Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9BEF68C6D1D11F0A477319ADAE4EC9C.roa
File: B9BEF68C6D1D11F0A477319ADAE4EC9C.roa (raw, json)
Hash identifier: Oc4WpyATUv+rz2/RZI4ocN+YjjgqSgKDSHkolP7z8xY=
Subject key identifier: 09:CB:19:21:3F:5A:C7:CA:86:61:94:04:7F:B2:50:0E:40:8E:27:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FFB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9BEF68C6D1D11F0A477319ADAE4EC9C.roa
Signing time: Wed 30 Jul 2025 08:18:09 +0000
ROA not before: Wed 30 Jul 2025 08:18:04 +0000
ROA not after: Tue 02 Sep 2025 08:18:04 +0000
asID: 23470
IP address blocks: 154.202.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102395 (0x18ffb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 30 08:18:04 2025 GMT
Not After : Sep 2 08:18:04 2025 GMT
Subject: CN=6889d541-5108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:18:3d:a4:6b:ac:1b:ec:70:cf:23:34:de:90:
71:d4:84:00:5d:1c:d5:45:e8:80:99:3b:b2:7e:e6:
27:ba:71:d0:ab:7d:ea:ef:51:4d:30:4c:a4:27:cf:
41:22:b4:92:b8:bd:c3:67:17:a8:31:a9:63:17:bc:
1f:1d:7d:3a:19:7b:c4:20:8c:4d:d8:6f:b9:9d:d3:
22:ec:1c:c3:52:3a:15:2d:57:b0:ce:25:07:05:d1:
4f:b0:5e:7d:bc:4c:be:f3:c8:f2:ff:b8:35:94:a2:
6c:85:8c:74:d9:5d:86:95:93:b6:a1:09:b3:a4:03:
d5:eb:22:7c:90:ae:b3:5a:ff:c8:63:81:21:23:a2:
de:ba:78:b6:53:01:16:5a:63:ce:bd:29:c3:0d:31:
e7:f5:66:be:73:51:3c:5b:88:cf:df:91:a3:30:23:
ae:df:a2:0c:a0:e3:85:55:3f:12:39:46:71:e6:d5:
4e:78:59:95:8d:ee:80:47:94:eb:0e:85:a0:fd:f9:
7b:51:ae:3b:20:72:ca:cd:4b:73:7e:a2:ae:17:8b:
9b:cd:4e:a1:90:ae:1c:23:11:d3:98:20:af:69:ba:
56:ca:54:9a:ef:cc:82:9d:95:d5:39:69:5b:5e:d2:
d7:6b:f1:3e:61:c5:32:1d:f1:97:37:ad:e9:ee:95:
3d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CB:19:21:3F:5A:C7:CA:86:61:94:04:7F:B2:50:0E:40:8E:27:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9BEF68C6D1D11F0A477319ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.0.0/24
Signature Algorithm: sha256WithRSAEncryption
23:59:dc:6e:f5:23:cc:fb:8f:0f:5b:e9:c6:c6:4d:5a:ee:30:
30:49:ba:1c:87:78:f8:4d:a5:2f:8b:e2:c3:c8:e8:75:ca:c2:
4c:55:67:de:3c:4c:58:65:0f:ea:23:23:73:4a:ad:9f:b2:74:
02:d7:c5:06:82:01:be:c7:a1:0e:e3:76:69:20:a6:0c:79:d4:
c2:68:9a:db:bf:0c:1e:32:0c:c2:23:3e:fd:75:d6:6d:92:72:
77:5e:74:13:39:d5:c9:a6:80:9e:b9:82:ee:ed:d8:8d:d7:07:
a3:33:a6:00:08:5e:33:9f:5b:3c:9a:a3:0b:35:5c:96:00:cb:
b0:a1:91:ba:60:40:37:2e:f3:18:46:e1:33:b2:f8:50:b8:66:
37:44:21:05:6a:80:85:31:66:db:94:b4:d1:1b:c1:c2:58:b9:
c7:3c:45:57:1a:8b:d6:e2:6f:8e:5f:a7:8a:4e:cc:42:ad:c5:
be:c0:22:af:a3:b3:cb:f8:07:2a:f8:d8:f8:0d:11:ae:c0:9f:
09:85:9b:43:71:60:9f:32:77:2c:56:b6:08:b3:14:dd:da:43:
d4:0e:f2:e7:82:d5:ea:23:d9:f4:a8:08:a6:2c:d5:4f:16:a4:
c0:39:2c:48:9a:97:9b:ad:29:5a:f2:43:67:20:45:2c:0d:84:
77:a0:3a:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY/7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzMwMDgxODA0WhcNMjUwOTAyMDgxODA0WjAYMRYw
FAYDVQQDEw02ODg5ZDU0MS01MTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsRg9pGusG+xwzyM03pBx1IQAXRzVReiAmTuyfuYnunHQq33q71FNMEyk
J89BIrSSuL3DZxeoMaljF7wfHX06GXvEIIxN2G+5ndMi7BzDUjoVLVewziUHBdFP
sF59vEy+88jy/7g1lKJshYx02V2GlZO2oQmzpAPV6yJ8kK6zWv/IY4EhI6Leuni2
UwEWWmPOvSnDDTHn9Wa+c1E8W4jP35GjMCOu36IMoOOFVT8SOUZx5tVOeFmVje6A
R5TrDoWg/fl7Ua47IHLKzUtzfqKuF4ubzU6hkK4cIxHTmCCvabpWylSa78yCnZXV
OWlbXtLXa/E+YcUyHfGXN63p7pU9AwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAnL
GSE/WsfKhmGUBH+yUA5AjidvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUJFRjY4QzZEMUQxMUYwQTQ3NzMxOUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjWdxu9SPM+48PW+nGxk1a7jAwSboch3j4TaUvi+LDyOh1ysJMVWfe
PExYZQ/qIyNzSq2fsnQC18UGggG+x6EO43ZpIKYMedTCaJrbvwweMgzCIz79ddZt
knJ3XnQTOdXJpoCeuYLu7diN1wejM6YACF4zn1s8mqMLNVyWAMuwoZG6YEA3LvMY
RuEzsvhQuGY3RCEFaoCFMWbblLTRG8HCWLnHPEVXGovW4m+OX6eKTsxCrcW+wCKv
o7PL+Acq+Nj4DRGuwJ8JhZtDcWCfMncsVrYIsxTd2kPUDvLngtXqI9n0qAimLNVP
FqTAOSxImpebrSla8kNnIEUsDYR3oDoA
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:57:44 2025 by rpki-client