Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E34DE4CA56411F088A8AF9BDAE4EC9C.roa
File: 0E34DE4CA56411F088A8AF9BDAE4EC9C.roa (raw, json)
Hash identifier: RQtoLICOjNANoZfHswRh7Ut3n+4yjqAr2ajr7PRB/3w=
Subject key identifier: E8:8E:74:D6:90:26:34:20:CD:C8:BF:D9:DD:C1:4F:C4:CF:25:42:81
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A31A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E34DE4CA56411F088A8AF9BDAE4EC9C.roa
Signing time: Thu 09 Oct 2025 23:02:41 +0000
ROA not before: Fri 10 Oct 2025 23:02:31 +0000
ROA not after: Wed 05 Nov 2025 23:02:31 +0000
asID: 204548
IP address blocks: 154.222.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107290 (0x1a31a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 10 23:02:31 2025 GMT
Not After : Nov 5 23:02:31 2025 GMT
Subject: CN=68e83f10-9cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6d:12:95:0c:9b:92:7a:02:46:06:e3:a3:fb:
d1:7d:8d:0f:11:df:a3:53:da:ff:b6:34:cb:e0:be:
99:a8:66:f1:7c:98:8e:4c:7b:b3:49:66:03:7f:ff:
05:d5:a0:e3:68:57:a7:fb:09:08:8d:6e:bc:4f:a7:
2d:5d:7b:2e:37:0b:44:a6:f9:34:bf:aa:1e:d1:17:
b2:72:ac:4b:77:19:e9:3d:18:d9:6b:bb:08:36:33:
0a:68:9b:64:81:7d:a4:d5:f4:14:48:c5:21:d2:9a:
f4:68:e6:69:a0:7b:91:05:42:28:00:4c:54:09:20:
4c:e6:cb:ef:ab:7c:36:86:8f:76:5b:12:a2:d6:7e:
e1:7d:3f:a6:c8:c4:2b:02:16:ed:a3:91:e1:57:68:
86:8b:41:f0:0d:b2:ea:06:7e:64:70:e1:87:80:c0:
0f:3f:6c:11:a9:c6:98:e5:12:66:9a:1e:68:8f:a3:
f4:f8:a0:1a:3b:b8:c7:c6:78:46:5b:e0:87:75:58:
92:8b:8c:b9:98:82:d7:4a:1b:3c:fa:45:b1:7a:e0:
4b:1d:01:ee:94:3d:be:47:52:8d:2f:36:84:b5:bf:
e5:da:44:db:97:8f:9a:76:61:fa:a4:a5:35:24:1d:
d1:73:34:4d:a7:29:61:5c:3c:32:09:dc:e2:26:60:
0b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8E:74:D6:90:26:34:20:CD:C8:BF:D9:DD:C1:4F:C4:CF:25:42:81
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0E34DE4CA56411F088A8AF9BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.133.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:d7:79:f9:23:c0:db:6a:60:6c:9d:51:e1:a3:5c:ba:51:0d:
f6:a8:1d:b1:5e:f5:a6:fd:07:5a:9d:32:7f:92:0e:69:46:9d:
5f:44:60:d6:1a:e1:10:5e:e9:48:a6:45:80:81:4f:1a:d7:90:
e4:c3:80:c8:f2:e7:4f:34:23:4c:f8:5f:f8:a3:44:64:0e:9d:
3f:52:36:ca:84:de:23:30:75:85:7c:bd:d1:a0:51:07:8e:02:
69:08:e3:65:db:75:7b:7f:c3:9d:42:1e:c8:9d:dc:e4:82:a6:
01:84:79:df:2d:19:48:d1:9e:19:a3:1d:9c:3e:2d:39:6a:91:
b0:ef:b6:45:a8:58:5d:67:a0:52:29:07:91:a3:7c:8f:f5:4e:
ec:39:9e:aa:2c:1f:9c:40:dd:63:27:eb:b2:88:0a:dd:92:d2:
f6:87:10:de:de:94:3e:38:b1:c7:36:2f:68:24:9b:ed:17:e1:
25:da:e2:bb:27:1e:0d:c6:74:8a:57:f2:84:d0:f5:af:04:78:
27:a6:35:64:7c:a8:bf:80:28:a4:16:49:b2:a5:93:59:55:68:
06:11:c3:01:21:5c:ff:21:2c:74:29:9c:4c:05:6a:af:11:19:
94:99:40:c4:81:38:b2:46:5c:16:5b:eb:a7:4f:ea:fb:da:4e:
8d:b8:51:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaMaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEwMjMwMjMxWhcNMjUxMTA1MjMwMjMxWjAYMRYw
FAYDVQQDEw02OGU4M2YxMC05Y2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2m0SlQybknoCRgbjo/vRfY0PEd+jU9r/tjTL4L6ZqGbxfJiOTHuzSWYD
f/8F1aDjaFen+wkIjW68T6ctXXsuNwtEpvk0v6oe0ReycqxLdxnpPRjZa7sINjMK
aJtkgX2k1fQUSMUh0pr0aOZpoHuRBUIoAExUCSBM5svvq3w2ho92WxKi1n7hfT+m
yMQrAhbto5HhV2iGi0HwDbLqBn5kcOGHgMAPP2wRqcaY5RJmmh5oj6P0+KAaO7jH
xnhGW+CHdViSi4y5mILXShs8+kWxeuBLHQHulD2+R1KNLzaEtb/l2kTbl4+admH6
pKU1JB3RczRNpylhXDwyCdziJmALVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOiO
dNaQJjQgzci/2d3BT8TPJUKBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRTM0REU0Q0E1NjQxMUYwODhBOEFGOUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6FMA0GCSqGSIb3DQEB
CwUAA4IBAQCP13n5I8DbamBsnVHho1y6UQ32qB2xXvWm/QdanTJ/kg5pRp1fRGDW
GuEQXulIpkWAgU8a15Dkw4DI8udPNCNM+F/4o0RkDp0/UjbKhN4jMHWFfL3RoFEH
jgJpCONl23V7f8OdQh7IndzkgqYBhHnfLRlI0Z4Zox2cPi05apGw77ZFqFhdZ6BS
KQeRo3yP9U7sOZ6qLB+cQN1jJ+uyiArdktL2hxDe3pQ+OLHHNi9oJJvtF+El2uK7
Jx4NxnSKV/KE0PWvBHgnpjVkfKi/gCikFkmypZNZVWgGEcMBIVz/ISx0KZxMBWqv
ERmUmUDEgTiyRlwWW+unT+r72k6NuFFu
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:20 2025 by rpki-client