Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1EA1B34687B11F0A80B10EEDAE4EC9C.roa
File: D1EA1B34687B11F0A80B10EEDAE4EC9C.roa (raw, json)
Hash identifier: 4amqhSghTRfxSrbxbI5X5+tQeZXruSmRBwJJHFogip8=
Subject key identifier: 52:BD:DD:B8:20:83:FE:22:6F:CD:1F:53:D4:37:07:AC:2B:A6:C3:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018F61
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1EA1B34687B11F0A80B10EEDAE4EC9C.roa
Signing time: Thu 24 Jul 2025 10:49:06 +0000
ROA not before: Thu 24 Jul 2025 10:49:01 +0000
ROA not after: Sun 31 Aug 2025 10:49:01 +0000
asID: 395793
IP address blocks: 154.82.162.0/23 maxlen: 24
154.82.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 06:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102241 (0x18f61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 24 10:49:01 2025 GMT
Not After : Aug 31 10:49:01 2025 GMT
Subject: CN=68820fa2-f2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:08:b7:03:83:52:70:18:dd:17:2e:fe:40:4e:
ad:37:5d:64:c8:31:0e:44:d7:c6:7b:60:4e:c1:5c:
34:fd:56:38:17:3b:e0:4d:7a:64:bf:25:cc:e6:2e:
0e:14:ae:da:4f:9f:2a:fc:38:95:80:dd:02:7a:db:
22:58:c6:0a:a1:c5:d1:4b:ad:a4:c3:40:eb:9b:31:
b7:53:3c:df:f7:50:d9:9d:14:32:1e:ae:75:21:bb:
6f:e5:36:95:ee:e5:79:a5:4a:b1:ff:13:ce:72:a0:
40:fd:7b:91:3f:80:87:8b:f9:0d:2e:76:96:49:3c:
ba:2c:55:2b:c2:db:46:ae:fc:12:c3:b4:f8:2f:ba:
f0:dc:b0:c2:3b:9f:58:6f:e3:2a:cc:08:91:1b:7b:
24:3e:cd:66:d3:9c:5a:e5:b2:c8:3a:95:6b:2b:c3:
e1:62:7f:e2:12:41:41:f3:7c:2c:21:a2:68:8b:dc:
68:9b:0e:f2:49:c9:77:b9:93:9e:13:3d:50:58:3e:
45:f1:c2:06:3b:8b:37:ea:4e:7b:01:e9:87:cd:b1:
e8:d3:ab:32:f7:da:13:8d:2b:d0:30:72:c1:e4:8b:
59:fe:f8:91:f3:48:ce:2d:ab:12:c8:ba:a7:67:25:
ac:65:0f:01:fb:c4:1a:74:1e:9e:cf:21:c7:08:e4:
96:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BD:DD:B8:20:83:FE:22:6F:CD:1F:53:D4:37:07:AC:2B:A6:C3:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D1EA1B34687B11F0A80B10EEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.162.0-154.82.167.255
Signature Algorithm: sha256WithRSAEncryption
75:5a:59:94:1a:02:13:44:b3:f9:bc:b3:4d:ab:a1:56:65:ab:
11:eb:35:42:c7:d5:ca:05:70:00:4b:07:96:c1:e6:32:67:f6:
cd:c0:b3:da:94:4a:db:71:1b:42:9f:7a:ec:55:fd:d7:2e:8c:
02:76:08:23:ec:50:34:38:d4:b7:08:f3:11:e3:de:70:b9:2b:
a0:ae:be:20:b2:e2:92:1d:f2:20:9e:66:4f:41:47:ee:75:ae:
9a:e4:06:81:26:1b:d3:39:c4:81:c8:d1:b7:f0:dd:be:f3:10:
de:5a:d9:cb:5a:98:73:af:bc:7d:32:ea:b9:c4:9a:77:45:98:
92:0d:55:e3:72:b7:09:fa:3f:9a:d3:70:fa:c7:38:ee:eb:25:
45:f8:0c:cf:c7:30:8f:73:33:53:a1:db:60:07:36:bf:e6:e9:
1e:dd:17:36:e0:15:13:6a:dd:71:c2:0c:90:9f:17:df:d8:1a:
ac:9c:b8:0e:59:87:c3:73:71:60:3b:85:46:44:57:2c:ff:a2:
3d:04:c4:89:b5:1a:4b:04:c5:3b:ae:9e:a1:6b:bb:52:6f:03:
01:d4:b5:d8:f0:98:04:6e:6f:ec:c0:45:fd:6f:4e:d8:22:62:
95:48:72:9b:aa:76:f3:ae:54:74:6d:a3:b1:af:35:0c:52:a3:
38:59:ff:e6
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAY9hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI0MTA0OTAxWhcNMjUwODMxMTA0OTAxWjAYMRYw
FAYDVQQDEw02ODgyMGZhMi1mMmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtgi3A4NScBjdFy7+QE6tN11kyDEORNfGe2BOwVw0/VY4FzvgTXpkvyXM
5i4OFK7aT58q/DiVgN0CetsiWMYKocXRS62kw0DrmzG3Uzzf91DZnRQyHq51Ibtv
5TaV7uV5pUqx/xPOcqBA/XuRP4CHi/kNLnaWSTy6LFUrwttGrvwSw7T4L7rw3LDC
O59Yb+MqzAiRG3skPs1m05xa5bLIOpVrK8PhYn/iEkFB83wsIaJoi9xomw7yScl3
uZOeEz1QWD5F8cIGO4s36k57AemHzbHo06sy99oTjSvQMHLB5ItZ/viR80jOLasS
yLqnZyWsZQ8B+8QadB6ezyHHCOSWvQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFK9
3bggg/4ib80fU9Q3B6wrpsOfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMUVBMUIzNDY4N0IxMUYwQTgwQjEwRUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaUqIDBAOaUqAwDQYJ
KoZIhvcNAQELBQADggEBAHVaWZQaAhNEs/m8s02roVZlqxHrNULH1coFcABLB5bB
5jJn9s3As9qUSttxG0KfeuxV/dcujAJ2CCPsUDQ41LcI8xHj3nC5K6CuviCy4pId
8iCeZk9BR+51rprkBoEmG9M5xIHI0bfw3b7zEN5a2ctamHOvvH0y6rnEmndFmJIN
VeNytwn6P5rTcPrHOO7rJUX4DM/HMI9zM1Oh22AHNr/m6R7dFzbgFRNq3XHCDJCf
F9/YGqycuA5Zh8NzcWA7hUZEVyz/oj0ExIm1GksExTuunqFru1JvAwHUtdjwmARu
b+zARf1vTtgiYpVIcpuqdvOuVHRto7GvNQxSozhZ/+Y=
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:39:43 2025 by rpki-client