Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1ACFE20A993E11F08F9EF7E1DAE4EC9C.roa
File: 1ACFE20A993E11F08F9EF7E1DAE4EC9C.roa (raw, json)
Hash identifier: PyyVk4KhicAOEDtieZObW0bldQG9gvM4/nUEdX1D2E4=
Subject key identifier: 9C:49:79:20:C1:D9:8E:E1:51:C2:F9:BF:48:68:88:36:AF:CC:EF:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A062
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1ACFE20A993E11F08F9EF7E1DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 12:00:47 +0000
ROA not before: Wed 24 Sep 2025 12:00:41 +0000
ROA not after: Wed 23 Sep 2026 12:00:41 +0000
asID: 132513
IP address blocks: 154.215.15.0/24 maxlen: 24
154.222.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106594 (0x1a062)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 12:00:41 2025 GMT
Not After : Sep 23 12:00:41 2026 GMT
Subject: CN=68d3dd6f-3b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:af:2e:77:99:30:b1:06:bf:76:78:4a:4a:25:
fc:5e:a5:a5:02:0d:f7:38:33:c6:16:26:ad:e6:85:
15:0a:b9:bb:14:37:ef:05:7a:f4:bc:a5:a1:84:ca:
2f:69:60:f4:f2:89:53:3f:89:fb:97:c2:6b:59:28:
0a:44:d7:87:ac:28:05:6b:83:e7:68:61:56:e9:b0:
d5:6c:da:c9:43:b7:59:14:be:5b:d5:9b:a1:72:ae:
2d:73:8b:37:83:ea:31:6d:41:25:1b:23:5f:5b:61:
8e:51:f1:20:23:3a:b9:36:d6:27:7d:ce:68:e5:5e:
33:78:9c:ee:0a:fd:39:c9:d4:76:ad:5d:67:11:92:
ee:b2:a1:42:68:b7:2a:9d:de:e1:e0:19:27:b7:cd:
75:b4:e7:11:cf:86:92:5a:8b:80:d8:28:35:46:56:
68:af:d1:8c:23:d5:c4:f0:94:df:de:f7:32:40:99:
ad:f7:f3:16:cd:47:ae:74:7c:f2:5c:1f:8b:d9:fe:
d1:a1:a0:61:0c:dc:26:d5:80:3b:91:6b:16:49:e5:
5b:31:96:13:7c:60:e6:65:40:43:33:b0:04:6c:cd:
f6:75:f5:54:5c:56:bf:0e:18:2f:4e:43:5e:bd:fa:
28:38:a5:78:f9:11:c3:07:14:94:48:00:cf:5f:06:
80:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:49:79:20:C1:D9:8E:E1:51:C2:F9:BF:48:68:88:36:AF:CC:EF:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1ACFE20A993E11F08F9EF7E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.15.0/24
154.222.37.0/24
Signature Algorithm: sha256WithRSAEncryption
93:8b:10:5f:f6:34:65:4c:d1:7e:e3:b4:61:63:66:4d:fc:0a:
c7:cb:13:aa:80:4f:c6:85:84:4a:a4:2a:69:d1:5b:fc:19:4a:
8b:f9:55:cf:3c:f7:3c:8b:fd:3f:33:04:eb:c8:dc:f9:0d:7a:
ea:bd:53:8c:bc:d5:be:26:68:b5:18:51:59:6a:40:29:97:01:
dc:b9:cc:43:a8:d6:1f:eb:16:7a:13:14:bf:1e:10:d3:f1:6e:
3c:7d:29:ac:1b:b0:95:a3:62:50:76:9f:10:ec:b4:58:b4:47:
3f:0a:fc:61:81:d8:aa:0d:6c:40:33:35:1a:fa:d3:db:0c:97:
0b:2e:c6:cd:10:29:c1:3e:e8:25:6c:04:dc:fb:a5:ca:e3:dc:
8b:5b:bc:79:0a:90:bc:67:c8:1f:c6:d0:37:72:36:45:5c:3d:
01:ed:02:c6:37:2c:20:0f:6b:d8:27:92:c4:ad:42:ed:4b:e1:
d0:ea:8c:0e:61:4e:5c:98:24:81:84:d7:85:f3:97:87:54:4a:
63:d1:e0:2d:0d:89:98:6d:a6:e6:c5:9f:6b:df:54:8c:a7:22:
85:1a:bf:aa:f3:d0:3d:ed:db:a1:d0:0d:24:fb:99:04:6b:21:
ee:13:cc:10:f8:dc:00:47:ba:f0:c1:35:d1:f4:6e:40:4d:2b:
83:c7:d3:24
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaBiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTIwMDQxWhcNMjYwOTIzMTIwMDQxWjAYMRYw
FAYDVQQDEw02OGQzZGQ2Zi0zYjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA068ud5kwsQa/dnhKSiX8XqWlAg33ODPGFiat5oUVCrm7FDfvBXr0vKWh
hMovaWD08olTP4n7l8JrWSgKRNeHrCgFa4PnaGFW6bDVbNrJQ7dZFL5b1Zuhcq4t
c4s3g+oxbUElGyNfW2GOUfEgIzq5NtYnfc5o5V4zeJzuCv05ydR2rV1nEZLusqFC
aLcqnd7h4Bknt811tOcRz4aSWouA2Cg1RlZor9GMI9XE8JTf3vcyQJmt9/MWzUeu
dHzyXB+L2f7RoaBhDNwm1YA7kWsWSeVbMZYTfGDmZUBDM7AEbM32dfVUXFa/Dhgv
TkNevfooOKV4+RHDBxSUSADPXwaA0QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJxJ
eSDB2Y7hUcL5v0hoiDavzO9lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUNGRTIwQTk5M0UxMUYwOEY5RUY3RTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmtcPAwQAmt4lMA0GCSqG
SIb3DQEBCwUAA4IBAQCTixBf9jRlTNF+47RhY2ZN/ArHyxOqgE/GhYRKpCpp0Vv8
GUqL+VXPPPc8i/0/MwTryNz5DXrqvVOMvNW+Jmi1GFFZakAplwHcucxDqNYf6xZ6
ExS/HhDT8W48fSmsG7CVo2JQdp8Q7LRYtEc/CvxhgdiqDWxAMzUa+tPbDJcLLsbN
ECnBPuglbATc+6XK49yLW7x5CpC8Z8gfxtA3cjZFXD0B7QLGNywgD2vYJ5LErULt
S+HQ6owOYU5cmCSBhNeF85eHVEpj0eAtDYmYbabmxZ9r31SMpyKFGr+q89A97duh
0A0k+5kEayHuE8wQ+NwAR7rwwTXR9G5ATSuDx9Mk
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:34 2025 by rpki-client