Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/180F05BA997411F097F25ABBDAE4EC9C.roa
File: 180F05BA997411F097F25ABBDAE4EC9C.roa (raw, json)
Hash identifier: KRkYYPmkuyk8gZqwkL9X0te8eMHcxYZRxjWdgRALMWE=
Subject key identifier: 5A:67:46:19:80:88:E5:56:80:DF:DB:29:7A:17:FC:77:BB:8D:D4:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0B0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/180F05BA997411F097F25ABBDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 18:27:15 +0000
ROA not before: Wed 24 Sep 2025 18:27:10 +0000
ROA not after: Thu 30 Oct 2025 18:27:10 +0000
asID: 395886
IP address blocks: 154.201.72.0/21 maxlen: 24
154.201.88.0/22 maxlen: 24
154.201.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106672 (0x1a0b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 18:27:10 2025 GMT
Not After : Oct 30 18:27:10 2025 GMT
Subject: CN=68d43803-64a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:8f:9b:18:e4:a0:c5:33:d2:cc:75:77:42:
0b:b0:86:47:64:69:e5:5e:89:42:2b:40:c2:4f:9e:
a2:c8:21:54:47:b7:18:cd:37:5f:96:de:1b:4d:9d:
41:b2:6d:a1:d1:54:c6:95:31:5f:8a:78:b7:fc:d9:
40:38:4c:a7:33:ed:5c:0b:ea:ea:55:57:e3:b4:78:
02:88:f5:25:40:2a:bf:00:ca:ee:26:fb:61:b8:91:
5a:25:25:75:80:a6:a2:8a:8c:6e:73:0c:80:01:4c:
8f:69:b7:77:c4:89:8c:e7:53:d5:f7:69:8d:5a:cf:
80:39:1c:b8:c1:d4:24:c9:1d:8d:9e:ca:3e:95:81:
f3:73:a6:f5:4c:c1:b4:9a:32:58:56:d0:f2:e5:ba:
17:0f:28:03:2c:89:64:9d:d6:b3:ab:f0:7f:24:0a:
14:38:c8:38:59:1e:cc:4f:15:a4:c9:e2:63:8f:bf:
b3:79:94:25:4e:27:ec:16:08:df:0a:4a:59:31:46:
5b:ac:da:07:de:c4:c9:75:aa:22:42:74:aa:95:3f:
55:93:7c:92:30:2d:66:8e:13:5f:ed:b3:7e:04:8c:
e2:8a:a7:72:42:61:3b:7f:f3:26:79:03:b7:fa:91:
a3:41:c1:7c:46:b1:92:f7:72:2e:7a:65:ac:e4:dc:
70:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:67:46:19:80:88:E5:56:80:DF:DB:29:7A:17:FC:77:BB:8D:D4:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/180F05BA997411F097F25ABBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
154.201.88.0-154.201.93.255
Signature Algorithm: sha256WithRSAEncryption
2d:b8:5a:54:dd:6d:70:c7:ba:6e:19:98:28:c6:83:79:cc:16:
2e:56:5d:82:4c:b4:fb:a8:02:c4:8a:28:7b:70:d2:b1:74:85:
2f:c3:17:ac:16:50:70:75:03:81:56:a2:59:78:f3:fc:fa:f6:
04:5c:09:7e:7d:74:cd:29:e6:9a:be:e2:3f:90:4e:8f:cd:2e:
e2:52:73:11:c9:58:72:3a:57:35:e3:86:7d:3e:68:1a:f5:67:
ab:ac:41:24:12:d4:b8:4b:41:49:99:82:6a:de:2c:9d:97:5b:
de:72:06:9a:a4:a2:11:00:52:0d:c4:07:94:c3:fa:bc:01:1b:
51:bb:bd:e0:25:28:e9:2d:45:be:36:ad:64:ed:79:25:66:bc:
21:7b:d2:b6:26:ad:3b:e0:96:67:c1:76:ce:34:e1:9c:3f:66:
c1:49:c2:01:a7:9c:da:49:d0:ab:00:31:ae:f6:c5:11:31:5a:
e9:6c:a6:f6:71:b0:58:26:28:75:e1:2e:bc:27:d3:51:31:b9:
c1:50:5a:66:42:c1:f7:aa:76:c5:9f:d0:5f:76:42:65:63:11:
b8:d7:fd:bd:4c:0a:83:81:b8:c0:e6:ed:e1:04:7b:1d:53:9d:
b9:8a:8a:84:a3:2c:80:11:aa:c2:bc:80:1e:fa:f9:df:6f:cd:
c0:dc:64:02
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAaCwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTgyNzEwWhcNMjUxMDMwMTgyNzEwWjAYMRYw
FAYDVQQDEw02OGQ0MzgwMy02NGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+6PmxjkoMUz0sx1d0ILsIZHZGnlXolCK0DCT56iyCFUR7cYzTdflt4b
TZ1Bsm2h0VTGlTFfini3/NlAOEynM+1cC+rqVVfjtHgCiPUlQCq/AMruJvthuJFa
JSV1gKaiioxucwyAAUyPabd3xImM51PV92mNWs+AORy4wdQkyR2Nnso+lYHzc6b1
TMG0mjJYVtDy5boXDygDLIlkndazq/B/JAoUOMg4WR7MTxWkyeJjj7+zeZQlTifs
FgjfCkpZMUZbrNoH3sTJdaoiQnSqlT9Vk3ySMC1mjhNf7bN+BIziiqdyQmE7f/Mm
eQO3+pGjQcF8RrGS93IuemWs5NxwHwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFFpn
RhmAiOVWgN/bKXoX/He7jdS7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODBGMDVCQTk5NzQxMUYwOTdGMjVBQkJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmslIMAwDBAOayVgDBAGa
yVwwDQYJKoZIhvcNAQELBQADggEBAC24WlTdbXDHum4ZmCjGg3nMFi5WXYJMtPuo
AsSKKHtw0rF0hS/DF6wWUHB1A4FWoll48/z69gRcCX59dM0p5pq+4j+QTo/NLuJS
cxHJWHI6VzXjhn0+aBr1Z6usQSQS1LhLQUmZgmreLJ2XW95yBpqkohEAUg3EB5TD
+rwBG1G7veAlKOktRb42rWTteSVmvCF70rYmrTvglmfBds404Zw/ZsFJwgGnnNpJ
0KsAMa72xRExWulspvZxsFgmKHXhLrwn01ExucFQWmZCwfeqdsWf0F92QmVjEbjX
/b1MCoOBuMDm7eEEex1TnbmKioSjLIARqsK8gB76+d9vzcDcZAI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:42 2025 by rpki-client