Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30007B2AAB3711F0BBB7C3A8DAE4EC9C.roa
File: 30007B2AAB3711F0BBB7C3A8DAE4EC9C.roa (raw, json)
Hash identifier: RKO7RFDYQ6RTTA7e40SoL2LQ2JGOkatsr3Cs5nCoaOI=
Subject key identifier: 52:9B:FA:77:76:F1:44:86:7F:BC:5C:82:A6:B6:DE:B3:D8:5D:E2:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A41E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30007B2AAB3711F0BBB7C3A8DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 08:56:37 +0000
ROA not before: Fri 17 Oct 2025 08:56:32 +0000
ROA not after: Mon 24 Nov 2025 08:56:32 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107550 (0x1a41e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 08:56:32 2025 GMT
Not After : Nov 24 08:56:32 2025 GMT
Subject: CN=68f204c5-d02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:5e:3b:ac:6e:65:db:f7:c8:81:c6:52:5b:
e2:d4:7b:aa:d4:0c:04:91:ee:d9:21:54:14:df:8e:
2b:cf:d8:06:a1:c1:6c:2c:81:3b:ee:f5:f3:24:cf:
8c:2e:01:58:fc:69:07:4e:f6:78:71:dd:02:f3:2e:
1f:0c:00:f1:36:b3:4a:f9:60:2c:f6:01:0d:b8:85:
93:90:1e:73:15:5f:b5:57:2f:24:d4:bb:3d:23:3b:
68:ad:91:5a:bf:dc:38:c1:01:ee:70:98:08:1b:1a:
41:a7:d0:a5:b7:2e:b6:25:c0:2f:fd:fe:c4:70:b9:
23:a2:d5:35:10:ab:f1:63:3c:04:a2:88:b5:76:72:
bc:1b:04:01:f0:0e:1a:e8:bf:b0:e2:45:2b:c7:f3:
47:72:31:d8:37:15:1a:c9:bc:66:a2:31:e3:d8:80:
6e:73:13:4d:6b:72:43:55:e4:17:1a:e1:27:82:f0:
19:4d:40:dd:37:f3:d0:01:ab:cc:44:c2:38:2f:47:
39:fe:31:8f:92:17:00:bc:88:9e:f3:9b:b5:d5:d7:
3e:6c:ea:db:31:93:d1:09:98:f5:ee:5b:54:8e:f9:
a6:0c:ac:88:90:37:c9:32:e8:2a:6d:bb:92:6e:1c:
ee:f6:ca:5c:81:ae:c0:bd:53:be:6d:10:72:8f:10:
ae:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9B:FA:77:76:F1:44:86:7F:BC:5C:82:A6:B6:DE:B3:D8:5D:E2:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30007B2AAB3711F0BBB7C3A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:2d:8d:fa:3b:f7:f1:22:d1:fa:0c:58:7a:5f:56:3d:f7:e9:
83:24:2b:aa:55:8a:80:73:85:15:56:30:89:01:c8:e5:35:68:
6a:be:80:79:d6:b6:6f:b3:69:c6:2e:3d:d3:8d:c4:b8:9f:6a:
a7:d1:a9:ae:d4:00:49:c8:6e:a9:73:1f:b2:df:57:e1:bb:34:
72:9f:a2:47:45:a9:25:dc:7d:d0:f3:8d:44:c1:71:85:eb:07:
33:03:e8:e1:14:93:04:78:cb:1f:a3:9f:34:6f:6d:c8:7b:aa:
0c:43:dc:dd:e9:02:51:84:4c:5f:59:b7:24:93:a7:8e:d4:06:
d5:9e:39:64:6d:e1:8f:f2:a6:68:69:7f:02:e1:91:8a:34:57:
c6:c6:3a:4b:35:d4:2e:02:ac:15:c8:34:47:a5:bb:9a:60:60:
dd:bd:3d:b0:d0:e8:b5:39:30:47:72:4d:bf:61:d4:56:a1:ad:
48:b0:43:d2:3f:0e:b2:5f:6b:7a:7c:67:2f:4b:58:ac:8f:73:
e9:ba:69:58:54:b0:d7:ab:a7:8b:5b:00:12:83:fc:a0:6d:6b:
b4:ff:44:22:a3:c6:17:1c:ff:7d:84:cc:f7:08:3e:7b:b9:e8:
36:37:38:21:84:d0:c5:29:29:c7:b5:63:73:3d:f5:8c:44:86:
58:88:89:7c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MDg1NjMyWhcNMjUxMTI0MDg1NjMyWjAYMRYw
FAYDVQQDEw02OGYyMDRjNS1kMDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlReO6xuZdv3yIHGUlvi1Huq1AwEke7ZIVQU344rz9gGocFsLIE77vXz
JM+MLgFY/GkHTvZ4cd0C8y4fDADxNrNK+WAs9gENuIWTkB5zFV+1Vy8k1Ls9Izto
rZFav9w4wQHucJgIGxpBp9Clty62JcAv/f7EcLkjotU1EKvxYzwEooi1dnK8GwQB
8A4a6L+w4kUrx/NHcjHYNxUaybxmojHj2IBucxNNa3JDVeQXGuEngvAZTUDdN/PQ
AavMRMI4L0c5/jGPkhcAvIie85u11dc+bOrbMZPRCZj17ltUjvmmDKyIkDfJMugq
bbuSbhzu9spcga7AvVO+bRByjxCuyQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFKb
+nd28USGf7xcgqa23rPYXeImMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDAwN0IyQUFCMzcxMUYwQkJCN0MzQThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQCaLY36O/fxItH6DFh6X1Y99+mDJCuqVYqAc4UVVjCJAcjlNWhqvoB5
1rZvs2nGLj3TjcS4n2qn0amu1ABJyG6pcx+y31fhuzRyn6JHRakl3H3Q841EwXGF
6wczA+jhFJMEeMsfo580b23Ie6oMQ9zd6QJRhExfWbckk6eO1AbVnjlkbeGP8qZo
aX8C4ZGKNFfGxjpLNdQuAqwVyDRHpbuaYGDdvT2w0Oi1OTBHck2/YdRWoa1IsEPS
Pw6yX2t6fGcvS1isj3PpumlYVLDXq6eLWwASg/ygbWu0/0Qio8YXHP99hMz3CD57
ueg2NzghhNDFKSnHtWNzPfWMRIZYiIl8
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:45 2025 by rpki-client