Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/432FB304A81D11F08FEEF3CBDAE4EC9C.roa
File: 432FB304A81D11F08FEEF3CBDAE4EC9C.roa (raw, json)
Hash identifier: aGu463dG3usLLRVBJbUAaLNg4jUJFox8Zr+NFrbCSs0=
Subject key identifier: B2:08:AE:66:B1:3B:1B:04:A0:30:79:70:30:7C:40:8E:A5:9A:99:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A36A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/432FB304A81D11F08FEEF3CBDAE4EC9C.roa
Signing time: Mon 13 Oct 2025 10:13:29 +0000
ROA not before: Mon 13 Oct 2025 10:13:20 +0000
ROA not after: Fri 21 Nov 2025 10:13:20 +0000
asID: 57043
IP address blocks: 154.84.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107370 (0x1a36a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 13 10:13:20 2025 GMT
Not After : Nov 21 10:13:20 2025 GMT
Subject: CN=68ecd0c9-59b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:f1:7d:63:34:f9:a1:0a:18:e6:12:b1:06:
49:14:e7:6f:57:12:18:b6:de:27:a9:3f:af:39:bb:
2e:1e:8b:9f:b7:18:d3:fa:02:55:5c:0c:d8:40:ce:
10:0f:36:7c:a7:17:de:4b:9a:2f:dd:85:d5:6e:36:
6b:09:48:df:b1:12:60:a5:e0:cd:3f:a9:e6:49:4a:
a2:de:67:cb:69:6a:9d:69:58:33:72:66:f9:3e:13:
05:01:a1:54:5b:14:b3:81:31:2f:6f:cb:7f:ec:a9:
17:9e:8c:82:e4:e4:d1:e5:bf:ec:bc:69:f0:26:c1:
86:b4:3c:60:0e:8b:da:3d:c6:4d:a6:1f:76:d2:5a:
f6:46:1f:a4:42:97:f6:1b:06:da:78:aa:10:84:47:
75:bf:c0:42:5e:fa:ca:24:8d:0d:c0:98:0a:a1:7a:
ba:f7:38:b3:a8:17:27:73:98:8e:d7:12:56:f0:a0:
13:26:aa:dd:de:4f:8d:48:62:3c:53:ac:29:78:ec:
95:94:03:57:81:5f:f5:31:48:c7:0f:ee:48:eb:a7:
83:34:33:7b:42:76:1c:4d:80:08:be:16:dd:63:21:
35:63:c8:9e:d6:5d:eb:d3:1d:5d:a3:af:92:35:e2:
17:87:de:08:31:22:50:d1:9d:12:c3:9e:ba:fb:2d:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:08:AE:66:B1:3B:1B:04:A0:30:79:70:30:7C:40:8E:A5:9A:99:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/432FB304A81D11F08FEEF3CBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:94:72:ec:57:77:f9:e0:a9:c0:3c:f9:74:a0:de:ac:32:f9:
3d:77:e7:be:35:3d:e1:6a:c7:53:ac:75:d1:4f:9e:1f:aa:bd:
f1:4c:43:ba:ca:26:72:5a:1e:cc:2d:66:90:9a:0f:e7:6d:99:
8a:c3:7f:f7:7e:7b:bd:90:99:e8:e0:01:bc:20:b3:eb:60:78:
6a:ee:65:80:a1:dc:27:f9:02:7c:c6:1f:e3:36:95:65:8e:5e:
c6:ab:df:57:30:38:fc:fc:60:e1:f8:bd:64:82:93:2b:a3:62:
3b:f5:c6:26:f5:a3:ee:4e:c0:59:10:d6:2f:d5:98:42:7e:20:
89:02:a2:cc:84:7a:b8:bd:94:2d:1a:f5:0d:fd:f8:84:6a:21:
7a:76:27:67:90:60:5b:9c:80:89:f0:47:66:b4:11:9d:54:86:
84:5b:84:10:e5:a2:21:79:4d:b5:3a:9a:7d:a0:fe:27:ab:3b:
df:21:fe:9b:47:cb:fb:90:27:79:f3:62:54:5b:0b:99:88:e9:
52:c8:54:1b:09:69:8b:f3:f5:cd:5d:41:fa:b9:0a:6b:94:f9:
2e:be:f2:a9:38:c4:8e:84:1e:1e:83:2a:00:48:0b:16:dc:64:
1a:c4:e0:db:0a:f5:dd:21:06:fc:2f:d1:22:86:9c:1a:41:47:
e6:fe:65:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaNqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEzMTAxMzIwWhcNMjUxMTIxMTAxMzIwWjAYMRYw
FAYDVQQDEw02OGVjZDBjOS01OWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApt7xfWM0+aEKGOYSsQZJFOdvVxIYtt4nqT+vObsuHouftxjT+gJVXAzY
QM4QDzZ8pxfeS5ov3YXVbjZrCUjfsRJgpeDNP6nmSUqi3mfLaWqdaVgzcmb5PhMF
AaFUWxSzgTEvb8t/7KkXnoyC5OTR5b/svGnwJsGGtDxgDovaPcZNph920lr2Rh+k
Qpf2GwbaeKoQhEd1v8BCXvrKJI0NwJgKoXq69zizqBcnc5iO1xJW8KATJqrd3k+N
SGI8U6wpeOyVlANXgV/1MUjHD+5I66eDNDN7QnYcTYAIvhbdYyE1Y8ie1l3r0x1d
o6+SNeIXh94IMSJQ0Z0Sw566+y2hZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLII
rmaxOxsEoDB5cDB8QI6lmpmSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MzJGQjMwNEE4MUQxMUYwOEZFRUYzQ0JEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSkMA0GCSqGSIb3DQEB
CwUAA4IBAQCPlHLsV3f54KnAPPl0oN6sMvk9d+e+NT3hasdTrHXRT54fqr3xTEO6
yiZyWh7MLWaQmg/nbZmKw3/3fnu9kJno4AG8ILPrYHhq7mWAodwn+QJ8xh/jNpVl
jl7Gq99XMDj8/GDh+L1kgpMro2I79cYm9aPuTsBZENYv1ZhCfiCJAqLMhHq4vZQt
GvUN/fiEaiF6didnkGBbnICJ8EdmtBGdVIaEW4QQ5aIheU21Opp9oP4nqzvfIf6b
R8v7kCd582JUWwuZiOlSyFQbCWmL8/XNXUH6uQprlPkuvvKpOMSOhB4egyoASAsW
3GQaxODbCvXdIQb8L9EihpwaQUfm/mUX
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:58 2025 by rpki-client