Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5299EAEE997C11F0A70D5EF0DAE4EC9C.roa
File: 5299EAEE997C11F0A70D5EF0DAE4EC9C.roa (raw, json)
Hash identifier: EwkFX04e1h7YWhLJW76b5COvQ/GWnKBrVQl/Jhv7B0c=
Subject key identifier: A6:C8:48:53:97:4D:83:41:F5:27:EA:86:5F:09:EA:D8:E9:2C:89:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5299EAEE997C11F0A70D5EF0DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 19:26:09 +0000
ROA not before: Wed 24 Sep 2025 19:26:04 +0000
ROA not after: Tue 21 Oct 2025 19:26:04 +0000
asID: 54801
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106682 (0x1a0ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 19:26:04 2025 GMT
Not After : Oct 21 19:26:04 2025 GMT
Subject: CN=68d445d1-05c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:6f:5c:c8:99:ef:cc:ed:41:b2:3d:01:1d:
ac:1a:03:cd:5e:c3:9c:a3:ac:32:b0:1b:1e:e2:07:
ae:35:c6:c3:5b:ba:58:6e:31:e8:ce:74:3c:b7:d4:
75:d9:76:d2:9a:a8:09:77:66:50:2c:53:00:64:ad:
86:d2:a9:83:aa:58:a3:ac:28:a9:4f:48:d4:98:51:
89:4a:87:4c:c6:cd:0b:35:4c:b2:60:f4:f3:49:54:
02:8d:fc:8c:e8:93:92:16:5a:43:c3:aa:d6:c6:10:
79:ef:e7:db:56:e2:ef:67:34:3c:99:c6:11:0b:cd:
60:b0:83:fe:3b:2a:6a:f7:85:e6:44:3f:3b:0c:91:
59:ce:58:1c:a5:da:69:96:bd:6c:74:37:47:13:42:
5d:a0:3c:63:82:ee:ac:5c:82:8a:37:31:c9:4e:13:
bf:48:04:eb:c5:32:7e:37:e0:e1:7f:1d:78:c7:17:
2a:da:85:2d:73:68:dc:30:3a:fe:2c:44:d0:ea:58:
ea:b8:4e:64:72:7a:7a:cc:64:48:d6:84:65:0e:d7:
12:57:46:b5:ff:6d:8a:ff:d4:26:6b:c2:ca:f8:17:
74:46:2f:32:15:9d:2e:c1:05:1d:5b:d4:8c:08:19:
05:50:17:c1:da:ed:4f:37:0e:3f:5d:3d:5c:bc:25:
48:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C8:48:53:97:4D:83:41:F5:27:EA:86:5F:09:EA:D8:E9:2C:89:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5299EAEE997C11F0A70D5EF0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b5:b1:14:94:ba:f7:4d:20:2c:9e:51:61:2a:c4:ce:95:cd:c6:
a2:4a:17:70:c4:99:03:19:02:6d:ab:b2:0d:2f:7d:dd:39:f5:
57:92:ad:8f:ef:0f:69:4c:d1:90:3a:1f:4b:c4:d4:e2:a0:c5:
21:f4:a2:2b:28:0f:a9:2f:a0:97:11:29:55:76:18:2a:1d:8c:
bf:29:c9:16:63:60:d5:8d:4c:93:75:96:eb:c0:e3:6f:4e:00:
3f:20:02:76:2a:78:cc:e2:c7:42:b6:4f:cd:3f:1c:b6:3c:e3:
f7:07:c7:23:fd:98:3e:4a:a0:0f:02:72:64:a8:6d:4b:02:15:
a8:3d:b3:66:09:ad:d4:9f:28:f7:c5:18:85:fc:7c:26:04:89:
d8:a9:31:2d:f5:5c:c0:d6:90:8d:de:4b:41:9e:d7:68:20:77:
01:99:5b:77:08:5e:e4:77:00:cf:96:2f:35:e3:45:60:0d:a2:
c2:50:9a:7c:d4:46:79:2c:4e:b8:84:a7:44:9c:1e:3c:f9:fb:
19:14:95:58:9f:89:f3:db:ad:ff:75:6f:5e:65:c5:30:92:6a:
88:21:4e:2f:42:82:b2:37:73:3f:a3:c9:10:9c:28:8f:63:e5:
9d:cc:f8:bc:d6:23:58:b3:aa:db:57:de:70:c5:7e:45:24:4a:
10:ec:3e:a2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaC6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTkyNjA0WhcNMjUxMDIxMTkyNjA0WjAYMRYw
FAYDVQQDEw02OGQ0NDVkMS0wNWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuLZvXMiZ78ztQbI9AR2sGgPNXsOco6wysBse4geuNcbDW7pYbjHoznQ8
t9R12XbSmqgJd2ZQLFMAZK2G0qmDqlijrCipT0jUmFGJSodMxs0LNUyyYPTzSVQC
jfyM6JOSFlpDw6rWxhB57+fbVuLvZzQ8mcYRC81gsIP+Oypq94XmRD87DJFZzlgc
pdpplr1sdDdHE0JdoDxjgu6sXIKKNzHJThO/SATrxTJ+N+Dhfx14xxcq2oUtc2jc
MDr+LETQ6ljquE5kcnp6zGRI1oRlDtcSV0a1/22K/9Qma8LK+Bd0Ri8yFZ0uwQUd
W9SMCBkFUBfB2u1PNw4/XT1cvCVI/wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKbI
SFOXTYNB9Sfqhl8J6tjpLInDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Mjk5RUFFRTk5N0MxMUYwQTcwRDVFRjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQC1sRSUuvdNICyeUWEqxM6VzcaiShdwxJkDGQJtq7INL33d
OfVXkq2P7w9pTNGQOh9LxNTioMUh9KIrKA+pL6CXESlVdhgqHYy/KckWY2DVjUyT
dZbrwONvTgA/IAJ2KnjM4sdCtk/NPxy2POP3B8cj/Zg+SqAPAnJkqG1LAhWoPbNm
Ca3Unyj3xRiF/HwmBInYqTEt9VzA1pCN3ktBntdoIHcBmVt3CF7kdwDPli8140Vg
DaLCUJp81EZ5LE64hKdEnB48+fsZFJVYn4nz263/dW9eZcUwkmqIIU4vQoKyN3M/
o8kQnCiPY+WdzPi81iNYs6rbV95wxX5FJEoQ7D6i
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:01 2025 by rpki-client