Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B85D26BA692111F0B28F15ABDAE4EC9C.roa
File: B85D26BA692111F0B28F15ABDAE4EC9C.roa (raw, json)
Hash identifier: 14DJI0RQ42kcvXOwVmwY5xe5JMjHuZwefqdZe8OFzcc=
Subject key identifier: 83:AE:D7:C8:56:B4:40:75:D5:B7:2A:B9:9D:15:8B:78:9D:F0:24:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FA1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B85D26BA692111F0B28F15ABDAE4EC9C.roa
Signing time: Fri 25 Jul 2025 06:36:40 +0000
ROA not before: Fri 25 Jul 2025 06:36:35 +0000
ROA not after: Sun 24 Aug 2025 06:36:35 +0000
asID: 203020
IP address blocks: 154.195.32.0/19 maxlen: 24
154.198.128.0/19 maxlen: 24
154.212.32.0/19 maxlen: 24
154.214.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102305 (0x18fa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 25 06:36:35 2025 GMT
Not After : Aug 24 06:36:35 2025 GMT
Subject: CN=688325f8-ffb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:59:37:1a:27:6a:5b:75:0b:58:35:35:79:7a:
82:3e:4a:5e:27:e7:73:50:b2:02:30:1f:8c:9f:7a:
e9:88:f3:33:ea:be:df:b6:fd:0a:83:78:69:de:61:
59:af:f2:e0:7c:37:5e:24:40:88:c2:53:74:3b:c2:
88:92:68:2d:b7:a8:86:5b:e3:5a:72:88:a8:ab:83:
1d:97:58:3d:77:f9:d2:f9:7c:8c:a9:0f:ae:8c:78:
55:d1:25:a4:fa:17:95:69:57:6e:77:99:34:c0:59:
5a:c7:48:b3:a0:70:98:ff:41:10:d1:a0:44:a6:24:
a5:6c:ac:5b:d1:ac:c7:ec:82:93:3b:87:c9:48:ff:
0a:15:5d:4a:0c:92:50:5e:d7:72:82:69:92:33:30:
52:dd:ab:29:13:a8:75:19:b9:b4:48:42:7e:87:ff:
02:eb:40:51:4e:53:e6:d3:e3:2a:5a:56:c9:d3:42:
2d:d7:61:5d:9e:8f:cd:82:6e:2e:3e:ac:ba:ac:a6:
63:b2:40:5b:d4:7c:e3:f3:6a:ab:92:fd:ec:70:bb:
4c:64:6b:de:0e:f3:eb:82:72:31:14:e7:59:be:ec:
64:c4:ca:25:58:76:70:f0:34:b2:c2:09:e8:64:da:
b1:4b:65:36:dd:9f:fb:d2:44:ba:1d:2d:bb:92:a4:
d9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:AE:D7:C8:56:B4:40:75:D5:B7:2A:B9:9D:15:8B:78:9D:F0:24:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B85D26BA692111F0B28F15ABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.32.0/19
154.198.128.0/19
154.212.32.0/19
154.214.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1b:76:6d:4e:93:54:4c:43:46:d9:2b:90:4d:d2:51:56:fd:0f:
8d:5f:92:ae:1d:8f:d1:ce:4e:d3:53:b8:ba:1e:2c:34:c4:8a:
ea:bc:35:20:74:0c:65:5e:e9:e4:84:7a:f6:fa:6e:b4:53:47:
93:97:b9:3c:f2:6e:d0:51:50:d2:78:67:b3:bf:ef:4c:92:ea:
4a:b4:4b:03:e0:12:8b:65:a4:d3:12:9d:2a:73:fe:04:b6:4e:
8c:5d:e2:31:46:63:d5:d1:08:fb:30:98:5e:54:a1:56:0f:51:
94:94:05:b4:ac:20:99:53:33:00:ad:31:7e:1e:47:d8:b4:71:
43:d8:3d:7d:a5:e9:7c:d3:8f:69:a0:1c:df:5f:48:7f:e3:8b:
04:d3:3c:f1:31:35:b1:f3:4f:2c:61:0a:b8:96:aa:25:6a:17:
52:44:f5:d5:7b:c9:67:9b:65:36:1d:ce:a4:b5:55:b7:d1:cd:
03:dd:4a:b6:81:d8:ab:02:95:74:dc:07:1c:11:5a:76:45:9a:
91:74:7c:84:8f:5c:65:06:d5:f7:d7:f2:e5:6e:71:d6:ec:67:
bb:bb:c4:ff:91:1f:e1:e0:d3:37:7e:9b:af:82:80:fc:bc:ab:
0e:c5:78:e4:ce:80:ce:eb:14:81:1e:86:bd:31:df:85:12:ff:
40:e2:b5:39
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAY+hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI1MDYzNjM1WhcNMjUwODI0MDYzNjM1WjAYMRYw
FAYDVQQDEw02ODgzMjVmOC1mZmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Vk3GidqW3ULWDU1eXqCPkpeJ+dzULICMB+Mn3rpiPMz6r7ftv0Kg3hp
3mFZr/LgfDdeJECIwlN0O8KIkmgtt6iGW+Nacoioq4Mdl1g9d/nS+XyMqQ+ujHhV
0SWk+heVaVdud5k0wFlax0izoHCY/0EQ0aBEpiSlbKxb0azH7IKTO4fJSP8KFV1K
DJJQXtdygmmSMzBS3aspE6h1Gbm0SEJ+h/8C60BRTlPm0+MqWlbJ00It12Fdno/N
gm4uPqy6rKZjskBb1Hzj82qrkv3scLtMZGveDvPrgnIxFOdZvuxkxMolWHZw8DSy
wgnoZNqxS2U23Z/70kS6HS27kqTZkwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFIOu
18hWtEB11bcquZ0Vi3id8CS/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CODVEMjZCQTY5MjExMUYwQjI4RjE1QUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFmsMgAwQFmsaAAwQFmtQg
AwQGmtbAMA0GCSqGSIb3DQEBCwUAA4IBAQAbdm1Ok1RMQ0bZK5BN0lFW/Q+NX5Ku
HY/Rzk7TU7i6Hiw0xIrqvDUgdAxlXunkhHr2+m60U0eTl7k88m7QUVDSeGezv+9M
kupKtEsD4BKLZaTTEp0qc/4Etk6MXeIxRmPV0Qj7MJheVKFWD1GUlAW0rCCZUzMA
rTF+HkfYtHFD2D19pel8049poBzfX0h/44sE0zzxMTWx808sYQq4lqolahdSRPXV
e8lnm2U2Hc6ktVW30c0D3Uq2gdirApV03AccEVp2RZqRdHyEj1xlBtX31/LlbnHW
7Ge7u8T/kR/h4NM3fpuvgoD8vKsOxXjkzoDO6xSBHoa9Md+FEv9A4rU5
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:17:59 2025 by rpki-client