Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8A5621E6B9011F090EF7881DAE4EC9C.roa
File: C8A5621E6B9011F090EF7881DAE4EC9C.roa (raw, json)
Hash identifier: 4GyQ/0R3nA6tNFTKtkl3E9jq/cefOAZxHLLwsng1dmI=
Subject key identifier: 2F:E6:64:AB:58:80:95:BC:F4:EA:6F:C9:42:9F:A7:6E:89:97:0B:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FCC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8A5621E6B9011F090EF7881DAE4EC9C.roa
Signing time: Mon 28 Jul 2025 08:56:44 +0000
ROA not before: Mon 28 Jul 2025 08:56:39 +0000
ROA not after: Sun 31 Aug 2025 08:56:39 +0000
asID: 202656
IP address blocks: 154.200.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102348 (0x18fcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 28 08:56:39 2025 GMT
Not After : Aug 31 08:56:39 2025 GMT
Subject: CN=68873b4c-dbcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:ed:4b:f7:c4:1c:91:ec:44:ce:fb:e5:18:
6a:8f:f5:77:2e:42:65:7d:26:4e:50:88:8b:d6:8a:
27:92:28:44:8f:0b:83:66:c7:32:d5:67:45:8e:a2:
94:57:c0:10:d2:d8:3d:38:16:fc:f5:70:d8:b7:4b:
e8:21:f7:49:80:07:0b:0f:51:9c:bb:72:c6:51:a5:
79:d6:04:a5:3f:66:e1:3f:d8:82:14:d3:da:b7:7e:
dd:7b:06:dc:37:2f:11:51:f7:26:be:27:e3:df:55:
41:f9:49:dd:a2:da:4e:d6:67:b1:92:51:94:80:22:
fe:87:c9:e0:36:8f:9a:ca:4a:cd:a7:17:4c:61:cf:
e3:55:ff:03:20:e8:2b:f7:a8:f4:fb:77:b9:48:eb:
06:a9:39:e5:46:9d:3d:1e:2d:83:5e:87:17:7e:4c:
85:69:0c:a9:73:25:0e:49:b2:24:3a:6e:ec:31:b5:
ff:9c:59:42:99:9e:84:bd:ee:8f:17:85:2d:5f:ff:
8d:6f:fa:d7:2c:45:16:41:5d:d5:b3:cb:ff:29:81:
e6:b3:8c:5a:65:35:8e:d2:00:59:35:32:f4:a4:b2:
d1:64:38:bf:33:20:da:6b:26:e6:25:19:99:30:06:
39:8c:4e:00:4d:7b:8a:78:47:d8:e4:1c:66:75:39:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E6:64:AB:58:80:95:BC:F4:EA:6F:C9:42:9F:A7:6E:89:97:0B:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8A5621E6B9011F090EF7881DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.227.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:04:c3:f8:1f:58:2a:f1:c3:34:65:3f:ce:dc:98:d0:ee:81:
a1:fa:1a:c8:2d:c1:46:12:42:16:56:d0:36:b6:f1:f1:0f:ac:
16:dd:6b:4a:7a:51:e0:17:a0:85:3d:c0:02:d8:bf:21:65:e8:
49:75:7c:f8:a9:d5:db:e4:b5:cd:b3:90:5f:c3:20:a2:03:8f:
57:c1:4a:09:41:2d:a7:8b:02:94:10:20:ad:4e:09:b7:c1:cb:
34:33:ea:46:2e:f4:23:0d:27:28:f7:91:58:18:f2:23:b9:64:
bc:3e:50:eb:c8:53:55:c8:55:e4:5c:ed:75:e4:c4:21:d8:91:
98:42:da:0b:e8:c3:c6:d9:c4:48:b5:4d:46:9a:1b:bf:23:b3:
c5:53:df:88:a3:05:7f:8d:12:dd:e2:ea:69:d2:88:d0:5e:af:
aa:5d:c8:94:23:d5:92:b0:af:91:3b:22:44:ae:1e:f7:22:06:
43:e7:91:f9:70:2e:0d:78:4d:5c:cb:9e:85:a1:69:b0:a7:46:
8f:31:bd:f3:d9:be:da:de:fa:d8:05:9e:90:e1:5d:1e:1b:71:
9f:2a:ee:ed:79:9e:60:e2:6e:bc:37:e8:af:d9:c6:05:5c:20:
ca:52:c9:ea:7c:76:3f:d6:47:fd:2e:cb:73:24:c7:b5:7b:2e:
96:7e:69:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY/MMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI4MDg1NjM5WhcNMjUwODMxMDg1NjM5WjAYMRYw
FAYDVQQDEw02ODg3M2I0Yy1kYmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsdvtS/fEHJHsRM775Rhqj/V3LkJlfSZOUIiL1oonkihEjwuDZscy1WdF
jqKUV8AQ0tg9OBb89XDYt0voIfdJgAcLD1Gcu3LGUaV51gSlP2bhP9iCFNPat37d
ewbcNy8RUfcmvifj31VB+UndotpO1mexklGUgCL+h8ngNo+aykrNpxdMYc/jVf8D
IOgr96j0+3e5SOsGqTnlRp09Hi2DXocXfkyFaQypcyUOSbIkOm7sMbX/nFlCmZ6E
ve6PF4UtX/+Nb/rXLEUWQV3Vs8v/KYHms4xaZTWO0gBZNTL0pLLRZDi/MyDaaybm
JRmZMAY5jE4ATXuKeEfY5BxmdTnfTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC/m
ZKtYgJW89OpvyUKfp26JlwtvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOEE1NjIxRTZCOTAxMUYwOTBFRjc4ODFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjjMA0GCSqGSIb3DQEB
CwUAA4IBAQB/BMP4H1gq8cM0ZT/O3JjQ7oGh+hrILcFGEkIWVtA2tvHxD6wW3WtK
elHgF6CFPcAC2L8hZehJdXz4qdXb5LXNs5BfwyCiA49XwUoJQS2niwKUECCtTgm3
wcs0M+pGLvQjDSco95FYGPIjuWS8PlDryFNVyFXkXO115MQh2JGYQtoL6MPG2cRI
tU1Gmhu/I7PFU9+IowV/jRLd4upp0ojQXq+qXciUI9WSsK+ROyJErh73IgZD55H5
cC4NeE1cy56FoWmwp0aPMb3z2b7a3vrYBZ6Q4V0eG3GfKu7teZ5g4m68N+iv2cYF
XCDKUsnqfHY/1kf9LstzJMe1ey6Wfmk8
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:03:20 2025 by rpki-client