Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF8C4EAC6D6711F0A6977DF3DAE4EC9C.roa
File: CF8C4EAC6D6711F0A6977DF3DAE4EC9C.roa (raw, json)
Hash identifier: 7jxrZzdU3WA0NMdLgq0PPQH6HQoFHnf+E17lcuZsDN8=
Subject key identifier: 7F:3E:72:42:2A:6F:CE:A7:7B:F9:28:08:3D:71:19:24:20:9E:A9:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019013
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF8C4EAC6D6711F0A6977DF3DAE4EC9C.roa
Signing time: Wed 30 Jul 2025 17:08:28 +0000
ROA not before: Wed 30 Jul 2025 17:08:22 +0000
ROA not after: Wed 06 Aug 2025 17:08:22 +0000
asID: 135377
IP address blocks: 154.82.22.0/24 maxlen: 24
154.82.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102419 (0x19013)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 30 17:08:22 2025 GMT
Not After : Aug 6 17:08:22 2025 GMT
Subject: CN=688a518c-3359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ab:e3:9d:ee:02:9e:a0:48:48:7e:61:42:6e:
7f:56:69:58:b6:f2:e9:a2:44:58:39:a6:63:04:3e:
da:66:54:4a:a4:75:61:dd:23:2a:49:af:83:b5:ca:
b3:0d:4c:cd:12:9b:56:2a:21:68:62:b0:20:c6:39:
c9:46:b6:85:f9:1f:10:b4:6d:0f:f2:8f:be:d4:6a:
1d:ff:e3:9c:11:41:eb:df:0b:d1:0f:25:ad:29:96:
1d:5f:49:c7:3f:fc:1d:f1:a4:c7:b3:89:19:93:39:
67:ae:69:4a:d1:5e:03:02:70:0c:00:b0:62:e1:9d:
66:66:55:d2:5c:a9:9b:d3:d2:7b:ba:0d:7f:f2:49:
c6:2b:06:52:40:5a:ed:98:25:4a:12:09:1a:96:ef:
c1:93:d2:59:b8:28:a2:ab:9d:32:3c:f7:28:f2:cb:
6f:35:b4:1d:89:d4:37:18:98:8c:95:91:b2:f8:87:
e1:16:d2:85:d6:32:09:aa:33:0d:c3:b3:bb:78:4b:
80:42:ab:4b:dc:09:92:dc:e7:9d:9c:94:8c:26:20:
3d:d5:f4:af:88:d5:34:9c:86:ce:b1:f1:90:b5:c8:
3d:21:cc:40:b7:20:6d:8a:7c:48:39:e1:6c:83:77:
6e:17:f9:6e:e1:57:f6:53:37:cf:f8:6d:a5:3a:cf:
b1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:3E:72:42:2A:6F:CE:A7:7B:F9:28:08:3D:71:19:24:20:9E:A9:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF8C4EAC6D6711F0A6977DF3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.22.0/23
Signature Algorithm: sha256WithRSAEncryption
28:88:0f:55:56:a3:c1:82:ca:a4:c3:81:9c:e7:62:ff:74:53:
b1:bf:e9:0d:42:68:90:e7:ba:4c:d4:19:d9:ba:bb:6e:07:e4:
88:09:d1:12:55:7e:f4:68:17:35:4b:1d:77:83:b1:c6:8e:c6:
84:c2:a9:5f:e5:d8:a7:ec:49:64:49:66:99:94:6a:8f:06:f7:
1c:2c:ad:c7:57:ac:17:3a:49:87:8a:3c:4c:6c:e1:47:03:1f:
5d:3a:d1:12:3d:3e:fd:cc:1a:de:cc:b3:ad:b3:6d:f4:1c:3e:
05:5f:6c:9e:08:d5:69:a3:25:c7:eb:61:ba:aa:42:cc:02:d9:
c8:7e:29:f6:d7:24:ce:b6:55:a3:9b:01:3f:02:7f:d8:78:fd:
69:a8:ba:c7:3a:65:e6:14:24:37:2b:f5:0f:8d:59:e5:bd:aa:
71:df:61:3e:2a:83:cd:26:e2:63:a1:55:2c:b7:c3:ca:5f:8c:
46:83:e1:2a:11:d2:c6:f2:b0:3e:7b:3a:54:9d:2e:13:fc:d4:
13:41:94:be:75:ea:f8:d9:9d:7d:7f:a9:15:41:ed:7a:7b:20:
57:25:13:4e:7b:e3:94:02:94:88:29:38:45:52:46:0f:f7:cc:
50:88:ee:e4:7d:d9:d3:17:88:f8:43:7f:2e:a9:4d:81:df:33:
5d:d8:1a:22
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZATMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzMwMTcwODIyWhcNMjUwODA2MTcwODIyWjAYMRYw
FAYDVQQDEw02ODhhNTE4Yy0zMzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvKvjne4CnqBISH5hQm5/VmlYtvLpokRYOaZjBD7aZlRKpHVh3SMqSa+D
tcqzDUzNEptWKiFoYrAgxjnJRraF+R8QtG0P8o++1God/+OcEUHr3wvRDyWtKZYd
X0nHP/wd8aTHs4kZkzlnrmlK0V4DAnAMALBi4Z1mZlXSXKmb09J7ug1/8knGKwZS
QFrtmCVKEgkalu/Bk9JZuCiiq50yPPco8stvNbQdidQ3GJiMlZGy+IfhFtKF1jIJ
qjMNw7O7eEuAQqtL3AmS3OednJSMJiA91fSviNU0nIbOsfGQtcg9IcxAtyBtinxI
OeFsg3duF/lu4Vf2UzfP+G2lOs+xZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH8+
ckIqb86ne/koCD1xGSQgnqn1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjhDNEVBQzZENjcxMUYwQTY5NzdERjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlIWMA0GCSqGSIb3DQEB
CwUAA4IBAQAoiA9VVqPBgsqkw4Gc52L/dFOxv+kNQmiQ57pM1BnZurtuB+SICdES
VX70aBc1Sx13g7HGjsaEwqlf5din7ElkSWaZlGqPBvccLK3HV6wXOkmHijxMbOFH
Ax9dOtESPT79zBrezLOts230HD4FX2yeCNVpoyXH62G6qkLMAtnIfin21yTOtlWj
mwE/An/YeP1pqLrHOmXmFCQ3K/UPjVnlvapx32E+KoPNJuJjoVUst8PKX4xGg+Eq
EdLG8rA+ezpUnS4T/NQTQZS+der42Z19f6kVQe16eyBXJRNOe+OUApSIKThFUkYP
98xQiO7kfdnTF4j4Q38uqU2B3zNd2Boi
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:45:25 2025 by rpki-client