Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC15DB2A43E11F0A2734DB6DAE4EC9C.roa
File: 3BC15DB2A43E11F0A2734DB6DAE4EC9C.roa (raw, json)
Hash identifier: UeQHrgAivMSvKEX1rveAoqTUSK938ekdE3hNvM96Zvk=
Subject key identifier: AC:98:F4:D3:A5:FA:D4:64:C6:D2:C2:3F:47:70:57:23:43:74:FE:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A2CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC15DB2A43E11F0A2734DB6DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 11:59:25 +0000
ROA not before: Wed 08 Oct 2025 11:59:20 +0000
ROA not after: Sun 16 Nov 2025 11:59:20 +0000
asID: 272854
IP address blocks: 154.194.54.0/24 maxlen: 24
154.197.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107215 (0x1a2cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 8 11:59:20 2025 GMT
Not After : Nov 16 11:59:20 2025 GMT
Subject: CN=68e6521d-b746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0f:64:7a:c5:f0:54:57:82:23:f7:0f:3c:8a:
1f:66:33:fe:24:42:ca:87:ef:34:35:6c:b8:59:29:
92:58:b6:e9:db:3f:b7:8f:26:d0:8b:26:40:76:02:
38:91:43:9e:96:cd:00:49:3c:68:37:9c:b6:b5:dc:
48:8c:d4:d6:7b:17:9e:42:8a:c3:02:27:54:e9:fc:
e3:40:9d:0e:70:c5:70:57:51:f0:f1:0c:e2:f1:94:
b7:b5:21:c0:e1:c2:ef:6e:64:39:38:34:5b:fa:d5:
7f:d2:46:20:2d:38:18:28:05:5d:a0:bf:e2:8e:fb:
f7:ad:23:05:5a:f9:89:7a:8b:78:7e:7f:3c:7d:f0:
b3:37:23:30:fc:29:3c:6c:e2:81:ea:f3:be:ea:ba:
90:24:8a:ce:6e:25:50:b9:d8:1a:8c:19:70:a1:ad:
33:5b:29:a6:54:8d:3c:fc:a1:86:1e:2b:b8:2a:45:
e0:fa:99:b2:b8:95:a9:af:df:98:f7:0b:23:a3:54:
01:cb:10:86:b6:44:ee:f0:7f:92:ef:69:c1:4d:dd:
af:21:f7:4e:46:9f:7d:59:31:4f:7b:1c:0a:51:5a:
80:aa:f6:e1:30:11:58:81:7e:0c:40:08:a3:3f:86:
9e:a8:10:09:d5:65:2d:47:3d:46:fc:1b:a9:86:3c:
c4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:98:F4:D3:A5:FA:D4:64:C6:D2:C2:3F:47:70:57:23:43:74:FE:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BC15DB2A43E11F0A2734DB6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.54.0/24
154.197.1.0/24
Signature Algorithm: sha256WithRSAEncryption
94:99:e0:11:46:48:07:b4:8f:13:a2:af:25:c4:59:db:36:44:
9a:7f:60:d8:18:f2:90:29:ce:c3:ed:5b:82:cf:0b:04:cc:f1:
bd:38:af:35:26:e4:0c:f6:3a:01:3d:c5:f6:88:04:ab:22:51:
75:bc:de:f6:07:05:04:26:09:23:09:8f:de:7e:62:bf:a8:fe:
15:01:2d:aa:cb:ac:4d:1a:10:89:dc:a3:51:eb:5e:94:23:e8:
d7:55:d4:f2:ea:1a:c2:e9:69:54:22:fe:e3:b6:7c:08:70:59:
af:32:41:af:3d:c7:b9:d6:71:dc:f6:40:6e:7d:6e:ad:5e:48:
ab:92:e6:d1:60:35:ef:28:56:2a:30:09:27:c9:e0:a8:e9:a9:
79:a2:92:54:f9:10:ac:ba:45:93:08:e1:2e:8e:cd:8a:e9:19:
e0:cb:52:5e:cd:02:7d:6a:30:f5:9f:40:6d:38:0e:a5:b2:0d:
9d:f1:3e:18:19:97:3f:ec:e9:76:8d:2f:0e:ff:4b:3f:7e:9a:
e4:8a:fe:81:8b:a9:48:40:70:72:c1:7e:70:27:72:05:da:51:
58:c4:d7:3c:fd:f6:cf:55:67:0f:c7:76:b3:06:ae:2c:5b:7d:
5a:6f:b0:05:c9:c2:78:bd:60:0a:7d:5c:11:7d:23:07:00:50:
25:f7:ff:81
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaLPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA4MTE1OTIwWhcNMjUxMTE2MTE1OTIwWjAYMRYw
FAYDVQQDEw02OGU2NTIxZC1iNzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2w9kesXwVFeCI/cPPIofZjP+JELKh+80NWy4WSmSWLbp2z+3jybQiyZA
dgI4kUOels0ASTxoN5y2tdxIjNTWexeeQorDAidU6fzjQJ0OcMVwV1Hw8Qzi8ZS3
tSHA4cLvbmQ5ODRb+tV/0kYgLTgYKAVdoL/ijvv3rSMFWvmJeot4fn88ffCzNyMw
/Ck8bOKB6vO+6rqQJIrObiVQudgajBlwoa0zWymmVI08/KGGHiu4KkXg+pmyuJWp
r9+Y9wsjo1QByxCGtkTu8H+S72nBTd2vIfdORp99WTFPexwKUVqAqvbhMBFYgX4M
QAijP4aeqBAJ1WUtRz1G/BuphjzEIwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKyY
9NOl+tRkxtLCP0dwVyNDdP6rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkMxNURCMkE0M0UxMUYwQTI3MzREQjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsI2AwQAmsUBMA0GCSqG
SIb3DQEBCwUAA4IBAQCUmeARRkgHtI8Toq8lxFnbNkSaf2DYGPKQKc7D7VuCzwsE
zPG9OK81JuQM9joBPcX2iASrIlF1vN72BwUEJgkjCY/efmK/qP4VAS2qy6xNGhCJ
3KNR616UI+jXVdTy6hrC6WlUIv7jtnwIcFmvMkGvPce51nHc9kBufW6tXkirkubR
YDXvKFYqMAknyeCo6al5opJU+RCsukWTCOEujs2K6Rngy1JezQJ9ajD1n0BtOA6l
sg2d8T4YGZc/7Ol2jS8O/0s/fprkiv6Bi6lIQHBywX5wJ3IF2lFYxNc8/fbPVWcP
x3azBq4sW31ab7AFycJ4vWAKfVwRfSMHAFAl9/+B
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:06 2025 by rpki-client