Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E3A84E4A29911F099453092DAE4EC9C.roa
File: 2E3A84E4A29911F099453092DAE4EC9C.roa (raw, json)
Hash identifier: etquOZzdzB2+Ebt5Auf+11ShLppka2Xj0B/v4g0N73k=
Subject key identifier: A5:0D:0B:D9:BA:45:43:48:1C:55:38:0E:F5:33:FC:B7:FF:EB:5E:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A275
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E3A84E4A29911F099453092DAE4EC9C.roa
Signing time: Mon 06 Oct 2025 09:45:24 +0000
ROA not before: Mon 06 Oct 2025 09:45:12 +0000
ROA not after: Sun 23 Nov 2025 09:45:12 +0000
asID: 21859
IP address blocks: 154.198.164.0/24 maxlen: 24
154.202.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107125 (0x1a275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 6 09:45:12 2025 GMT
Not After : Nov 23 09:45:12 2025 GMT
Subject: CN=68e38fb4-1732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:55:ac:df:32:49:72:a0:86:e0:b0:13:d0:2b:
60:5e:a8:c2:1a:b3:64:74:47:37:b3:f6:7f:f7:dd:
2b:3f:4d:9b:7b:c6:b7:a1:fe:03:11:73:c4:06:ee:
54:af:fc:19:43:bd:d9:0d:f6:50:65:b1:b1:a5:92:
fe:0d:85:53:dd:df:86:cb:41:8f:12:c3:28:a0:0e:
a1:7a:bb:22:5e:bb:2c:f4:b1:1a:16:8a:07:10:e7:
46:0d:9a:19:9b:28:09:ac:41:1b:4b:cc:fa:6b:c4:
af:0f:6b:e3:6c:5c:fe:7d:9a:8f:bb:83:5b:a5:ed:
de:e3:02:c9:a6:cb:b8:d7:78:f3:b9:e5:5a:54:eb:
31:ff:50:b3:5d:6d:10:1b:97:e4:32:b8:64:44:d1:
74:f0:55:c6:52:29:4f:8c:55:d8:d5:08:61:82:d5:
95:12:4e:11:57:fb:68:62:f2:5a:bf:cc:83:cc:6b:
59:9a:f5:0f:80:d8:4d:17:9a:c7:0f:88:c4:f0:14:
b9:da:72:17:2c:6e:0d:36:8a:b5:9e:cb:6e:0e:8c:
dd:b5:f3:b1:47:ee:78:e5:e3:fb:f6:53:ce:de:24:
06:28:ad:92:6a:b6:3c:70:bc:2d:e5:fb:4c:aa:8b:
13:60:56:75:6c:1e:5a:c5:b3:9a:64:11:5f:d3:4f:
ad:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0D:0B:D9:BA:45:43:48:1C:55:38:0E:F5:33:FC:B7:FF:EB:5E:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E3A84E4A29911F099453092DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.164.0/24
154.202.115.0/24
Signature Algorithm: sha256WithRSAEncryption
61:17:03:69:ae:e6:99:85:59:5b:f5:65:60:18:eb:a1:40:ce:
f7:74:90:d2:a7:c4:64:3d:80:b7:75:cd:9b:84:7e:c4:a0:30:
19:a6:e5:9a:80:4b:e3:20:bf:ab:64:82:91:77:f3:d9:30:12:
cf:ef:28:ce:f3:ca:64:31:25:db:d3:b2:a6:29:f9:fc:34:c6:
da:77:4e:cc:26:c2:30:78:a4:d7:8e:8e:b6:98:66:5d:ae:e6:
d0:93:15:96:0c:16:eb:c3:86:db:02:75:89:e9:95:03:5c:45:
4e:5a:a9:fd:88:83:f1:d4:2a:95:19:3f:7d:1c:90:ab:a2:c8:
40:7a:71:61:f8:48:eb:90:5b:20:13:8a:a5:00:b2:ea:c8:3d:
b9:95:87:b1:b0:85:9d:15:02:0d:66:88:a8:83:8c:e6:f5:a7:
61:97:30:16:20:90:ab:ea:29:b9:0a:f3:24:c9:9a:85:0c:87:
b8:09:c0:72:d5:86:e7:07:2a:d3:f0:6d:04:e1:2f:41:ea:50:
83:9b:c6:ff:db:10:8b:1d:eb:f7:af:77:5f:5f:b8:4e:f0:05:
66:85:fc:f8:57:16:49:40:27:46:e1:fc:93:3d:59:d9:d8:6a:
f4:f0:65:e8:d8:01:db:26:5b:11:95:73:e4:31:ed:53:8f:01:
26:88:01:cf
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaJ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA2MDk0NTEyWhcNMjUxMTIzMDk0NTEyWjAYMRYw
FAYDVQQDEw02OGUzOGZiNC0xNzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtVWs3zJJcqCG4LAT0CtgXqjCGrNkdEc3s/Z/990rP02be8a3of4DEXPE
Bu5Ur/wZQ73ZDfZQZbGxpZL+DYVT3d+Gy0GPEsMooA6hersiXrss9LEaFooHEOdG
DZoZmygJrEEbS8z6a8SvD2vjbFz+fZqPu4Nbpe3e4wLJpsu413jzueVaVOsx/1Cz
XW0QG5fkMrhkRNF08FXGUilPjFXY1QhhgtWVEk4RV/toYvJav8yDzGtZmvUPgNhN
F5rHD4jE8BS52nIXLG4NNoq1nstuDozdtfOxR+545eP79lPO3iQGKK2SarY8cLwt
5ftMqosTYFZ1bB5axbOaZBFf00+tpwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKUN
C9m6RUNIHFU4DvUz/Lf/617VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRTNBODRFNEEyOTkxMUYwOTk0NTMwOTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsakAwQAmspzMA0GCSqG
SIb3DQEBCwUAA4IBAQBhFwNpruaZhVlb9WVgGOuhQM73dJDSp8RkPYC3dc2bhH7E
oDAZpuWagEvjIL+rZIKRd/PZMBLP7yjO88pkMSXb07KmKfn8NMbad07MJsIweKTX
jo62mGZdrubQkxWWDBbrw4bbAnWJ6ZUDXEVOWqn9iIPx1CqVGT99HJCroshAenFh
+EjrkFsgE4qlALLqyD25lYexsIWdFQINZoiog4zm9adhlzAWIJCr6im5CvMkyZqF
DIe4CcBy1YbnByrT8G0E4S9B6lCDm8b/2xCLHev3r3dfX7hO8AVmhfz4VxZJQCdG
4fyTPVnZ2Gr08GXo2AHbJlsRlXPkMe1TjwEmiAHP
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:54 2025 by rpki-client