Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BF110E8998A11F0A93785C7DAE4EC9C.roa
File: 3BF110E8998A11F0A93785C7DAE4EC9C.roa (raw, json)
Hash identifier: YCnIt0bVBYgXE0NvCwctsWXMc/HahX7VKF+rMIWGIas=
Subject key identifier: B0:7D:60:8C:CC:CB:67:F5:27:EC:B8:81:11:9A:EB:B8:C5:F4:7D:5F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BF110E8998A11F0A93785C7DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 21:05:44 +0000
ROA not before: Wed 24 Sep 2025 21:05:40 +0000
ROA not after: Wed 05 Nov 2025 21:05:40 +0000
asID: 20326
IP address blocks: 154.83.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106694 (0x1a0c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 21:05:40 2025 GMT
Not After : Nov 5 21:05:40 2025 GMT
Subject: CN=68d45d28-870a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:13:79:4f:09:19:9e:c3:98:0a:cf:b1:d6:
33:5a:67:4f:81:e6:c5:50:b6:91:95:2f:cc:29:c6:
12:c8:54:72:71:1a:f4:e1:a8:31:be:f4:75:24:4b:
f6:8d:f2:30:2f:0e:a3:b8:1e:82:22:90:73:b6:06:
dd:4e:85:5d:9c:70:8e:68:8c:4b:6d:fc:df:b0:df:
f9:e7:3c:ac:63:c1:e9:10:d6:7b:03:71:60:c5:4d:
87:83:6c:d1:8c:0c:f5:7b:79:fd:79:4e:ca:bf:8c:
71:f7:a7:b0:e5:d9:05:19:1b:80:e5:6c:e4:56:c3:
ed:c9:37:e6:6e:cb:b6:8c:ba:52:a6:9f:f2:38:4f:
38:d0:d5:fb:26:a7:a7:63:71:7d:1f:53:64:be:a1:
43:2f:25:cb:75:31:97:23:00:84:70:59:ea:22:1c:
4d:45:d0:f6:eb:10:a5:89:3e:c2:4c:d8:6e:49:ae:
a6:d4:26:0a:a2:2e:91:71:f9:2a:c7:80:c6:0b:19:
23:61:e1:2a:3f:99:da:7a:e3:f8:6e:0b:07:8e:fb:
5e:a1:3b:17:ac:13:ee:c8:d8:ec:2f:42:d9:5b:f0:
a5:0d:e1:57:15:a7:fe:6d:62:f8:b2:ed:c0:4e:ca:
70:83:a4:39:bc:a9:31:93:62:5d:09:fa:75:d0:09:
a2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7D:60:8C:CC:CB:67:F5:27:EC:B8:81:11:9A:EB:B8:C5:F4:7D:5F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BF110E8998A11F0A93785C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:2f:42:e4:8a:ee:cd:4a:68:a2:5c:07:f7:d2:ea:a9:e5:82:
7d:fe:06:4b:77:ae:3c:23:f9:9a:30:41:de:94:40:a1:e8:7b:
b5:5a:0d:e4:06:23:1f:ad:ba:44:bd:77:4c:ba:1f:3b:14:79:
6e:20:17:20:05:c5:30:a2:78:db:fc:32:34:0e:6f:b8:2b:d5:
13:42:a2:72:81:8e:68:c1:38:88:34:a9:20:cf:1b:e0:04:23:
7e:1d:11:f3:06:6b:08:9a:0b:c9:a2:12:80:ca:48:cb:08:51:
c1:66:3d:73:a0:28:ff:3f:fa:d6:1d:b4:b2:db:49:ab:d1:cc:
af:5f:67:a3:2b:6f:d0:26:6d:8a:0b:d0:4c:21:28:99:24:71:
b3:70:06:f4:d6:4d:ef:d7:62:c8:21:c7:8f:fc:5a:62:b1:d3:
9d:8e:85:cd:11:31:ce:85:50:d4:60:5b:0b:5d:8e:3f:3e:2a:
3d:cf:55:8f:03:ff:7c:3a:4f:e9:35:5d:9f:62:e7:d8:94:dd:
28:10:b1:1e:91:9b:0f:19:3d:37:17:20:a0:92:a1:10:11:33:
46:ac:32:6a:52:54:96:cf:cf:d0:a7:fe:6d:33:af:d7:b7:aa:
6c:67:94:46:b0:73:48:79:87:18:d6:bc:e4:8b:0d:91:b6:e9:
0a:3e:f6:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaDGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MjEwNTQwWhcNMjUxMTA1MjEwNTQwWjAYMRYw
FAYDVQQDEw02OGQ0NWQyOC04NzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAquITeU8JGZ7DmArPsdYzWmdPgebFULaRlS/MKcYSyFRycRr04agxvvR1
JEv2jfIwLw6juB6CIpBztgbdToVdnHCOaIxLbfzfsN/55zysY8HpENZ7A3FgxU2H
g2zRjAz1e3n9eU7Kv4xx96ew5dkFGRuA5WzkVsPtyTfmbsu2jLpSpp/yOE840NX7
JqenY3F9H1NkvqFDLyXLdTGXIwCEcFnqIhxNRdD26xCliT7CTNhuSa6m1CYKoi6R
cfkqx4DGCxkjYeEqP5naeuP4bgsHjvteoTsXrBPuyNjsL0LZW/ClDeFXFaf+bWL4
su3ATspwg6Q5vKkxk2JdCfp10AmiswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLB9
YIzMy2f1J+y4gRGa67jF9H1fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkYxMTBFODk5OEExMUYwQTkzNzg1QzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlOYMA0GCSqGSIb3DQEB
CwUAA4IBAQA9L0Lkiu7NSmiiXAf30uqp5YJ9/gZLd648I/maMEHelECh6Hu1Wg3k
BiMfrbpEvXdMuh87FHluIBcgBcUwonjb/DI0Dm+4K9UTQqJygY5owTiINKkgzxvg
BCN+HRHzBmsImgvJohKAykjLCFHBZj1zoCj/P/rWHbSy20mr0cyvX2ejK2/QJm2K
C9BMISiZJHGzcAb01k3v12LIIceP/FpisdOdjoXNETHOhVDUYFsLXY4/Pio9z1WP
A/98Ok/pNV2fYufYlN0oELEekZsPGT03FyCgkqEQETNGrDJqUlSWz8/Qp/5tM6/X
t6psZ5RGsHNIeYcY1rzkiw2RtukKPvYE
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:08 2025 by rpki-client