Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC2BE03A6B8B11F0A00DE5E0DAE4EC9C.roa
File: BC2BE03A6B8B11F0A00DE5E0DAE4EC9C.roa (raw, json)
Hash identifier: fDLGG93IcYrF/vpvS5AZmamxdco+JjBkh6/PPjrY298=
Subject key identifier: C1:08:4E:78:17:74:78:83:F2:16:1A:7F:AB:F8:86:B7:2F:D3:89:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FC2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC2BE03A6B8B11F0A00DE5E0DAE4EC9C.roa
Signing time: Mon 28 Jul 2025 08:20:35 +0000
ROA not before: Mon 28 Jul 2025 08:20:31 +0000
ROA not after: Sat 01 Nov 2025 08:20:31 +0000
asID: 328608
IP address blocks: 154.214.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102338 (0x18fc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 28 08:20:31 2025 GMT
Not After : Nov 1 08:20:31 2025 GMT
Subject: CN=688732d3-863a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:79:e5:49:8e:bb:b0:39:e5:69:cf:a1:f9:3b:
a3:10:45:73:19:69:5b:8a:09:22:44:90:9d:d3:74:
04:1c:dd:bb:1f:3f:3b:45:74:0a:89:87:50:4c:76:
5a:1e:27:63:d1:fe:5b:65:1a:2d:02:d3:f2:1f:f4:
ca:03:66:f1:83:af:80:80:df:2d:d1:3e:44:f7:7b:
26:c9:4c:7b:97:c4:0f:bb:e0:22:87:4c:c9:2e:8a:
39:63:0b:86:23:1c:88:f0:9a:cd:c5:b4:65:5b:ae:
70:29:c4:e7:30:b6:f3:fe:47:46:7c:f7:49:e9:e5:
ef:d5:78:1a:3c:23:9d:26:fb:cc:2f:a8:f0:8a:55:
3d:d4:63:70:66:5b:3d:86:c4:19:33:0a:7b:f9:06:
e8:ef:fa:09:09:fa:9d:43:2e:9b:18:82:91:b8:a5:
91:db:b3:31:db:0a:e8:02:9d:d6:9a:fb:8f:2e:31:
0e:5b:78:4c:f3:51:44:b7:6c:a4:b7:8b:3f:32:9a:
66:3b:b7:93:c1:7e:a8:b7:15:04:5a:b5:71:d1:5a:
e8:42:dd:97:0e:1f:e8:5e:47:d6:fc:c9:1a:c2:89:
94:59:03:0e:36:ff:59:b7:43:86:50:c7:c7:8d:39:
2e:78:80:f7:a6:f1:17:84:59:49:02:96:74:d8:30:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:08:4E:78:17:74:78:83:F2:16:1A:7F:AB:F8:86:B7:2F:D3:89:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC2BE03A6B8B11F0A00DE5E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.192.0/18
Signature Algorithm: sha256WithRSAEncryption
85:22:f3:63:01:ee:50:4d:f4:88:70:33:b0:fb:a5:28:91:09:
c8:8a:68:4e:f3:fc:f2:ea:bd:a2:a4:69:15:85:90:f5:1a:20:
3b:81:0f:97:c7:00:e4:e5:1e:79:60:a4:42:82:8f:ac:06:31:
3e:74:24:47:ee:49:5e:d8:55:57:0c:4c:4a:79:5a:89:28:ea:
5d:46:cc:ee:cf:17:55:58:53:fb:e5:0b:c0:1d:be:8a:99:a9:
65:1b:74:62:70:88:4f:f7:5c:c5:6f:c8:76:3b:1b:32:1c:ac:
82:d8:74:99:74:4b:91:1d:b3:08:2c:59:9d:31:3e:84:dd:df:
a0:07:17:ff:10:63:80:43:be:25:b1:2d:79:09:be:84:f0:a1:
99:14:5b:5a:83:24:75:e7:ef:4c:c2:88:4d:1e:e6:7c:67:a3:
e9:e3:e4:07:93:2c:b7:09:0e:81:b7:53:f8:1a:b8:20:44:81:
87:5e:d0:11:12:39:ec:f3:eb:9c:2b:8d:4c:1a:b6:c1:5d:bd:
87:67:7e:f3:62:b8:bd:62:e3:20:00:81:00:05:99:f5:d9:9f:
8a:16:74:b2:1b:54:4b:59:ad:6d:06:e9:d0:7e:57:20:29:bf:
d4:b6:0a:60:67:5f:b4:21:47:da:58:68:c0:7b:e8:ff:0e:b6:
f2:5d:13:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY/CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI4MDgyMDMxWhcNMjUxMTAxMDgyMDMxWjAYMRYw
FAYDVQQDEw02ODg3MzJkMy04NjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA03nlSY67sDnlac+h+TujEEVzGWlbigkiRJCd03QEHN27Hz87RXQKiYdQ
THZaHidj0f5bZRotAtPyH/TKA2bxg6+AgN8t0T5E93smyUx7l8QPu+Aih0zJLoo5
YwuGIxyI8JrNxbRlW65wKcTnMLbz/kdGfPdJ6eXv1XgaPCOdJvvML6jwilU91GNw
Zls9hsQZMwp7+Qbo7/oJCfqdQy6bGIKRuKWR27Mx2wroAp3WmvuPLjEOW3hM81FE
t2ykt4s/MppmO7eTwX6otxUEWrVx0VroQt2XDh/oXkfW/MkawomUWQMONv9Zt0OG
UMfHjTkueID3pvEXhFlJApZ02DDzhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMEI
TngXdHiD8hYaf6v4hrcv04nVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQzJCRTAzQTZCOEIxMUYwQTAwREU1RTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtbAMA0GCSqGSIb3DQEB
CwUAA4IBAQCFIvNjAe5QTfSIcDOw+6UokQnIimhO8/zy6r2ipGkVhZD1GiA7gQ+X
xwDk5R55YKRCgo+sBjE+dCRH7kle2FVXDExKeVqJKOpdRszuzxdVWFP75QvAHb6K
mallG3RicIhP91zFb8h2OxsyHKyC2HSZdEuRHbMILFmdMT6E3d+gBxf/EGOAQ74l
sS15Cb6E8KGZFFtagyR15+9MwohNHuZ8Z6Pp4+QHkyy3CQ6Bt1P4GrggRIGHXtAR
Ejns8+ucK41MGrbBXb2HZ37zYri9YuMgAIEABZn12Z+KFnSyG1RLWa1tBunQflcg
Kb/UtgpgZ1+0IUfaWGjAe+j/DrbyXRME
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:47:41 2025 by rpki-client