Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12FBA94AA5B111F09680CB9EDAE4EC9C.roa
File: 12FBA94AA5B111F09680CB9EDAE4EC9C.roa (raw, json)
Hash identifier: rUDo6H9FYqBN7aXxCsPc+zvwOPGURnunH5DzIg/SIJQ=
Subject key identifier: 1E:EF:B3:DE:0D:4B:0E:EA:60:AD:E0:77:E7:2A:4C:17:A5:D8:A9:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A32F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12FBA94AA5B111F09680CB9EDAE4EC9C.roa
Signing time: Fri 10 Oct 2025 08:14:00 +0000
ROA not before: Fri 10 Oct 2025 08:13:55 +0000
ROA not after: Wed 05 Nov 2025 08:13:55 +0000
asID: 204548
IP address blocks: 154.222.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107311 (0x1a32f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 10 08:13:55 2025 GMT
Not After : Nov 5 08:13:55 2025 GMT
Subject: CN=68e8c048-04b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:05:ea:4c:01:32:74:5a:b6:6a:bc:bf:31:eb:
50:81:6e:b4:a2:02:bf:db:54:07:a8:2a:15:64:ef:
d2:e6:22:18:6b:07:9b:ca:26:60:c5:ad:e3:0d:8c:
ac:0a:25:9d:1a:b5:e7:60:55:81:a4:72:de:61:11:
8e:50:ec:79:a3:45:fa:00:3d:a4:6c:9a:fb:3c:c1:
21:4d:93:3b:45:24:92:c9:df:d4:ca:98:34:b8:16:
22:ee:75:25:6d:ce:5d:14:88:78:f6:d0:19:d4:fd:
e7:70:93:87:19:ab:35:2e:9f:5f:b7:3b:ba:4a:8b:
56:99:96:40:96:f6:fc:83:8d:ce:71:12:b9:da:5a:
8e:2f:7e:a8:17:1f:c4:35:9f:a3:d1:21:f9:ef:ac:
1b:05:81:62:83:7c:c0:c7:cd:19:dc:01:8d:af:33:
06:76:7c:48:ff:8b:b2:3a:18:d3:cc:4a:e5:dc:f4:
c6:dc:93:29:ac:2d:b7:39:95:f6:3a:6d:ec:45:2e:
fc:8b:3a:0c:0d:1d:a5:fc:eb:7d:12:ad:0a:1f:33:
c6:06:10:32:50:2f:f8:4f:ad:37:49:6e:38:ea:71:
87:17:94:18:ce:02:f3:af:0c:c3:e6:bf:5d:10:c6:
bb:6e:fd:01:0f:2c:d8:aa:90:02:0e:9f:de:a4:a7:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EF:B3:DE:0D:4B:0E:EA:60:AD:E0:77:E7:2A:4C:17:A5:D8:A9:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12FBA94AA5B111F09680CB9EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.133.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ef:8e:d1:84:c3:22:79:c9:2b:a8:b4:fe:58:a9:be:7e:ff:
18:1b:8c:c0:2f:dc:a4:52:63:b7:b8:c2:84:17:80:32:80:9c:
89:91:49:43:3c:82:44:5e:cb:6b:1a:12:24:36:9a:35:94:ca:
13:03:6e:5a:c4:ba:a4:de:90:07:e6:ca:b4:0e:9c:0f:c8:e6:
77:95:d0:4e:6f:96:5e:8f:47:fe:8f:92:9d:d1:a2:ab:61:8f:
a4:db:50:67:cd:a9:56:64:4b:98:3a:8d:bd:92:cd:3f:e8:55:
93:e1:83:7a:ce:26:80:ac:e7:9f:d9:02:29:a3:c5:ee:23:75:
5b:39:ea:ca:32:26:99:bc:1d:c7:91:69:b7:4a:4b:a9:42:23:
d6:48:c8:d7:96:77:af:5d:14:2b:a9:84:a6:4b:4f:eb:e4:c9:
87:a9:16:35:17:ed:69:01:e2:83:71:eb:e3:ca:cc:de:4b:9b:
3e:65:6d:bb:5a:fc:07:34:47:39:74:39:2e:6c:a0:f2:5e:21:
28:e8:24:fd:48:fd:eb:7c:53:ad:ab:9c:40:aa:f5:a8:e3:e2:
b2:38:6a:48:fc:2b:84:fe:a5:66:77:cd:5b:de:cc:27:7d:35:
41:d5:34:84:c8:e6:06:75:26:94:96:b9:08:5a:47:10:ca:1a:
c5:83:2c:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaMvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEwMDgxMzU1WhcNMjUxMTA1MDgxMzU1WjAYMRYw
FAYDVQQDEw02OGU4YzA0OC0wNGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxwXqTAEydFq2ary/MetQgW60ogK/21QHqCoVZO/S5iIYawebyiZgxa3j
DYysCiWdGrXnYFWBpHLeYRGOUOx5o0X6AD2kbJr7PMEhTZM7RSSSyd/Uypg0uBYi
7nUlbc5dFIh49tAZ1P3ncJOHGas1Lp9ftzu6SotWmZZAlvb8g43OcRK52lqOL36o
Fx/ENZ+j0SH576wbBYFig3zAx80Z3AGNrzMGdnxI/4uyOhjTzErl3PTG3JMprC23
OZX2Om3sRS78izoMDR2l/Ot9Eq0KHzPGBhAyUC/4T603SW446nGHF5QYzgLzrwzD
5r9dEMa7bv0BDyzYqpACDp/epKf7AQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB7v
s94NSw7qYK3gd+cqTBel2KlpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMkZCQTk0QUE1QjExMUYwOTY4MENCOUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6FMA0GCSqGSIb3DQEB
CwUAA4IBAQBU747RhMMieckrqLT+WKm+fv8YG4zAL9ykUmO3uMKEF4AygJyJkUlD
PIJEXstrGhIkNpo1lMoTA25axLqk3pAH5sq0DpwPyOZ3ldBOb5Zej0f+j5Kd0aKr
YY+k21BnzalWZEuYOo29ks0/6FWT4YN6ziaArOef2QIpo8XuI3VbOerKMiaZvB3H
kWm3SkupQiPWSMjXlnevXRQrqYSmS0/r5MmHqRY1F+1pAeKDcevjyszeS5s+ZW27
WvwHNEc5dDkubKDyXiEo6CT9SP3rfFOtq5xAqvWo4+KyOGpI/CuE/qVmd81b3swn
fTVB1TSEyOYGdSaUlrkIWkcQyhrFgywn
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:32 2025 by rpki-client