Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3636D64C3D011F0883A13E1DAE4EC9C.roa
File: A3636D64C3D011F0883A13E1DAE4EC9C.roa (raw, json)
Hash identifier: /knd627T+eAIwPhCQO73IgnwLBnagoaYXyA+3Uls7pg=
Subject key identifier: 22:A9:63:9E:57:58:06:72:2D:62:F6:C0:DB:4B:4B:8B:8D:0B:74:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A97F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3636D64C3D011F0883A13E1DAE4EC9C.roa
Signing time: Mon 17 Nov 2025 16:15:31 +0000
ROA not before: Mon 17 Nov 2025 16:15:27 +0000
ROA not after: Sun 31 May 2026 16:15:27 +0000
asID: 29802
IP address blocks: 154.205.172.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 20 Nov 2025 00:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108927 (0x1a97f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 17 16:15:27 2025 GMT
Not After : May 31 16:15:27 2026 GMT
Subject: CN=691b4a23-41c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:4c:38:fb:f4:44:76:8c:33:92:89:87:d9:
69:13:79:00:fa:09:71:57:2b:2e:85:a2:e8:3a:eb:
8f:1f:72:1f:db:36:18:b0:5d:cc:7e:05:62:be:f7:
48:8d:e4:36:90:a1:ad:35:c4:7c:4d:d3:bc:b0:e5:
e0:3c:ca:f8:5e:4e:07:f3:b1:92:6a:5b:48:e5:1f:
dd:64:fe:3e:47:01:0c:ce:1c:6f:74:18:e5:b4:14:
4e:20:26:46:bd:e9:92:0f:ab:c5:31:fa:c0:c6:fa:
d6:72:8e:b1:52:de:b7:42:f5:93:75:c6:9a:02:31:
00:d6:5f:40:50:d0:70:51:02:c8:35:b2:d0:5f:d6:
64:c9:fc:ea:a1:d7:cb:5c:72:da:e1:8c:e4:f8:7c:
b8:da:a2:82:3d:e5:45:c3:82:eb:3d:18:d6:3d:88:
e8:f0:6d:d5:c8:87:63:1b:12:45:5d:42:9a:4f:72:
f0:07:7b:d2:d5:4f:27:35:08:10:55:ac:2e:b0:ac:
ac:f8:77:09:c3:2a:c7:d1:0e:28:c9:9f:8a:41:3d:
9e:2a:0a:48:58:5a:2e:26:ce:84:f1:9a:df:1f:2c:
ee:dd:4f:24:84:82:c4:a3:fb:98:a6:9e:51:1a:eb:
25:11:9c:88:fb:4c:5a:d3:12:a6:0d:b7:2d:16:c9:
4f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A9:63:9E:57:58:06:72:2D:62:F6:C0:DB:4B:4B:8B:8D:0B:74:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3636D64C3D011F0883A13E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.172.0/23
Signature Algorithm: sha256WithRSAEncryption
69:7e:23:c8:0b:9b:82:1a:ee:3f:ec:2e:e5:39:00:03:31:30:
52:91:32:16:0f:0a:fe:66:85:e6:4d:2d:c7:69:90:ed:18:d5:
d4:6a:7e:5f:e7:ff:9d:d4:b8:31:4f:e8:4c:51:69:12:d0:a3:
b1:dd:02:25:d6:ac:e1:ff:72:57:b6:78:46:9c:f3:d8:4c:cf:
1c:6b:a6:97:e3:02:e4:03:e4:72:ee:3f:18:7d:74:f2:da:7d:
6f:89:50:4b:27:2c:64:ae:e2:53:6f:10:e1:1b:2d:7a:aa:86:
cd:19:07:8a:d6:16:92:b3:5e:a1:1a:c8:1b:cb:b2:88:ed:ce:
d0:7a:e3:08:85:55:28:bd:e9:12:57:df:25:05:57:78:af:9e:
b1:cd:95:bc:0e:63:e2:16:6a:72:a0:1d:e6:dc:63:07:80:62:
2f:6d:f2:33:cf:43:a1:1b:d5:a5:ff:f2:c2:3b:33:f2:04:b0:
75:2d:ef:f9:64:3c:89:0a:0e:0c:2d:b0:ba:88:57:bc:07:52:
15:e8:b2:e8:cb:f3:39:b1:d7:95:87:e0:ab:18:fa:65:11:61:
36:21:8d:35:38:76:b2:0e:39:93:30:80:b5:4f:f6:15:52:da:
c9:e8:9a:84:50:bb:23:1a:20:c5:6f:c5:95:5b:d4:69:1a:d3:
fa:f6:da:9c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAal/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMTE3MTYxNTI3WhcNMjYwNTMxMTYxNTI3WjAYMRYw
FAYDVQQDEw02OTFiNGEyMy00MWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsTpMOPv0RHaMM5KJh9lpE3kA+glxVysuhaLoOuuPH3If2zYYsF3MfgVi
vvdIjeQ2kKGtNcR8TdO8sOXgPMr4Xk4H87GSaltI5R/dZP4+RwEMzhxvdBjltBRO
ICZGvemSD6vFMfrAxvrWco6xUt63QvWTdcaaAjEA1l9AUNBwUQLINbLQX9Zkyfzq
odfLXHLa4Yzk+Hy42qKCPeVFw4LrPRjWPYjo8G3VyIdjGxJFXUKaT3LwB3vS1U8n
NQgQVawusKys+HcJwyrH0Q4oyZ+KQT2eKgpIWFouJs6E8ZrfHyzu3U8khILEo/uY
pp5RGuslEZyI+0xa0xKmDbctFslPkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCKp
Y55XWAZyLWL2wNtLS4uNC3R+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzYzNkQ2NEMzRDAxMUYwODgzQTEzRTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms2sMA0GCSqGSIb3DQEB
CwUAA4IBAQBpfiPIC5uCGu4/7C7lOQADMTBSkTIWDwr+ZoXmTS3HaZDtGNXUan5f
5/+d1LgxT+hMUWkS0KOx3QIl1qzh/3JXtnhGnPPYTM8ca6aX4wLkA+Ry7j8YfXTy
2n1viVBLJyxkruJTbxDhGy16qobNGQeK1haSs16hGsgby7KI7c7QeuMIhVUovekS
V98lBVd4r56xzZW8DmPiFmpyoB3m3GMHgGIvbfIzz0OhG9Wl//LCOzPyBLB1Le/5
ZDyJCg4MLbC6iFe8B1IV6LLoy/M5sdeVh+CrGPplEWE2IY01OHayDjmTMIC1T/YV
UtrJ6JqEULsjGiDFb8WVW9RpGtP69tqc
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:22:38 2025 by rpki-client