Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72B8B36A993F11F0B0FDB4EADAE4EC9C.roa
File: 72B8B36A993F11F0B0FDB4EADAE4EC9C.roa (raw, json)
Hash identifier: KO11H21h5avW2jgX9MtR0pwsF9UmJuZ3lIEvhvk3S5Q=
Subject key identifier: 1E:B8:B3:20:02:10:34:03:61:9D:5E:4E:B4:5F:00:D5:65:61:87:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A066
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72B8B36A993F11F0B0FDB4EADAE4EC9C.roa
Signing time: Wed 24 Sep 2025 12:10:24 +0000
ROA not before: Wed 24 Sep 2025 12:10:19 +0000
ROA not after: Sun 26 Oct 2025 12:10:19 +0000
asID: 29852
IP address blocks: 154.194.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 13 Oct 2025 00:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106598 (0x1a066)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 12:10:19 2025 GMT
Not After : Oct 26 12:10:19 2025 GMT
Subject: CN=68d3dfb0-7f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2b:bc:32:a6:d4:a6:57:d2:ad:b6:b7:7f:c0:
aa:73:a7:3d:f6:ae:07:d8:40:64:04:30:9f:3b:6d:
3f:a3:c5:a2:a1:5f:27:0b:cb:f8:63:ff:6e:87:b8:
ea:25:18:07:14:6a:3f:b8:57:55:14:f2:c6:10:cc:
ad:5a:11:ad:f0:fb:17:f7:07:14:af:88:09:3f:57:
6e:2a:b6:b7:34:82:15:17:d6:2b:84:6f:44:09:00:
a5:94:82:24:40:62:9c:82:40:d2:fb:1f:af:04:a3:
28:aa:18:a0:0a:b8:51:00:9d:41:da:17:2c:da:96:
08:14:32:10:20:db:18:a9:36:12:e3:82:14:f8:ae:
7e:29:f0:b4:a1:e8:16:14:1f:ee:79:7d:36:93:63:
3c:06:78:4c:2b:ec:5b:c4:ec:cf:44:2b:13:e3:4a:
79:e7:ce:25:1f:68:59:42:f3:04:f5:62:dc:47:75:
ae:a6:44:54:e7:f3:ae:5c:cd:6e:fe:e4:4c:b5:e0:
e9:24:e3:57:dd:ce:9d:ae:03:4e:93:7e:15:46:98:
48:2e:22:01:f8:0f:3a:59:4f:97:1d:51:c7:21:69:
48:ce:80:7d:24:e1:76:c5:88:f1:00:5b:da:19:14:
c1:97:8e:24:58:f1:7a:52:16:b6:c8:3c:bd:82:e5:
68:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B8:B3:20:02:10:34:03:61:9D:5E:4E:B4:5F:00:D5:65:61:87:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72B8B36A993F11F0B0FDB4EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.58.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:34:98:a0:a2:f5:6e:19:93:a3:9f:20:65:fe:e0:0c:bf:43:
ef:c5:8f:a8:c6:b3:bc:07:81:e9:d0:b6:d2:7e:a2:3c:01:c2:
ce:b2:1e:23:4d:1f:e4:aa:fd:6f:af:6c:4b:84:a9:6d:46:1f:
7f:e4:a7:df:cb:bd:bf:b2:6e:34:4a:e6:05:a6:2f:91:85:70:
66:93:c2:be:c5:90:c5:a9:2f:96:a7:a1:83:fa:de:13:5b:0b:
d8:5d:d0:84:36:04:e2:a4:9d:b7:81:f1:d1:ea:fa:06:46:10:
7a:2e:35:b6:9e:43:52:9a:ca:e9:dd:6a:3a:03:ee:94:64:d8:
8d:a7:8a:5c:b6:c5:e3:6c:34:82:6f:a8:1d:d7:f0:2c:ef:77:
17:ed:03:5e:96:96:20:91:a1:22:69:87:32:53:84:5a:99:49:
68:90:40:ee:ba:9f:4f:a5:ef:17:14:ac:cc:f4:03:22:01:38:
03:70:6c:54:af:c1:e2:5a:47:a4:4d:cd:c5:83:72:37:52:90:
df:14:91:74:1f:91:14:53:ea:52:9e:fb:ef:2f:50:13:cc:b4:
61:6c:96:1b:5c:a8:35:60:4a:68:f4:72:d2:30:78:1c:45:90:
a3:40:04:29:18:70:be:e4:42:c7:e2:35:9b:8e:67:41:bf:44:
c1:5f:dc:b2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaBmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTIxMDE5WhcNMjUxMDI2MTIxMDE5WjAYMRYw
FAYDVQQDEw02OGQzZGZiMC03ZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4iu8MqbUplfSrba3f8Cqc6c99q4H2EBkBDCfO20/o8WioV8nC8v4Y/9u
h7jqJRgHFGo/uFdVFPLGEMytWhGt8PsX9wcUr4gJP1duKra3NIIVF9YrhG9ECQCl
lIIkQGKcgkDS+x+vBKMoqhigCrhRAJ1B2hcs2pYIFDIQINsYqTYS44IU+K5+KfC0
oegWFB/ueX02k2M8BnhMK+xbxOzPRCsT40p5584lH2hZQvME9WLcR3WupkRU5/Ou
XM1u/uRMteDpJONX3c6drgNOk34VRphILiIB+A86WU+XHVHHIWlIzoB9JOF2xYjx
AFvaGRTBl44kWPF6Uha2yDy9guVoVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB64
syACEDQDYZ1eTrRfANVlYYdiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MkI4QjM2QTk5M0YxMUYwQjBGREI0RUFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI6MA0GCSqGSIb3DQEB
CwUAA4IBAQDINJigovVuGZOjnyBl/uAMv0PvxY+oxrO8B4Hp0LbSfqI8AcLOsh4j
TR/kqv1vr2xLhKltRh9/5Kffy72/sm40SuYFpi+RhXBmk8K+xZDFqS+Wp6GD+t4T
WwvYXdCENgTipJ23gfHR6voGRhB6LjW2nkNSmsrp3Wo6A+6UZNiNp4pctsXjbDSC
b6gd1/As73cX7QNelpYgkaEiaYcyU4RamUlokEDuup9Ppe8XFKzM9AMiATgDcGxU
r8HiWkekTc3Fg3I3UpDfFJF0H5EUU+pSnvvvL1ATzLRhbJYbXKg1YEpo9HLSMHgc
RZCjQAQpGHC+5ELH4jWbjmdBv0TBX9yy
-----END CERTIFICATE-----
Generated at Sat Oct 11 16:00:11 2025 by rpki-client