:ed:49:c4:22:cc:
b1:94:7a:e4:8a:10:12:5e:de:e2:d1:e5:16:e5:98:df:fd:90:
31:4a:ff:25
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAZB2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMjA1MjU1WhcNMjUwOTI0MjA1MjU1WjAYMRYw
FAYDVQQDEw02ODhlN2FhYy1jOWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhPWyjGMTVPP+wrFdweIvZUFeueOHD2/HQLzuPJUMzu8UsDpbaJ07l/E
OsRDlEMVpufPBwk2jWcXZ6rI9nluv+LIyvBtspWJCy6a4VeDeNU6Y8nBDAczfA5g
j4+EOBpPG3EPYkwuWYU2vPfe75dUUnoJ22V3OsfGxOfdlgv2GEGUaqa0b7gM8pbH
azcLIooKbteghhNvBLKbv2e1wOFDYfxkL4xtPe94CpJa9+BEPMNi7k5WrTnxiQZT
FoCwDsRkZ/Upe6My12nfQndpSlqKl91plAmiw0QLDVBFtO2zO4rPlQ5D8gW6zCRY
L35fABSl6k+ziNjr8UhRpdzYw+ubRwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFGr/
39CAUl9q1F6fltEXTy/s2FL6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQ0RCNkI0QTZGRTIxMUYwQjVCMUIzOTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASaWZADBASaWcADBACa
XxgwDQYJKoZIhvcNAQELBQADggEBAE3i05ohqtlOGKYRVnDY9f1xUf2zrpYmkyD9
yYKPfMdfcJOmflazdOwj0p0eZVwf/E/jSQ23vN0k62HmC/4GwFXFmVvc6cCl0J8R
8OZxyQ1XTnBKaUIkQlbosCensVT0UiD1TpUTGbbftSkFFFq15Tk6zWwnU3obdZAD
JbS0qiTCzjuA0wULc44HQU1ST+qHVwGHa+V1W9ok0z6tHCl7PQnZL/K9167DEBKW
VrTU8NWEUTAKUzpKJiupnqYMU/EbbiuMQkwslomOquzsxgNdSbFgeJm8rh0iYLgR
e+/AnsrY+hCzS2ztScQizLGUeuSKEBJe3uLR5RblmN/9kDFK/yU=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:55:40 2025 by rpki-client