Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32A6BB289D7711F0B7F279B6DAE4EC9C.roa
File: 32A6BB289D7711F0B7F279B6DAE4EC9C.roa (raw, json)
Hash identifier: 6mP8kuvOXV7PqOe4lIFnoCUDGiDzvb1dEvXsas/B0mw=
Subject key identifier: D1:3F:36:A9:77:C6:F9:7F:EB:30:77:CB:69:B5:97:46:AC:5D:94:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A189
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32A6BB289D7711F0B7F279B6DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 20:59:33 +0000
ROA not before: Mon 29 Sep 2025 20:59:26 +0000
ROA not after: Tue 04 Nov 2025 20:59:26 +0000
asID: 151419
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106889 (0x1a189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 20:59:26 2025 GMT
Not After : Nov 4 20:59:26 2025 GMT
Subject: CN=68daf335-1af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:be:9f:56:56:2e:94:7a:ba:9b:9b:92:9d:83:
8f:84:69:07:84:10:45:52:9b:33:92:bc:6f:55:9b:
a4:ce:e8:9a:03:c6:3f:ce:84:9d:6b:f7:e3:f9:89:
f1:fc:8d:fe:4b:bb:e2:b7:08:78:33:ae:b4:d6:be:
04:8a:e4:80:e4:07:7a:5e:e8:fd:4d:14:cc:89:0f:
66:bd:9c:f4:12:ee:cc:b4:11:28:63:a8:1d:7e:f9:
9e:2a:19:79:c4:db:09:8a:05:c9:4b:05:2c:66:8e:
63:a8:bc:95:c7:0a:ed:d2:1c:7f:df:98:e1:d9:a6:
90:b7:65:3c:77:c5:5b:f6:96:d3:b5:98:d4:81:4a:
6d:83:4f:40:ad:75:50:fa:f7:30:03:ed:ef:fb:d0:
e8:8c:30:51:a3:e4:72:82:69:dc:49:c2:7f:0c:53:
0a:fd:4b:de:84:0c:8b:43:28:0c:8a:ce:8b:85:a4:
5b:2f:f5:2b:26:b3:92:03:92:42:d0:db:0c:7c:03:
4f:e0:47:eb:87:90:a1:98:a7:bb:5c:68:fe:a7:3d:
0d:6e:db:35:02:cd:18:a1:1c:a5:43:0f:8a:69:1e:
18:cd:42:bc:29:42:80:4a:8b:58:f3:8a:44:8c:e5:
35:a1:39:04:5c:5f:0f:14:e9:19:7d:88:fe:38:20:
17:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3F:36:A9:77:C6:F9:7F:EB:30:77:CB:69:B5:97:46:AC:5D:94:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32A6BB289D7711F0B7F279B6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:98:21:87:85:d4:04:5c:b3:da:0c:0a:de:c3:76:54:7c:00:
25:ce:d6:31:a2:ca:59:c7:86:a0:c9:7c:28:37:13:13:e8:9e:
b1:a9:38:58:31:c5:4e:46:d9:ce:9a:9c:f0:2f:d6:1e:38:60:
1e:b8:e5:9e:e6:03:c5:32:36:fe:a0:b8:73:97:50:27:c3:f1:
d0:8f:71:d7:b2:5e:cb:70:2f:17:1e:d4:67:5d:d7:50:fa:cc:
31:cb:63:5e:aa:a2:0b:bd:ec:aa:9c:b4:aa:f2:ac:fc:81:47:
64:0f:c6:90:53:84:2f:d3:ee:b2:7a:ca:18:42:fd:6d:6d:a9:
19:90:93:c4:a4:49:8a:e5:c0:55:b0:0e:31:61:0c:60:0c:dc:
15:9c:7c:3d:ad:fa:c9:63:71:a5:8f:c9:af:a3:70:b0:23:0a:
c0:2e:24:b3:3c:04:5c:7a:ff:41:10:87:80:0f:ea:8d:35:0a:
4c:53:e8:05:c4:54:92:6b:dc:6e:9d:a3:6a:e5:8d:7e:9b:b5:
44:da:05:44:cf:48:5c:7d:a6:72:2b:70:b1:a5:b8:e4:17:b8:
cd:b0:a7:b8:c5:d4:6a:99:89:07:3c:c3:69:7e:f5:8b:dc:63:
7d:b7:aa:74:b9:e4:ea:04:fe:f9:8c:f3:8b:4f:8f:a0:82:b5:
79:22:7b:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaGJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjA1OTI2WhcNMjUxMTA0MjA1OTI2WjAYMRYw
FAYDVQQDEw02OGRhZjMzNS0xYWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwL6fVlYulHq6m5uSnYOPhGkHhBBFUpszkrxvVZukzuiaA8Y/zoSda/fj
+Ynx/I3+S7vitwh4M6601r4EiuSA5Ad6Xuj9TRTMiQ9mvZz0Eu7MtBEoY6gdfvme
Khl5xNsJigXJSwUsZo5jqLyVxwrt0hx/35jh2aaQt2U8d8Vb9pbTtZjUgUptg09A
rXVQ+vcwA+3v+9DojDBRo+RygmncScJ/DFMK/UvehAyLQygMis6LhaRbL/UrJrOS
A5JC0NsMfANP4Efrh5ChmKe7XGj+pz0Nbts1As0YoRylQw+KaR4YzUK8KUKASotY
84pEjOU1oTkEXF8PFOkZfYj+OCAXTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNE/
Nql3xvl/6zB3y2m1l0asXZSVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkE2QkIyODlENzcxMUYwQjdGMjc5QjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQBLmCGHhdQEXLPaDArew3ZUfAAlztYxospZx4agyXwoNxMT6J6xqThY
McVORtnOmpzwL9YeOGAeuOWe5gPFMjb+oLhzl1Anw/HQj3HXsl7LcC8XHtRnXddQ
+swxy2NeqqILveyqnLSq8qz8gUdkD8aQU4Qv0+6yesoYQv1tbakZkJPEpEmK5cBV
sA4xYQxgDNwVnHw9rfrJY3Glj8mvo3CwIwrALiSzPARcev9BEIeAD+qNNQpMU+gF
xFSSa9xunaNq5Y1+m7VE2gVEz0hcfaZyK3CxpbjkF7jNsKe4xdRqmYkHPMNpfvWL
3GN9t6p0ueTqBP75jPOLT4+ggrV5Ins/
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:10 2025 by rpki-client