Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DAB14FE866A611F0AE913DF3DAE4EC9C.roa
File: DAB14FE866A611F0AE913DF3DAE4EC9C.roa (raw, json)
Hash identifier: VOJAW4M7GOMUNMD/9lImfnmzuzvd9Shb+3XE/E3NiWk=
Subject key identifier: 5E:14:99:DA:AE:A4:2C:8D:3F:E0:81:97:73:92:76:C5:B3:0C:89:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018E9A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DAB14FE866A611F0AE913DF3DAE4EC9C.roa
Signing time: Tue 22 Jul 2025 02:52:07 +0000
ROA not before: Tue 22 Jul 2025 02:52:02 +0000
ROA not after: Sat 09 Aug 2025 02:52:02 +0000
asID: 20326
IP address blocks: 154.194.224.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102042 (0x18e9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 22 02:52:02 2025 GMT
Not After : Aug 9 02:52:02 2025 GMT
Subject: CN=687efcd7-e5d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:89:bf:84:b5:c3:e6:dd:d4:6c:8b:8e:69:a1:
1c:f0:f0:fe:5d:7e:2a:7c:73:95:59:fc:72:d8:db:
fc:09:e4:34:9a:28:35:b7:60:87:47:5c:70:6f:15:
d8:ba:9d:78:dd:5e:12:56:a4:82:ad:15:07:5b:cb:
0d:21:cd:6f:2d:0d:aa:1d:2b:c3:d1:eb:40:fa:bd:
73:3a:56:ca:57:ce:2d:84:c6:6d:c2:93:d9:14:a6:
af:95:66:9d:a4:ab:c5:43:51:65:57:3a:74:e5:3b:
be:71:96:d7:f4:f7:34:8a:10:f8:6b:68:09:04:df:
72:a4:94:2a:ec:c5:ef:b9:ed:1c:1f:1d:f4:f8:84:
cf:90:91:19:dd:83:72:aa:f1:22:c0:d3:7d:b9:8a:
58:2f:6f:e3:8f:1a:a0:18:1f:48:59:39:e8:0b:39:
81:ba:e3:41:bf:9a:28:81:21:43:eb:50:24:14:8b:
dc:0b:8e:5f:f4:39:70:0e:89:9e:e5:ba:50:02:d1:
b6:1c:d2:ff:fe:9f:e5:fd:bb:7c:4f:d6:26:d8:c4:
b7:c3:b1:43:ef:2d:7a:50:5d:66:34:51:0c:62:24:
c4:90:e4:72:23:6b:14:50:0d:4b:94:5a:72:b7:2f:
3e:40:a6:13:58:e7:90:b7:55:da:e3:ad:b3:5a:fe:
73:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:14:99:DA:AE:A4:2C:8D:3F:E0:81:97:73:92:76:C5:B3:0C:89:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DAB14FE866A611F0AE913DF3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.224.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:95:c9:85:ca:b9:9d:94:f3:86:61:9f:ae:3b:4a:1c:5d:02:
bc:b8:59:82:07:6d:e1:61:35:b4:81:b9:99:f4:e7:4e:f4:e4:
ee:ad:d3:41:15:17:76:7b:3b:fa:1f:b3:a2:35:95:18:9b:28:
13:fa:30:05:5b:da:89:97:bf:cc:ab:03:11:c7:63:47:c3:ea:
aa:82:cc:64:58:27:39:3b:41:8f:a5:21:7e:6d:ea:dc:e9:0d:
46:9f:f0:de:67:70:f7:d4:f7:0c:48:88:3a:ea:e8:2c:c0:22:
09:11:3d:7e:fa:3f:93:3d:01:40:01:c0:77:de:29:99:c7:e7:
7e:89:0a:9f:89:a2:56:8a:a2:b3:6b:da:f4:ec:e2:36:98:68:
4d:03:9a:6b:6f:6a:e0:4b:ba:d9:a2:9e:d1:0f:2d:9a:25:a1:
dc:fa:b3:c8:fb:f1:0d:0e:e3:ff:d2:8a:a8:35:b9:13:30:61:
1b:15:47:f7:c5:af:80:a8:8d:26:16:0f:91:da:f9:22:5f:1c:
be:17:c1:e0:91:64:32:0b:36:72:22:48:28:14:09:c4:58:7d:
1d:9a:8e:e6:9a:f0:9c:ff:ab:c9:fa:f8:f9:8b:da:63:43:8d:
ad:16:b4:fc:42:4c:2f:35:0a:05:36:2a:95:dc:ca:db:b7:f5:
1f:47:f6:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY6aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIyMDI1MjAyWhcNMjUwODA5MDI1MjAyWjAYMRYw
FAYDVQQDEw02ODdlZmNkNy1lNWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuYm/hLXD5t3UbIuOaaEc8PD+XX4qfHOVWfxy2Nv8CeQ0mig1t2CHR1xw
bxXYup143V4SVqSCrRUHW8sNIc1vLQ2qHSvD0etA+r1zOlbKV84thMZtwpPZFKav
lWadpKvFQ1FlVzp05Tu+cZbX9Pc0ihD4a2gJBN9ypJQq7MXvue0cHx30+ITPkJEZ
3YNyqvEiwNN9uYpYL2/jjxqgGB9IWTnoCzmBuuNBv5oogSFD61AkFIvcC45f9Dlw
Dome5bpQAtG2HNL//p/l/bt8T9Ym2MS3w7FD7y16UF1mNFEMYiTEkORyI2sUUA1L
lFpyty8+QKYTWOeQt1Xa462zWv5zTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF4U
mdqupCyNP+CBl3OSdsWzDIlWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQUIxNEZFODY2QTYxMUYwQUU5MTNERjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsLgMA0GCSqGSIb3DQEB
CwUAA4IBAQAMlcmFyrmdlPOGYZ+uO0ocXQK8uFmCB23hYTW0gbmZ9OdO9OTurdNB
FRd2ezv6H7OiNZUYmygT+jAFW9qJl7/MqwMRx2NHw+qqgsxkWCc5O0GPpSF+berc
6Q1Gn/DeZ3D31PcMSIg66ugswCIJET1++j+TPQFAAcB33imZx+d+iQqfiaJWiqKz
a9r07OI2mGhNA5prb2rgS7rZop7RDy2aJaHc+rPI+/ENDuP/0oqoNbkTMGEbFUf3
xa+AqI0mFg+R2vkiXxy+F8HgkWQyCzZyIkgoFAnEWH0dmo7mmvCc/6vJ+vj5i9pj
Q42tFrT8QkwvNQoFNiqV3Mrbt/UfR/YB
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:08:57 2025 by rpki-client