Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C737AAC9EA611F0888A10EFDAE4EC9C.roa
File: 4C737AAC9EA611F0888A10EFDAE4EC9C.roa (raw, json)
Hash identifier: aFwv9p4VTkJvu1AlsEJSZZLkvLNMEPlz5H3RZhaVmNs=
Subject key identifier: 6D:4A:63:34:7A:F7:37:F6:BE:0D:D4:83:72:20:9B:58:CA:28:04:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C737AAC9EA611F0888A10EFDAE4EC9C.roa
Signing time: Wed 01 Oct 2025 09:09:14 +0000
ROA not before: Wed 01 Oct 2025 09:09:06 +0000
ROA not after: Mon 10 Nov 2025 09:09:06 +0000
asID: 137899
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106979 (0x1a1e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 1 09:09:06 2025 GMT
Not After : Nov 10 09:09:06 2025 GMT
Subject: CN=68dcefb9-34ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:48:68:0e:72:94:2a:c6:dd:8e:56:19:16:fe:
7a:7e:d9:4d:53:7e:63:00:4e:47:e5:45:0d:c3:c5:
0b:be:51:dc:7b:8d:a5:d5:68:e0:7a:1b:4c:e4:03:
df:75:7b:1b:f5:9d:02:b1:89:14:a1:60:fe:d2:cc:
ac:f4:68:11:e8:45:c5:99:b5:07:3f:4b:82:00:83:
73:78:d6:58:e7:29:f0:5a:e8:6e:2d:7d:cd:dd:c9:
69:85:ba:34:0c:aa:f1:20:ba:0a:01:04:9a:b6:13:
1f:25:7c:50:16:be:1b:7a:ef:25:ec:2f:0e:f2:48:
a7:08:64:b1:44:c8:7f:58:a5:c0:89:4b:1c:d5:13:
8f:de:8b:b0:96:f5:87:2c:62:eb:46:d4:c9:d3:28:
8c:72:fb:a7:03:03:04:93:92:77:57:9c:96:33:dd:
2c:eb:f0:81:7a:b5:40:e9:c6:f0:b9:5d:b3:c7:fc:
04:28:94:f9:1a:76:00:e9:bd:b7:bd:17:c5:52:a8:
4b:a8:ed:b3:22:1b:82:96:b7:f0:81:8c:31:e2:de:
83:96:d2:b1:58:26:ff:d2:f1:dd:11:2b:59:ea:88:
9a:58:17:74:71:80:a0:b7:20:89:27:1b:cb:e4:29:
ca:6e:a0:e8:72:a9:8e:75:37:a9:c5:7c:6e:ac:0e:
f6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4A:63:34:7A:F7:37:F6:BE:0D:D4:83:72:20:9B:58:CA:28:04:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C737AAC9EA611F0888A10EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
43:69:97:4d:ea:bb:ee:70:f9:d7:ce:82:0a:49:34:93:1e:87:
5d:f4:ff:a1:00:e6:33:b6:8a:1e:d6:6f:59:2f:5c:50:9b:86:
81:97:a9:34:d7:04:de:8e:96:2c:42:02:63:05:73:ba:64:05:
08:2f:25:7e:17:f1:bb:b1:15:3c:65:7e:9e:0a:22:35:9f:3c:
42:28:e0:10:1d:f4:8e:15:ef:d3:da:9c:23:ec:2a:7f:d6:98:
6e:44:3f:ca:17:72:4a:a6:b6:a8:8e:73:ed:5b:90:48:7c:4d:
c3:f7:f6:91:55:91:65:ff:d2:26:f1:a2:79:aa:0b:a3:7e:df:
7e:ac:45:0e:1f:1e:48:5d:5c:2c:3d:b3:24:66:f4:6b:45:33:
b9:d0:c9:57:2b:4f:db:b4:a4:80:62:4c:9a:fb:9a:45:6b:04:
0e:e9:74:01:8f:fd:eb:bc:5e:61:ad:33:45:83:44:14:7d:80:
3b:7e:4a:9d:df:e5:22:7f:0f:76:65:ef:9b:50:cb:e5:62:75:
e3:e7:47:0e:41:ba:63:1c:4b:17:ce:e8:c7:7a:ef:e4:5c:15:
a4:07:ec:49:76:69:c2:d1:2c:e9:63:2f:48:50:51:b9:a2:69:
ab:2f:47:2a:a7:18:1c:ab:b0:c6:0d:97:2a:ea:d5:fb:ff:2d:
29:82:2c:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaHjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAxMDkwOTA2WhcNMjUxMTEwMDkwOTA2WjAYMRYw
FAYDVQQDEw02OGRjZWZiOS0zNGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0EhoDnKUKsbdjlYZFv56ftlNU35jAE5H5UUNw8ULvlHce42l1WjgehtM
5APfdXsb9Z0CsYkUoWD+0sys9GgR6EXFmbUHP0uCAINzeNZY5ynwWuhuLX3N3clp
hbo0DKrxILoKAQSathMfJXxQFr4beu8l7C8O8kinCGSxRMh/WKXAiUsc1ROP3ouw
lvWHLGLrRtTJ0yiMcvunAwMEk5J3V5yWM90s6/CBerVA6cbwuV2zx/wEKJT5GnYA
6b23vRfFUqhLqO2zIhuClrfwgYwx4t6DltKxWCb/0vHdEStZ6oiaWBd0cYCgtyCJ
JxvL5CnKbqDocqmOdTepxXxurA728wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG1K
YzR69zf2vg3Ug3Igm1jKKAThMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QzczN0FBQzlFQTYxMUYwODg4QTEwRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQBDaZdN6rvucPnXzoIKSTSTHodd9P+hAOYztooe1m9ZL1xQm4aBl6k0
1wTejpYsQgJjBXO6ZAUILyV+F/G7sRU8ZX6eCiI1nzxCKOAQHfSOFe/T2pwj7Cp/
1phuRD/KF3JKpraojnPtW5BIfE3D9/aRVZFl/9Im8aJ5qgujft9+rEUOHx5IXVws
PbMkZvRrRTO50MlXK0/btKSAYkya+5pFawQO6XQBj/3rvF5hrTNFg0QUfYA7fkqd
3+Uifw92Ze+bUMvlYnXj50cOQbpjHEsXzujHeu/kXBWkB+xJdmnC0SzpYy9IUFG5
ommrL0cqpxgcq7DGDZcq6tX7/y0pgiyM
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:13 2025 by rpki-client