Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04DEB570946611F096BF1C91DAE4EC9C.roa
File: 04DEB570946611F096BF1C91DAE4EC9C.roa (raw, json)
Hash identifier: n2gFmQfyeMx0dtk3m7EAKi93DOYfLnv9+gX6bLzVnVU=
Subject key identifier: 74:04:2A:27:E6:33:03:A4:CC:30:FB:33:D0:CD:35:60:55:02:5C:13
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019FFF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04DEB570946611F096BF1C91DAE4EC9C.roa
Signing time: Thu 18 Sep 2025 08:03:54 +0000
ROA not before: Thu 18 Sep 2025 08:03:49 +0000
ROA not after: Fri 24 Oct 2025 08:03:49 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106495 (0x19fff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 18 08:03:49 2025 GMT
Not After : Oct 24 08:03:49 2025 GMT
Subject: CN=68cbbcea-385a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a9:94:9b:f9:ae:a7:53:eb:1f:62:f1:a8:97:
da:46:2a:ac:0d:91:1e:bf:e5:e8:34:fb:04:de:d4:
a6:ff:38:ac:96:d0:82:97:67:ab:cf:b3:46:ea:5e:
4f:67:5b:01:c1:93:eb:20:b5:cd:10:82:0b:4f:53:
53:0d:83:3f:f7:25:49:50:92:35:45:1d:1b:5c:87:
a5:38:d7:e2:05:dd:18:17:c4:75:f6:f8:93:df:13:
6c:f1:2d:ea:17:75:75:4f:ee:33:7a:70:1b:6b:87:
96:6e:fb:49:b7:0e:44:9c:46:99:b0:8c:d1:97:81:
c7:42:f5:3a:95:2c:60:65:42:3d:6f:77:59:8d:30:
32:b8:b0:64:31:1b:08:d6:43:87:7b:59:74:2b:73:
71:ae:1f:ae:39:f5:2a:39:39:0e:84:67:fe:2c:b0:
0b:0b:31:8c:76:09:3a:df:3c:bc:f3:10:d9:6d:4f:
c8:08:2c:42:cd:5d:df:3e:63:a9:f6:6a:c1:dc:96:
66:0a:29:08:0a:ec:b2:0a:28:db:09:53:19:8d:cb:
e7:79:af:5c:26:64:10:5a:bc:9a:7d:c8:8e:8f:cc:
55:ba:5e:48:63:b8:37:93:34:95:42:25:82:f6:01:
24:35:f0:48:67:cb:5c:05:05:e8:c0:a2:3e:69:ba:
9c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:04:2A:27:E6:33:03:A4:CC:30:FB:33:D0:CD:35:60:55:02:5C:13
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04DEB570946611F096BF1C91DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:27:f2:cc:b0:dd:2b:20:a8:ee:f0:92:86:26:ea:1d:b1:d6:
d5:ab:b1:3d:5b:f7:d0:a1:8c:dd:8f:b1:d9:74:37:55:ac:ce:
59:0e:36:aa:1b:b7:3f:65:0b:54:36:12:5e:6e:ab:5c:70:0e:
44:14:32:f4:37:3d:36:82:8d:8a:0f:1a:1c:38:c5:72:07:20:
99:af:d7:44:9b:1f:1e:8e:c2:32:dd:f2:d7:d8:74:00:21:40:
7d:8a:b3:7a:6c:0f:04:ec:c1:e0:89:39:5a:c5:74:06:cc:5c:
4c:7b:db:83:ed:10:fb:07:8b:0e:c9:9c:b0:b6:5a:bc:c1:c0:
16:1b:83:d3:80:9a:3c:41:29:7e:91:51:74:2f:66:a6:73:6c:
bd:34:dd:06:2c:7b:60:b8:ed:e2:3f:b2:66:9b:a8:ad:a5:bb:
4c:ba:1b:5b:ef:0d:92:fd:ce:56:55:41:f6:ef:f9:fa:06:b8:
9d:55:e3:81:69:c2:7a:08:f7:95:2e:68:c4:bb:84:00:79:75:
f7:4b:d1:e7:e4:09:1b:c1:d0:be:d6:f1:74:56:8b:7e:f0:bd:
fa:2a:69:6e:92:fc:6f:e4:74:d7:79:2c:d6:4b:7c:e4:dd:95:
c0:42:4e:07:bf:c6:bb:8e:a0:fa:f3:2c:61:b2:00:29:6f:c2:
b5:34:ea:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ//MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTE4MDgwMzQ5WhcNMjUxMDI0MDgwMzQ5WjAYMRYw
FAYDVQQDEw02OGNiYmNlYS0zODVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr6mUm/mup1PrH2LxqJfaRiqsDZEev+XoNPsE3tSm/zisltCCl2erz7NG
6l5PZ1sBwZPrILXNEIILT1NTDYM/9yVJUJI1RR0bXIelONfiBd0YF8R19viT3xNs
8S3qF3V1T+4zenAba4eWbvtJtw5EnEaZsIzRl4HHQvU6lSxgZUI9b3dZjTAyuLBk
MRsI1kOHe1l0K3Nxrh+uOfUqOTkOhGf+LLALCzGMdgk63zy88xDZbU/ICCxCzV3f
PmOp9mrB3JZmCikICuyyCijbCVMZjcvnea9cJmQQWryafciOj8xVul5IY7g3kzSV
QiWC9gEkNfBIZ8tcBQXowKI+abqcxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHQE
KifmMwOkzDD7M9DNNWBVAlwTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNERFQjU3MDk0NjYxMUYwOTZCRjFDOTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQALJ/LMsN0rIKju8JKGJuodsdbVq7E9W/fQoYzdj7HZdDdVrM5ZDjaq
G7c/ZQtUNhJebqtccA5EFDL0Nz02go2KDxocOMVyByCZr9dEmx8ejsIy3fLX2HQA
IUB9irN6bA8E7MHgiTlaxXQGzFxMe9uD7RD7B4sOyZywtlq8wcAWG4PTgJo8QSl+
kVF0L2amc2y9NN0GLHtguO3iP7Jmm6itpbtMuhtb7w2S/c5WVUH27/n6BridVeOB
acJ6CPeVLmjEu4QAeXX3S9Hn5AkbwdC+1vF0Vot+8L36Kmlukvxv5HTXeSzWS3zk
3ZXAQk4Hv8a7jqD68yxhsgApb8K1NOo6
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:05 2025 by rpki-client