Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E832BA3C66D111F0BECA9B99DAE4EC9C.roa
File: E832BA3C66D111F0BECA9B99DAE4EC9C.roa (raw, json)
Hash identifier: uYz/uhQ9mO/jyu10oofC8CyD2YLI7YhrgN53zzJL9ns=
Subject key identifier: 00:8E:B1:C3:3B:58:BF:A2:2F:FB:71:A8:80:01:61:EE:5F:5C:C7:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018EC2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E832BA3C66D111F0BECA9B99DAE4EC9C.roa
Signing time: Tue 22 Jul 2025 08:00:18 +0000
ROA not before: Tue 22 Jul 2025 08:00:13 +0000
ROA not after: Wed 27 Aug 2025 08:00:13 +0000
asID: 214143
IP address blocks: 154.223.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102082 (0x18ec2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 22 08:00:13 2025 GMT
Not After : Aug 27 08:00:13 2025 GMT
Subject: CN=687f4512-6b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:7b:3c:7c:f7:15:cd:55:0b:9f:8f:9a:d8:
5f:66:aa:a1:2c:62:8a:18:8e:78:a0:34:d6:20:bd:
92:e3:27:9e:e9:e0:75:44:df:bf:2a:29:ce:d2:fc:
ed:d3:49:f4:f7:fa:2c:9f:60:d4:87:12:c8:2f:f5:
74:39:33:00:67:25:69:24:79:c6:68:eb:15:63:76:
33:0a:e3:7f:13:2a:3c:ac:3e:8c:ae:8a:c4:d8:7d:
df:50:d2:70:d0:f7:e3:39:e6:26:e0:c1:1c:fd:38:
75:d0:c7:30:9e:e2:e4:9c:79:92:db:37:4c:4a:1f:
5a:d5:b4:9f:34:74:08:67:c6:da:8c:19:cd:d8:68:
aa:a6:c1:a1:6c:d2:1e:02:c9:f1:80:98:57:ef:a1:
c4:61:ea:3b:73:2a:62:ff:14:f8:03:8d:30:23:67:
58:1a:4a:4b:d4:d3:74:34:8e:d5:d3:1d:4c:53:c6:
e9:de:45:24:2d:ec:06:de:1b:86:dd:f7:ff:d8:6c:
20:64:31:e9:e8:9e:09:b0:49:cc:6e:f7:ac:03:40:
3d:f0:32:58:c0:ee:15:ad:a7:f7:d5:eb:d0:83:76:
cd:be:a7:9f:1f:2c:73:72:ae:31:ad:d8:f4:c9:c2:
11:7f:8d:a8:bb:98:c7:4a:e6:98:c5:97:94:57:ad:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8E:B1:C3:3B:58:BF:A2:2F:FB:71:A8:80:01:61:EE:5F:5C:C7:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E832BA3C66D111F0BECA9B99DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.248.0/21
Signature Algorithm: sha256WithRSAEncryption
26:de:68:70:90:40:9b:f1:02:3d:a2:01:a9:98:43:2e:a7:ed:
59:a7:45:b3:3b:c8:74:98:0b:a7:ce:36:85:78:37:1a:7f:43:
32:5b:f5:17:59:6d:4b:e6:de:99:65:c0:b6:5a:f9:c4:5f:69:
23:12:62:2c:45:a1:6d:a2:f9:a9:79:ac:2e:ce:8c:5e:4f:b1:
a4:91:26:cb:f9:55:44:cc:a7:ae:15:f2:29:e6:e4:7b:77:62:
72:f3:12:5e:c3:7c:2e:cc:e4:41:bf:70:cd:b8:85:83:88:e6:
7c:cb:a5:ae:19:dd:34:44:ec:59:38:a7:70:e8:fb:d9:ee:47:
d1:30:67:a7:e8:b2:49:99:94:85:a1:98:34:a0:ed:dd:a2:dd:
b6:34:74:fb:34:51:69:eb:b6:41:98:b5:7c:ba:da:84:f1:bc:
6a:2e:9a:39:b2:77:5e:48:16:70:70:45:2c:c4:73:41:d8:0b:
ac:39:c1:76:9e:fa:1a:b7:01:7e:ce:9f:48:c5:4d:75:3c:90:
42:59:ef:5f:48:7e:2d:11:8c:03:8d:66:63:f7:39:5e:6a:c5:
3d:50:35:0f:3a:2d:78:3c:2e:4f:a0:00:47:5c:f8:d3:c8:e8:
cf:e1:2c:57:88:79:50:18:6d:07:ca:90:c6:af:b0:37:d9:89:
a7:1a:41:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY7CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIyMDgwMDEzWhcNMjUwODI3MDgwMDEzWjAYMRYw
FAYDVQQDEw02ODdmNDUxMi02YjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTF7PHz3Fc1VC5+PmthfZqqhLGKKGI54oDTWIL2S4yee6eB1RN+/KinO
0vzt00n09/osn2DUhxLIL/V0OTMAZyVpJHnGaOsVY3YzCuN/Eyo8rD6MrorE2H3f
UNJw0PfjOeYm4MEc/Th10McwnuLknHmS2zdMSh9a1bSfNHQIZ8bajBnN2GiqpsGh
bNIeAsnxgJhX76HEYeo7cypi/xT4A40wI2dYGkpL1NN0NI7V0x1MU8bp3kUkLewG
3huG3ff/2GwgZDHp6J4JsEnMbvesA0A98DJYwO4Vraf31evQg3bNvqefHyxzcq4x
rdj0ycIRf42ou5jHSuaYxZeUV6309QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFACO
scM7WL+iL/txqIABYe5fXMeBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODMyQkEzQzY2RDExMUYwQkVDQTlCOTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt/4MA0GCSqGSIb3DQEB
CwUAA4IBAQAm3mhwkECb8QI9ogGpmEMup+1Zp0WzO8h0mAunzjaFeDcaf0MyW/UX
WW1L5t6ZZcC2WvnEX2kjEmIsRaFtovmpeawuzoxeT7GkkSbL+VVEzKeuFfIp5uR7
d2Jy8xJew3wuzORBv3DNuIWDiOZ8y6WuGd00ROxZOKdw6PvZ7kfRMGen6LJJmZSF
oZg0oO3dot22NHT7NFFp67ZBmLV8utqE8bxqLpo5sndeSBZwcEUsxHNB2AusOcF2
nvoatwF+zp9IxU11PJBCWe9fSH4tEYwDjWZj9zleasU9UDUPOi14PC5PoABHXPjT
yOjP4SxXiHlQGG0HypDGr7A32YmnGkGs
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:08:45 2025 by rpki-client