Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33EE36BE9E7B11F0AE3526D7DAE4EC9C.roa
File: 33EE36BE9E7B11F0AE3526D7DAE4EC9C.roa (raw, json)
Hash identifier: EKPp4HtgeseGdtnt95F4Gs02DrZRSimpH1zEY18ZnW4=
Subject key identifier: D0:32:41:2A:F3:B0:E4:CD:8A:B1:EF:C5:A5:3D:70:48:36:EF:AC:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1D7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33EE36BE9E7B11F0AE3526D7DAE4EC9C.roa
Signing time: Wed 01 Oct 2025 04:00:44 +0000
ROA not before: Wed 01 Oct 2025 04:00:39 +0000
ROA not after: Sat 01 Nov 2025 04:00:39 +0000
asID: 984
IP address blocks: 154.82.132.0/24 maxlen: 24
154.82.135.0/24 maxlen: 24
154.90.133.0/24 maxlen: 24
154.95.2.0/24 maxlen: 24
154.95.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106967 (0x1a1d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 1 04:00:39 2025 GMT
Not After : Nov 1 04:00:39 2025 GMT
Subject: CN=68dca76c-2fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:e8:bf:32:ad:aa:94:aa:e4:f1:11:50:03:
4f:29:58:da:e4:ca:c8:48:ca:7a:f9:9b:eb:b1:89:
14:97:12:c3:82:70:33:24:dc:ea:b8:1f:02:c3:1c:
3b:e7:06:7f:c3:43:f4:09:a1:c0:3f:1c:9f:21:77:
9e:83:43:1c:f8:d4:47:e8:ba:06:4a:78:3d:47:1e:
42:5e:f6:ec:67:fa:47:cc:33:39:4e:13:22:f9:8a:
66:90:74:4a:ff:bd:bd:d7:cd:3e:b7:3c:27:0f:a1:
16:13:5e:bc:39:01:a9:32:dc:54:47:a1:f8:2a:9c:
5f:38:df:78:1c:89:68:99:9e:ed:a8:c4:7c:23:74:
83:81:cb:d3:7e:e6:19:6a:7b:aa:ad:4f:16:93:5f:
9e:ea:1e:d9:1b:8b:e4:17:68:f5:f3:a8:49:3e:12:
7b:01:db:f1:38:7f:72:51:b5:9b:b2:2b:54:5a:1c:
d2:f9:16:3a:c7:45:b6:58:e8:1e:de:b6:82:df:a9:
25:dc:3c:89:b4:20:d9:b1:75:e7:78:b5:b1:12:40:
d2:00:84:c7:58:f5:3d:27:02:50:52:a9:98:0c:83:
4f:1a:52:e4:3f:ba:1c:9b:92:21:9f:5b:39:8f:02:
3d:59:37:cb:98:ae:7a:1d:df:eb:48:29:18:01:71:
cc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:32:41:2A:F3:B0:E4:CD:8A:B1:EF:C5:A5:3D:70:48:36:EF:AC:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33EE36BE9E7B11F0AE3526D7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.132.0/24
154.82.135.0/24
154.90.133.0/24
154.95.2.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:08:08:f2:0f:66:55:01:b3:96:21:f5:68:08:09:2a:7e:aa:
02:e8:99:9b:ed:6b:c3:8d:07:c1:ed:a4:14:2b:3b:c7:d5:0e:
e7:26:3f:40:df:5f:24:cb:d4:3b:56:ca:9d:92:e8:53:93:d2:
cd:ab:9f:94:d2:c9:af:ae:04:42:e7:ab:fc:ec:28:01:3e:5c:
1f:67:b2:de:10:8a:1b:ab:4f:1a:0d:bf:0c:10:2c:81:1b:45:
79:61:44:cf:f4:46:72:a9:c2:17:45:0c:c2:e5:c6:f3:e6:c5:
d2:3a:89:4c:66:79:84:0a:27:6b:f7:55:c1:0d:a6:1c:5d:6e:
c3:64:d8:05:b6:cf:f5:c9:93:71:40:79:06:a7:6d:e5:2c:f1:
af:17:d6:90:cc:a9:f5:6a:56:a1:fd:d7:5b:c9:40:61:fa:59:
79:12:24:9c:21:ab:f7:cd:1b:53:90:7d:b5:30:b9:3b:62:24:
1c:16:72:16:23:c7:ba:40:f3:c5:67:ee:7f:27:58:9b:4e:6e:
92:f2:fd:59:10:2c:f2:b6:e6:47:ad:a2:93:56:5a:06:2a:c5:
a6:25:a3:be:81:01:13:ab:67:f8:2c:b6:a8:88:2b:b5:ef:f2:
e6:ab:5f:c2:f4:2f:3d:b5:97:89:a5:cc:96:18:c5:3a:e5:25:
35:8e:18:1c
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAaHXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAxMDQwMDM5WhcNMjUxMTAxMDQwMDM5WjAYMRYw
FAYDVQQDEw02OGRjYTc2Yy0yZmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwyvovzKtqpSq5PERUANPKVja5MrISMp6+ZvrsYkUlxLDgnAzJNzquB8C
wxw75wZ/w0P0CaHAPxyfIXeeg0Mc+NRH6LoGSng9Rx5CXvbsZ/pHzDM5ThMi+Ypm
kHRK/729180+tzwnD6EWE168OQGpMtxUR6H4KpxfON94HIlomZ7tqMR8I3SDgcvT
fuYZanuqrU8Wk1+e6h7ZG4vkF2j186hJPhJ7AdvxOH9yUbWbsitUWhzS+RY6x0W2
WOge3raC36kl3DyJtCDZsXXneLWxEkDSAITHWPU9JwJQUqmYDINPGlLkP7ocm5Ih
n1s5jwI9WTfLmK56Hd/rSCkYAXHM4QIDAQABo4ICtzCCArMwHQYDVR0OBBYEFNAy
QSrzsOTNirHvxaU9cEg276yyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zM0VFMzZCRTlFN0IxMUYwQUUzNTI2RDdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAmlKEAwQAmlKHAwQAmlqF
AwQBml8CMA0GCSqGSIb3DQEBCwUAA4IBAQBtCAjyD2ZVAbOWIfVoCAkqfqoC6Jmb
7WvDjQfB7aQUKzvH1Q7nJj9A318ky9Q7VsqdkuhTk9LNq5+U0smvrgRC56v87CgB
PlwfZ7LeEIobq08aDb8MECyBG0V5YUTP9EZyqcIXRQzC5cbz5sXSOolMZnmECidr
91XBDaYcXW7DZNgFts/1yZNxQHkGp23lLPGvF9aQzKn1alah/ddbyUBh+ll5EiSc
Iav3zRtTkH21MLk7YiQcFnIWI8e6QPPFZ+5/J1ibTm6S8v1ZECzytuZHraKTVloG
KsWmJaO+gQETq2f4LLaoiCu17/Lmq1/C9C89tZeJpcyWGMU65SU1jhgc
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:21 2025 by rpki-client