
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C531980E6F9711F0B2227AB6DAE4EC9C.roa
File: C531980E6F9711F0B2227AB6DAE4EC9C.roa (raw, json)
Hash identifier: RqDR/Kb1AknTxsK1XOvyIDo0AeUJ4AfpWbYTLr/dGGU=
Subject key identifier: A3:0D:DA:A0:7F:CD:C0:60:64:3D:08:B8:B7:1F:89:16:A7:9F:F7:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019030
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C531980E6F9711F0B2227AB6DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 11:56:49 +0000
ROA not before: Sat 02 Aug 2025 11:56:44 +0000
ROA not after: Sat 06 Sep 2025 11:56:44 +0000
asID: 139646
IP address blocks: 154.86.0.0/24 maxlen: 24
154.91.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102448 (0x19030)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 11:56:44 2025 GMT
Not After : Sep 6 11:56:44 2025 GMT
Subject: CN=688dfd01-cf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ea:5e:d3:99:bd:63:60:a5:ff:09:69:53:ad:
3d:56:97:06:52:df:16:45:6e:ab:dc:dd:e4:5f:8b:
17:37:69:70:f2:67:03:34:e7:cf:00:36:ae:87:9d:
2f:62:4f:91:1c:cd:a3:96:04:e6:6f:74:7b:b9:d0:
8a:69:b6:df:89:1f:b2:7f:3e:af:a9:31:f3:7f:bc:
54:7a:db:48:ab:fe:21:78:ce:2d:91:99:7b:3d:6e:
70:c0:aa:3f:2c:ae:55:18:4c:95:fe:38:d0:1c:41:
b2:f6:44:95:e5:31:57:34:5a:67:f9:b7:34:de:a8:
0f:5f:76:aa:0d:06:8a:40:22:3d:31:1b:dc:96:1c:
53:c6:e5:84:0d:ca:0b:06:5a:7e:17:4a:f0:14:be:
a1:73:a0:ca:09:d7:62:63:b6:ba:fe:b1:8b:22:88:
be:72:3a:c3:26:e5:41:8a:3a:21:5a:33:9f:7b:aa:
fb:68:ee:d4:f7:83:73:ef:cc:27:bb:d1:67:5f:01:
30:33:f9:1a:e2:44:29:4a:0a:40:bc:1a:d2:f2:49:
40:a8:84:69:59:21:3f:f4:57:80:e2:03:fb:6d:53:
7d:d0:2d:a4:8a:4c:3b:4c:98:e6:11:d5:7b:b5:65:
04:cc:21:63:6f:fd:c4:e9:54:c6:f7:28:b9:6d:26:
e0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0D:DA:A0:7F:CD:C0:60:64:3D:08:B8:B7:1F:89:16:A7:9F:F7:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C531980E6F9711F0B2227AB6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.0.0/24
154.91.224.0/19
Signature Algorithm: sha256WithRSAEncryption
d1:69:c7:43:a5:9c:52:66:cb:82:c9:8b:f7:6f:a2:f3:dc:cc:
b0:f5:1a:89:d1:4f:fc:ae:5b:7e:87:65:92:5b:92:31:c0:3b:
36:d4:67:69:4b:86:f1:76:71:93:1c:6f:3f:8a:7e:57:c3:95:
46:ee:54:e4:07:a3:52:6b:bf:84:98:ca:e3:7f:fa:81:b8:75:
10:17:76:bb:61:1e:15:48:b3:e4:14:db:7b:39:b0:f0:c4:eb:
cb:91:3c:3d:83:99:76:ac:03:ec:85:1b:22:08:e1:ee:f5:58:
c6:c6:92:f7:af:fd:b4:78:12:c6:fd:a2:51:bd:6d:63:40:fd:
57:82:a2:b6:a2:2a:8c:4a:bc:0e:94:56:3f:08:a8:e7:26:8e:
52:a9:85:6e:b2:fc:89:8f:4c:17:bf:8b:63:27:f9:ac:09:cc:
24:76:a7:5f:20:7d:8a:d9:f5:6d:bb:61:eb:fc:21:8c:c8:66:
99:66:55:d7:6c:5f:61:e4:6d:a3:fc:ae:8c:3c:1c:bc:8a:63:
c2:7c:bc:f4:b7:70:e2:1f:74:a7:31:1f:49:39:48:2e:dc:7b:
ef:97:f0:80:77:e8:d2:6f:91:9d:23:34:7c:a0:29:c8:1e:92:
4e:c8:7b:b2:c3:13:67:81:40:25:dd:59:db:a3:65:fb:49:13:
7f:47:6b:25
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZAwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMTE1NjQ0WhcNMjUwOTA2MTE1NjQ0WjAYMRYw
FAYDVQQDEw02ODhkZmQwMS1jZjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAk+pe05m9Y2Cl/wlpU609VpcGUt8WRW6r3N3kX4sXN2lw8mcDNOfPADau
h50vYk+RHM2jlgTmb3R7udCKabbfiR+yfz6vqTHzf7xUettIq/4heM4tkZl7PW5w
wKo/LK5VGEyV/jjQHEGy9kSV5TFXNFpn+bc03qgPX3aqDQaKQCI9MRvclhxTxuWE
DcoLBlp+F0rwFL6hc6DKCddiY7a6/rGLIoi+cjrDJuVBijohWjOfe6r7aO7U94Nz
78wnu9FnXwEwM/ka4kQpSgpAvBrS8klAqIRpWSE/9FeA4gP7bVN90C2kikw7TJjm
EdV7tWUEzCFjb/3E6VTG9yi5bSbgrwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKMN
2qB/zcBgZD0IuLcfiRann/efMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTMxOTgwRTZGOTcxMUYwQjIyMjdBQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlYAAwQFmlvgMA0GCSqG
SIb3DQEBCwUAA4IBAQDRacdDpZxSZsuCyYv3b6Lz3Myw9RqJ0U/8rlt+h2WSW5Ix
wDs21GdpS4bxdnGTHG8/in5Xw5VG7lTkB6NSa7+EmMrjf/qBuHUQF3a7YR4VSLPk
FNt7ObDwxOvLkTw9g5l2rAPshRsiCOHu9VjGxpL3r/20eBLG/aJRvW1jQP1XgqK2
oiqMSrwOlFY/CKjnJo5SqYVusvyJj0wXv4tjJ/msCcwkdqdfIH2K2fVtu2Hr/CGM
yGaZZlXXbF9h5G2j/K6MPBy8imPCfLz0t3DiH3SnMR9JOUgu3Hvvl/CAd+jSb5Gd
IzR8oCnIHpJOyHuywxNngUAl3Vnbo2X7SRN/R2sl
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:14:54 2025 by rpki-client