Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18CE2304AA8211F08A9B0A8EDAE4EC9C.roa
File: 18CE2304AA8211F08A9B0A8EDAE4EC9C.roa (raw, json)
Hash identifier: M6ZCqVnFqyI+D2vaLyOjehCoNoj3OhB6F6Id3Rrnq1s=
Subject key identifier: 69:B2:EA:D3:5A:1D:3F:B7:7F:EE:04:77:19:07:EC:62:46:BC:D1:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A3F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18CE2304AA8211F08A9B0A8EDAE4EC9C.roa
Signing time: Thu 16 Oct 2025 11:20:19 +0000
ROA not before: Thu 16 Oct 2025 11:20:14 +0000
ROA not after: Sat 17 Jan 2026 11:20:14 +0000
asID: 136907
IP address blocks: 154.81.16.0/20 maxlen: 24
154.83.0.0/23 maxlen: 24
154.86.32.0/20 maxlen: 24
154.86.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107510 (0x1a3f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 11:20:14 2025 GMT
Not After : Jan 17 11:20:14 2026 GMT
Subject: CN=68f0d4f3-9f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5b:00:28:b9:d2:18:b8:91:d1:d1:6e:3a:44:
d0:b4:92:63:b0:91:2b:6f:d5:3e:6f:7b:c9:01:66:
78:d3:1e:dd:76:27:8f:09:30:d4:83:30:7c:55:e5:
64:fc:33:de:f6:ea:00:e9:c9:73:ca:8d:bb:f8:3c:
7a:26:72:c4:3b:fa:14:40:e0:67:3f:24:75:ce:78:
2d:67:3b:60:11:20:7f:4d:71:0a:bb:7e:e4:0d:ae:
c6:54:cd:e1:e4:a9:df:af:62:aa:93:fc:ec:e8:fc:
b1:d6:3b:44:dd:83:77:57:4a:8b:9a:89:b4:69:44:
9e:8d:a0:79:16:c0:58:ae:db:84:2e:62:72:81:ff:
a7:dd:c2:b4:2a:f0:ed:48:56:01:7a:ff:5e:be:19:
e6:81:8d:e2:e6:5c:72:94:37:8b:45:22:e9:3d:83:
f7:15:6d:b9:30:de:49:5b:6a:02:ff:37:67:4f:87:
ad:d8:1c:04:26:7d:de:8d:10:f9:00:84:60:33:4f:
44:a4:c7:06:0e:90:96:96:0e:1c:9e:ae:36:38:ee:
af:6a:73:fa:b4:d2:56:4e:aa:b5:c1:a5:62:24:4f:
41:e4:6b:ef:1b:06:56:b4:e2:4b:e7:9e:a2:63:93:
70:4e:ee:c1:e8:b6:47:db:7e:be:e8:22:48:45:3d:
97:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B2:EA:D3:5A:1D:3F:B7:7F:EE:04:77:19:07:EC:62:46:BC:D1:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18CE2304AA8211F08A9B0A8EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.16.0/20
154.83.0.0/23
154.86.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:a1:8b:c1:cd:cb:31:d3:62:9a:4e:0e:9d:e1:62:ee:8f:4f:
8b:04:22:28:97:a7:f8:e0:41:ee:a7:28:41:b7:99:b2:fe:85:
15:f0:fb:06:86:2c:18:07:a2:a9:ce:68:df:52:6c:a0:7e:4d:
6f:74:62:93:1f:e8:f0:71:9a:8c:0f:07:f9:fa:75:45:80:33:
3c:dc:8d:d2:31:b2:11:8d:c0:d5:fa:d8:64:42:83:19:89:88:
43:b4:d1:5c:bd:e1:09:d9:bb:bf:10:2a:56:34:bd:9b:57:e2:
9c:28:e2:c5:87:e1:b2:79:44:3e:16:b8:fa:ee:43:67:b0:4b:
91:b2:97:65:d2:a8:4a:47:4d:f5:4e:cb:a5:17:80:58:16:de:
19:5a:ba:56:e1:f8:02:a4:2c:21:79:a6:48:1e:c3:c4:cc:64:
20:43:f7:0b:d0:fe:c1:30:cb:61:a6:49:5c:b4:ad:da:db:3d:
0b:b0:b9:86:bb:41:7f:96:2a:5d:dd:5d:e3:75:28:a8:60:c7:
5c:5d:6c:25:5c:70:d1:97:b6:de:dc:54:88:e2:0a:2a:71:55:
95:c0:ea:5f:4f:43:d4:b1:af:b8:cc:23:03:b2:13:86:5a:c7:
42:1b:b8:dd:33:8e:fd:e4:79:e2:ca:38:fa:0e:3e:ba:05:2a:
80:d2:5a:31
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAaP2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MTEyMDE0WhcNMjYwMTE3MTEyMDE0WjAYMRYw
FAYDVQQDEw02OGYwZDRmMy05ZjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAulsAKLnSGLiR0dFuOkTQtJJjsJErb9U+b3vJAWZ40x7ddiePCTDUgzB8
VeVk/DPe9uoA6clzyo27+Dx6JnLEO/oUQOBnPyR1zngtZztgESB/TXEKu37kDa7G
VM3h5Knfr2Kqk/zs6Pyx1jtE3YN3V0qLmom0aUSejaB5FsBYrtuELmJygf+n3cK0
KvDtSFYBev9evhnmgY3i5lxylDeLRSLpPYP3FW25MN5JW2oC/zdnT4et2BwEJn3e
jRD5AIRgM09EpMcGDpCWlg4cnq42OO6vanP6tNJWTqq1waViJE9B5GvvGwZWtOJL
556iY5NwTu7B6LZH236+6CJIRT2XJwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFGmy
6tNaHT+3f+4EdxkH7GJGvNGlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOENFMjMwNEFBODIxMUYwOEE5QjBBOEVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEmlEQAwQBmlMAAwQFmlYg
MA0GCSqGSIb3DQEBCwUAA4IBAQAKoYvBzcsx02KaTg6d4WLuj0+LBCIol6f44EHu
pyhBt5my/oUV8PsGhiwYB6KpzmjfUmygfk1vdGKTH+jwcZqMDwf5+nVFgDM83I3S
MbIRjcDV+thkQoMZiYhDtNFcveEJ2bu/ECpWNL2bV+KcKOLFh+GyeUQ+Frj67kNn
sEuRspdl0qhKR031TsulF4BYFt4ZWrpW4fgCpCwheaZIHsPEzGQgQ/cL0P7BMMth
pklctK3a2z0LsLmGu0F/lipd3V3jdSioYMdcXWwlXHDRl7be3FSI4goqcVWVwOpf
T0PUsa+4zCMDshOGWsdCG7jdM4795Hniyjj6Dj66BSqA0lox
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:58 2025 by rpki-client