Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/15C2FC2EA34E11F0B20502A8DAE4EC9C.roa
File: 15C2FC2EA34E11F0B20502A8DAE4EC9C.roa (raw, json)
Hash identifier: qG7WU8XcpMPFAFVVABifQScwxEuz+Q5q3kHBHFZJsvA=
Subject key identifier: 8C:5B:95:A8:76:F6:FC:B4:52:0D:7E:6B:53:39:45:F1:73:D6:80:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A284
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/15C2FC2EA34E11F0B20502A8DAE4EC9C.roa
Signing time: Tue 07 Oct 2025 07:20:22 +0000
ROA not before: Tue 07 Oct 2025 07:20:12 +0000
ROA not after: Tue 11 Nov 2025 07:20:12 +0000
asID: 214143
IP address blocks: 154.197.60.0/23 maxlen: 24
154.197.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107140 (0x1a284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 7 07:20:12 2025 GMT
Not After : Nov 11 07:20:12 2025 GMT
Subject: CN=68e4bf36-de64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8c:33:f4:fe:d2:0b:20:d6:b0:d5:3a:8d:4e:
d8:39:bf:0c:75:b9:45:bf:d7:46:17:aa:77:73:cf:
c9:8c:ae:7a:55:d3:cd:5d:69:e9:c4:0d:c3:43:c8:
c7:37:b9:e2:8b:83:da:7a:1d:3c:ce:0d:65:ed:9f:
86:33:25:de:2f:d4:8e:f1:8e:53:a6:fd:4f:e6:24:
c8:f2:c2:a6:8f:6b:f9:b9:49:82:b2:a7:64:43:40:
88:09:c2:27:db:ad:00:d2:9f:46:9c:0a:28:1f:9b:
d7:9f:7f:4e:01:7d:01:34:46:74:7a:4e:3d:99:15:
f0:6b:b5:ac:cc:2a:0a:3a:0d:20:bf:83:c6:0e:d5:
66:7c:21:e3:20:a1:47:f2:86:a2:f1:6c:ce:d5:56:
84:eb:af:79:a7:6b:a9:d2:fe:64:2c:1a:ba:1f:dd:
c2:4c:68:5e:c0:6c:a8:4a:47:27:59:fe:ef:e4:ba:
cc:83:4e:8c:e5:65:be:8f:47:b7:7b:7b:3f:9c:60:
1c:d4:40:ab:f9:65:c2:5c:db:83:b3:bd:f5:85:38:
6c:2e:9f:1b:b9:29:ec:15:5a:81:f7:25:d4:d7:08:
5e:c0:ae:bd:2d:a6:a3:c0:a8:a1:41:f4:69:0d:63:
1f:68:47:06:77:60:c9:10:6f:05:66:3b:4c:67:a6:
bf:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5B:95:A8:76:F6:FC:B4:52:0D:7E:6B:53:39:45:F1:73:D6:80:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/15C2FC2EA34E11F0B20502A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.60.0/23
154.197.86.0/23
Signature Algorithm: sha256WithRSAEncryption
74:76:63:d6:1e:76:10:4b:cb:0d:52:ba:f6:b2:8c:bc:76:ad:
e3:1c:22:f4:ec:4f:9a:f7:21:30:82:4c:23:67:ba:98:75:29:
d0:55:a2:02:af:23:8d:b7:46:7a:36:69:01:98:ad:81:d7:ec:
91:52:8a:03:13:8f:95:9d:9c:db:9b:20:ed:fc:ac:d6:77:2c:
0c:84:3f:8f:28:19:b0:c7:42:62:27:a8:be:86:ce:1a:29:56:
29:85:d9:16:f5:6e:44:61:cc:90:d5:70:dd:23:8c:c0:32:b4:
0d:54:a8:89:ec:77:e7:a1:18:69:68:1d:aa:a0:01:85:e2:61:
e3:fa:46:26:9d:3b:c7:9a:da:0c:04:eb:6c:26:00:d1:5a:3a:
3c:73:89:f1:c7:e8:51:ae:8a:86:c5:8f:54:56:b2:6f:0a:87:
67:79:61:a7:f3:bf:95:1a:d1:91:65:af:ac:66:44:d1:93:90:
8c:21:ca:2c:27:72:f2:52:20:57:76:3c:ec:e2:9d:89:f6:59:
54:0e:f3:8c:4e:65:bb:1e:f9:97:d7:f6:ca:29:0c:b8:91:3e:
5e:0c:7f:71:25:f0:5e:7f:dd:e2:67:c7:ad:d4:3f:2e:1a:fe:
de:a2:de:da:25:9a:66:62:f5:3d:d9:61:b4:58:e0:79:31:a5:
32:2e:d8:fd
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaKEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA3MDcyMDEyWhcNMjUxMTExMDcyMDEyWjAYMRYw
FAYDVQQDEw02OGU0YmYzNi1kZTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw4wz9P7SCyDWsNU6jU7YOb8MdblFv9dGF6p3c8/JjK56VdPNXWnpxA3D
Q8jHN7nii4Paeh08zg1l7Z+GMyXeL9SO8Y5Tpv1P5iTI8sKmj2v5uUmCsqdkQ0CI
CcIn260A0p9GnAooH5vXn39OAX0BNEZ0ek49mRXwa7WszCoKOg0gv4PGDtVmfCHj
IKFH8oai8WzO1VaE6695p2up0v5kLBq6H93CTGhewGyoSkcnWf7v5LrMg06M5WW+
j0e3e3s/nGAc1ECr+WXCXNuDs731hThsLp8buSnsFVqB9yXU1whewK69LaajwKih
QfRpDWMfaEcGd2DJEG8FZjtMZ6a/wQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFIxb
lah29vy0Ug1+a1M5RfFz1oAvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNUMyRkMyRUEzNEUxMUYwQjIwNTAyQThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsU8AwQBmsVWMA0GCSqG
SIb3DQEBCwUAA4IBAQB0dmPWHnYQS8sNUrr2soy8dq3jHCL07E+a9yEwgkwjZ7qY
dSnQVaICryONt0Z6NmkBmK2B1+yRUooDE4+VnZzbmyDt/KzWdywMhD+PKBmwx0Ji
J6i+hs4aKVYphdkW9W5EYcyQ1XDdI4zAMrQNVKiJ7HfnoRhpaB2qoAGF4mHj+kYm
nTvHmtoMBOtsJgDRWjo8c4nxx+hRroqGxY9UVrJvCodneWGn87+VGtGRZa+sZkTR
k5CMIcosJ3LyUiBXdjzs4p2J9llUDvOMTmW7HvmX1/bKKQy4kT5eDH9xJfBef93i
Z8et1D8uGv7eot7aJZpmYvU92WG0WOB5MaUyLtj9
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:58 2025 by rpki-client