Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE8127E06B8911F0A08C0FD4DAE4EC9C.roa
File: EE8127E06B8911F0A08C0FD4DAE4EC9C.roa (raw, json)
Hash identifier: ohxc7vTxW+cooV9/8iAELRjWFgeRFMlbVAHU6oHMtTI=
Subject key identifier: 8C:E7:80:A6:E0:87:86:DF:82:23:9B:97:94:4E:B6:A9:FF:7C:52:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018FBC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE8127E06B8911F0A08C0FD4DAE4EC9C.roa
Signing time: Mon 28 Jul 2025 08:07:41 +0000
ROA not before: Mon 28 Jul 2025 08:07:36 +0000
ROA not after: Sat 01 Nov 2025 08:07:36 +0000
asID: 47890
IP address blocks: 154.214.196.0/24 maxlen: 24
154.214.198.0/24 maxlen: 24
154.214.205.0/24 maxlen: 24
154.214.213.0/24 maxlen: 24
154.214.215.0/24 maxlen: 24
154.214.224.0/22 maxlen: 24
154.214.230.0/23 maxlen: 24
154.214.236.0/23 maxlen: 24
154.214.238.0/23 maxlen: 24
154.214.240.0/22 maxlen: 24
154.214.244.0/23 maxlen: 24
154.214.248.0/23 maxlen: 24
154.214.250.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102332 (0x18fbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 28 08:07:36 2025 GMT
Not After : Nov 1 08:07:36 2025 GMT
Subject: CN=68872fcd-4b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:7d:99:7a:0d:87:89:9f:17:e5:0a:6a:91:
1c:c6:44:38:4c:aa:4a:68:d7:30:a8:83:71:2a:1d:
95:76:96:13:a6:ed:8e:b8:a6:52:ae:58:39:0f:5e:
44:3f:56:a9:dc:9d:a1:bd:f1:4d:73:93:ee:fd:3f:
7b:f1:7e:b8:88:b6:59:1c:b6:33:ec:13:55:55:66:
00:4b:35:b0:a6:77:16:b0:03:bf:18:a2:6b:ba:90:
8d:04:fa:6b:0f:61:86:81:42:75:93:cd:ef:c2:9a:
7f:9e:8b:ec:a8:dc:69:71:56:01:ee:3b:2f:db:80:
5d:72:31:33:9f:b3:c5:bf:77:12:e3:01:cb:28:47:
9f:90:af:2f:70:f9:3b:5c:bd:4f:20:8c:89:e2:de:
6b:b1:00:15:92:32:8e:c5:dd:94:01:b6:4a:e9:f0:
77:0e:0c:d6:58:d5:d8:e7:58:90:3a:d3:4c:fc:c6:
0c:78:85:5b:d0:8e:3e:e0:c1:c0:08:11:43:7f:76:
b3:5f:b6:96:1a:7c:d9:d7:96:8a:ee:60:79:d1:4a:
fb:66:fe:20:7e:84:87:25:2b:5b:3a:31:90:3c:b6:
28:e5:b6:05:77:1f:56:42:8e:49:95:e3:5f:ac:fc:
a7:f9:d3:1d:2e:f2:ef:12:6a:76:d5:52:3d:a9:37:
d5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E7:80:A6:E0:87:86:DF:82:23:9B:97:94:4E:B6:A9:FF:7C:52:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE8127E06B8911F0A08C0FD4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.196.0/24
154.214.198.0/24
154.214.205.0/24
154.214.213.0/24
154.214.215.0/24
154.214.224.0/22
154.214.230.0/23
154.214.236.0-154.214.245.255
154.214.248.0/22
Signature Algorithm: sha256WithRSAEncryption
15:47:87:73:91:2a:c4:9d:2f:31:34:ef:70:56:58:41:59:7b:
5b:b7:4e:c1:f8:fa:ff:b3:93:25:b0:ae:33:7a:13:73:70:25:
97:c3:21:9a:3f:0d:3a:68:88:ec:23:c6:5f:8e:ca:48:fa:77:
0a:ad:78:16:96:b2:75:9b:4d:6b:b5:2a:57:5a:3f:6a:60:94:
0c:66:cc:5c:9e:1f:dc:47:75:ff:5b:4e:8f:2c:85:30:ac:b4:
cb:92:5b:f5:45:b9:d5:fd:d2:22:0b:d4:6d:af:e0:27:14:df:
a3:0d:6d:af:b6:a9:47:98:15:db:44:8e:d1:99:be:e4:45:9b:
a2:b0:a3:1b:89:7b:d5:5f:e8:a3:08:b6:2b:5f:42:c0:38:67:
2d:07:d7:a6:59:75:d0:f7:ee:e1:bf:1f:4d:57:10:97:97:01:
e9:9c:73:44:57:5c:7e:8d:b5:b6:5a:5a:f9:2b:2b:d6:32:57:
f7:6c:90:bc:a3:8c:80:ee:08:01:74:53:7d:be:f7:7e:6e:a6:
2c:3d:4a:a0:79:a2:56:75:17:14:a8:c9:8b:6e:7d:0c:7f:3e:
0d:05:33:dd:69:2f:f9:20:8a:11:8e:ab:4a:36:03:03:8b:ae:
8c:ac:49:db:78:e3:8c:06:26:f5:7c:13:36:ed:5e:b9:68:6c:
74:d6:e3:19
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAY+8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI4MDgwNzM2WhcNMjUxMTAxMDgwNzM2WjAYMRYw
FAYDVQQDEw02ODg3MmZjZC00Yjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAurN9mXoNh4mfF+UKapEcxkQ4TKpKaNcwqINxKh2VdpYTpu2OuKZSrlg5
D15EP1ap3J2hvfFNc5Pu/T978X64iLZZHLYz7BNVVWYASzWwpncWsAO/GKJrupCN
BPprD2GGgUJ1k83vwpp/novsqNxpcVYB7jsv24BdcjEzn7PFv3cS4wHLKEefkK8v
cPk7XL1PIIyJ4t5rsQAVkjKOxd2UAbZK6fB3DgzWWNXY51iQOtNM/MYMeIVb0I4+
4MHACBFDf3azX7aWGnzZ15aK7mB50Ur7Zv4gfoSHJStbOjGQPLYo5bYFdx9WQo5J
leNfrPyn+dMdLvLvEmp21VI9qTfVzQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFIzn
gKbgh4bfgiObl5ROtqn/fFIaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTgxMjdFMDZCODkxMUYwQTA4QzBGRDREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAmtbEAwQAmtbGAwQAmtbN
AwQAmtbVAwQAmtbXAwQCmtbgAwQBmtbmMAwDBAKa1uwDBAGa1vQDBAKa1vgwDQYJ
KoZIhvcNAQELBQADggEBABVHh3ORKsSdLzE073BWWEFZe1u3TsH4+v+zkyWwrjN6
E3NwJZfDIZo/DTpoiOwjxl+Oykj6dwqteBaWsnWbTWu1KldaP2pglAxmzFyeH9xH
df9bTo8shTCstMuSW/VFudX90iIL1G2v4CcU36MNba+2qUeYFdtEjtGZvuRFm6Kw
oxuJe9Vf6KMItitfQsA4Zy0H16ZZddD37uG/H01XEJeXAemcc0RXXH6NtbZaWvkr
K9YyV/dskLyjjIDuCAF0U32+935upiw9SqB5olZ1FxSoyYtufQx/Pg0FM91pL/kg
ihGOq0o2AwOLroysSdt444wGJvV8EzbtXrlobHTW4xk=
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:01:59 2025 by rpki-client