Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/168F6E18996B11F09522C082DAE4EC9C.roa
File: 168F6E18996B11F09522C082DAE4EC9C.roa (raw, json)
Hash identifier: C0E4963kHKnuRFHsvVF7E+oYchcLiKEuq3kkGnrChQc=
Subject key identifier: 24:9F:CC:19:22:FD:8C:E3:84:80:C1:09:FF:B1:07:0F:32:AC:4F:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/168F6E18996B11F09522C082DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 17:22:47 +0000
ROA not before: Wed 24 Sep 2025 17:22:42 +0000
ROA not after: Thu 30 Oct 2025 17:22:42 +0000
asID: 149513
IP address blocks: 154.201.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106656 (0x1a0a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 17:22:42 2025 GMT
Not After : Oct 30 17:22:42 2025 GMT
Subject: CN=68d428e7-5428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5b:dc:4c:6d:c4:02:31:b7:ab:6d:d8:62:49:
70:d2:ef:91:15:c8:a4:8b:cf:d4:51:5c:af:23:82:
f4:8b:e5:ae:7e:a2:d0:77:6b:20:cb:85:eb:a6:e4:
2a:9c:22:13:bd:47:56:01:3c:d7:41:8e:b6:80:52:
14:5c:79:39:e4:ec:aa:18:2d:ba:7e:00:55:de:db:
43:f1:42:f7:b9:42:00:d6:06:f9:e4:9f:db:a9:f8:
12:51:63:7d:26:ec:58:a2:ad:fe:9f:71:a6:83:58:
c9:30:ac:24:7c:83:a9:9d:b1:69:d5:18:57:89:c5:
8a:b0:98:d2:39:82:bc:17:06:b6:c2:12:7c:96:2f:
05:16:24:bb:ca:c8:39:39:75:9b:79:3d:5e:e3:e7:
6d:91:35:07:39:51:ec:e3:3e:45:93:ad:96:72:22:
28:1f:2b:09:79:96:ed:30:b6:fb:89:ad:65:f5:c0:
d6:f8:46:da:0a:73:68:76:7b:38:42:f4:d1:bc:0e:
c8:31:00:c2:b9:47:96:d8:29:8d:05:4a:4d:f4:9b:
5b:3c:21:d6:96:a4:6c:5e:6b:f4:0a:fd:05:d8:7a:
e2:f3:51:0b:63:cd:43:1f:d8:eb:45:bc:a4:47:1c:
af:ca:64:79:c6:41:7f:ef:1e:39:a2:25:e3:1a:4a:
1c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9F:CC:19:22:FD:8C:E3:84:80:C1:09:FF:B1:07:0F:32:AC:4F:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/168F6E18996B11F09522C082DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.94.0/23
Signature Algorithm: sha256WithRSAEncryption
22:dd:eb:ab:2c:91:26:17:90:06:a0:7b:1e:70:17:78:c8:bb:
d4:4d:5a:1a:09:76:a3:3d:c4:ad:87:37:48:6e:cd:06:02:3a:
03:3d:59:2c:12:e8:7d:72:11:93:db:4b:c6:79:f3:bb:c7:1b:
4b:6f:2c:60:5c:5b:83:41:bd:99:4a:a1:10:70:01:f2:70:10:
6f:3d:0c:9f:5a:c2:1e:33:0c:5c:5d:1b:af:7e:09:22:f2:d5:
96:b6:df:14:9e:e2:75:f0:1c:a7:70:02:40:c4:ac:09:63:a7:
50:c6:4f:73:73:8b:95:3c:fe:44:22:dd:fa:b4:b5:05:61:ed:
bd:da:75:25:aa:7c:4d:ef:a8:f0:be:5d:71:8c:29:48:df:d8:
af:60:6a:9a:b5:83:29:3c:7a:68:9e:d0:b5:4f:6d:c3:36:a2:
01:0e:8b:c9:38:c6:fa:14:79:64:02:c3:a7:17:a2:c4:f0:ba:
1f:32:ef:f2:88:d7:85:7c:43:96:42:74:00:7c:73:b4:20:d8:
42:88:64:98:15:62:06:a4:3c:8c:ab:51:6d:df:e8:80:52:33:
66:b1:91:75:98:6c:72:8a:66:27:75:f0:b2:02:e3:31:02:7f:
2e:7f:b4:ff:ed:2a:3d:b0:5c:71:92:3f:79:fc:0a:b0:e2:ca:
5f:4f:f3:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaCgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTcyMjQyWhcNMjUxMDMwMTcyMjQyWjAYMRYw
FAYDVQQDEw02OGQ0MjhlNy01NDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAklvcTG3EAjG3q23YYklw0u+RFciki8/UUVyvI4L0i+WufqLQd2sgy4Xr
puQqnCITvUdWATzXQY62gFIUXHk55OyqGC26fgBV3ttD8UL3uUIA1gb55J/bqfgS
UWN9JuxYoq3+n3Gmg1jJMKwkfIOpnbFp1RhXicWKsJjSOYK8Fwa2whJ8li8FFiS7
ysg5OXWbeT1e4+dtkTUHOVHs4z5Fk62WciIoHysJeZbtMLb7ia1l9cDW+EbaCnNo
dns4QvTRvA7IMQDCuUeW2CmNBUpN9JtbPCHWlqRsXmv0Cv0F2Hri81ELY81DH9jr
RbykRxyvymR5xkF/7x45oiXjGkocxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCSf
zBki/YzjhIDBCf+xBw8yrE86MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNjhGNkUxODk5NkIxMUYwOTUyMkMwODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsleMA0GCSqGSIb3DQEB
CwUAA4IBAQAi3eurLJEmF5AGoHsecBd4yLvUTVoaCXajPcSthzdIbs0GAjoDPVks
Euh9chGT20vGefO7xxtLbyxgXFuDQb2ZSqEQcAHycBBvPQyfWsIeMwxcXRuvfgki
8tWWtt8UnuJ18ByncAJAxKwJY6dQxk9zc4uVPP5EIt36tLUFYe292nUlqnxN76jw
vl1xjClI39ivYGqatYMpPHpontC1T23DNqIBDovJOMb6FHlkAsOnF6LE8LofMu/y
iNeFfEOWQnQAfHO0INhCiGSYFWIGpDyMq1Ft3+iAUjNmsZF1mGxyimYndfCyAuMx
An8uf7T/7So9sFxxkj95/Aqw4spfT/Oa
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:08 2025 by rpki-client