Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47A672AA9D6511F0A42D7DC6DAE4EC9C.roa
File: 47A672AA9D6511F0A42D7DC6DAE4EC9C.roa (raw, json)
Hash identifier: mrUW/a/wm5mTW0tGSC+9SbUk2Z65wXJJRo4AnSSv4aU=
Subject key identifier: BD:F1:CA:21:48:AC:CA:79:EF:24:66:96:58:EE:A8:30:D8:CE:E4:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A17B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47A672AA9D6511F0A42D7DC6DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 18:51:17 +0000
ROA not before: Mon 29 Sep 2025 18:51:12 +0000
ROA not after: Wed 05 Nov 2025 18:51:12 +0000
asID: 44559
IP address blocks: 154.209.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106875 (0x1a17b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 18:51:12 2025 GMT
Not After : Nov 5 18:51:12 2025 GMT
Subject: CN=68dad525-4066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:bd:28:d8:be:3d:15:4a:6a:07:5c:cd:68:
fa:fc:9d:89:72:10:f8:8e:50:d0:da:03:cf:be:20:
cb:51:e4:58:4e:ef:8c:65:af:b5:3c:3a:bd:5d:8b:
31:31:0a:be:0b:7e:95:ea:e0:c2:5f:fd:9f:79:96:
7b:d6:75:2b:02:17:ce:f8:dd:65:2f:6a:65:ef:d6:
66:4d:83:e4:d5:4b:cb:f1:2e:27:5c:96:69:0e:0d:
20:51:52:56:42:be:35:c9:d1:bf:bd:28:93:04:24:
01:b9:56:da:77:ed:1f:42:61:54:22:59:3b:ac:f0:
a2:6e:a3:63:e1:ac:69:a3:60:8d:0e:d5:5a:e6:51:
63:73:fd:71:e0:ac:86:86:08:f1:95:cf:b9:65:1a:
7a:47:b6:7d:6e:45:0e:50:84:20:c8:43:95:62:a3:
4e:87:fc:c1:c8:0e:fc:ea:4a:a3:4f:a7:ba:49:ca:
3c:f5:b6:de:32:3d:c9:a4:a6:77:f1:1d:c4:ef:59:
5d:77:78:1f:d9:7d:71:0f:47:de:de:77:65:a2:2f:
15:8e:6f:03:f5:49:a7:e9:ad:84:c4:18:0b:ef:04:
31:f3:1b:95:44:06:6d:ef:9f:a2:24:50:eb:02:59:
8d:55:ab:a3:8c:2a:dc:fa:29:3d:e2:a1:8a:52:6d:
82:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F1:CA:21:48:AC:CA:79:EF:24:66:96:58:EE:A8:30:D8:CE:E4:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/47A672AA9D6511F0A42D7DC6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.206.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:78:02:cf:07:91:17:b3:01:8a:ba:ca:9a:31:e8:c4:99:e0:
73:17:aa:e5:45:d0:c5:26:59:90:ec:62:81:29:f9:23:9f:bc:
6b:6c:1f:ec:d9:76:48:f5:e5:ef:81:d7:da:f5:1f:a7:48:9b:
76:c6:7c:20:8e:e6:8a:9f:b0:34:6d:56:b1:01:c3:5f:2b:6f:
45:af:d6:78:11:de:0d:bf:37:4d:81:40:27:e9:e8:fb:bc:e4:
81:d1:d0:b1:a6:3b:e6:fc:b0:23:53:de:7f:6c:a2:f6:8e:98:
b9:00:c8:47:5a:1f:ca:91:bc:50:f9:5f:78:c0:57:0b:b6:4c:
52:dc:4b:58:f5:c7:13:0b:b8:af:ae:7a:43:6d:6c:1a:eb:74:
af:c5:c7:b8:24:33:96:78:4d:50:93:af:96:fc:0e:78:80:f1:
86:7f:42:d5:d7:7d:f3:b2:4d:13:62:47:7a:1c:f0:a1:20:f7:
f9:9b:85:be:04:eb:cb:03:e0:34:e7:1e:b7:5c:1f:b6:8e:f2:
a1:55:04:8d:ee:3b:20:0c:0b:08:13:aa:73:54:66:43:be:29:
f9:10:5a:15:b6:4e:54:3e:09:99:3e:f8:b7:f3:79:68:0e:6f:
e8:12:e2:2a:8c:dc:ae:32:2b:a1:dc:3d:f9:b4:45:78:9a:1c:
51:7d:2c:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MTg1MTEyWhcNMjUxMTA1MTg1MTEyWjAYMRYw
FAYDVQQDEw02OGRhZDUyNS00MDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsqy9KNi+PRVKagdczWj6/J2JchD4jlDQ2gPPviDLUeRYTu+MZa+1PDq9
XYsxMQq+C36V6uDCX/2feZZ71nUrAhfO+N1lL2pl79ZmTYPk1UvL8S4nXJZpDg0g
UVJWQr41ydG/vSiTBCQBuVbad+0fQmFUIlk7rPCibqNj4axpo2CNDtVa5lFjc/1x
4KyGhgjxlc+5ZRp6R7Z9bkUOUIQgyEOVYqNOh/zByA786kqjT6e6Sco89bbeMj3J
pKZ38R3E71ldd3gf2X1xD0fe3ndloi8Vjm8D9Umn6a2ExBgL7wQx8xuVRAZt75+i
JFDrAlmNVaujjCrc+ik94qGKUm2CywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL3x
yiFIrMp57yRmlljuqDDYzuQUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80N0E2NzJBQTlENjUxMUYwQTQyRDdEQzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHOMA0GCSqGSIb3DQEB
CwUAA4IBAQC3eALPB5EXswGKusqaMejEmeBzF6rlRdDFJlmQ7GKBKfkjn7xrbB/s
2XZI9eXvgdfa9R+nSJt2xnwgjuaKn7A0bVaxAcNfK29Fr9Z4Ed4NvzdNgUAn6ej7
vOSB0dCxpjvm/LAjU95/bKL2jpi5AMhHWh/KkbxQ+V94wFcLtkxS3EtY9ccTC7iv
rnpDbWwa63Svxce4JDOWeE1Qk6+W/A54gPGGf0LV133zsk0TYkd6HPChIPf5m4W+
BOvLA+A05x63XB+2jvKhVQSN7jsgDAsIE6pzVGZDvin5EFoVtk5UPgmZPvi383lo
Dm/oEuIqjNyuMiuh3D35tEV4mhxRfSw6
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:58 2025 by rpki-client