Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57852D4AA5BE11F08AAA35F2DAE4EC9C.roa
File: 57852D4AA5BE11F08AAA35F2DAE4EC9C.roa (raw, json)
Hash identifier: 901oPc4U1gJUYzp1R8nwZ6qv6vGULc0Et4Y1lwchQlI=
Subject key identifier: 5F:77:3B:8B:8E:CC:E0:E0:2C:39:C3:B2:AA:3B:AD:42:5E:41:68:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A33D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57852D4AA5BE11F08AAA35F2DAE4EC9C.roa
Signing time: Fri 10 Oct 2025 09:48:58 +0000
ROA not before: Fri 10 Oct 2025 09:48:54 +0000
ROA not after: Mon 17 Nov 2025 09:48:54 +0000
asID: 214120
IP address blocks: 154.199.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107325 (0x1a33d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 10 09:48:54 2025 GMT
Not After : Nov 17 09:48:54 2025 GMT
Subject: CN=68e8d68a-2e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:50:d7:0e:64:a4:97:a6:d4:be:b8:25:14:03:
86:a8:ea:85:0f:41:97:a5:18:e9:9d:88:02:33:27:
b6:c0:f9:ba:92:7c:ad:32:54:5f:db:94:84:96:4b:
f3:5d:55:79:18:aa:5f:c0:c4:47:83:2d:17:b7:54:
a9:56:b6:f3:83:94:92:b8:73:a4:66:5d:35:f4:3f:
2e:96:68:02:42:c3:6d:d5:9f:05:f4:19:53:b3:3c:
62:4b:9d:67:56:1a:51:ee:8e:ad:36:d2:eb:1c:7b:
9f:44:e3:65:de:c6:2a:b0:16:2f:bc:48:b8:2b:be:
96:e8:a5:8c:4f:59:5c:0f:16:62:e7:05:70:de:7e:
ce:f3:e0:cb:c5:ca:1d:c0:f6:34:fe:ae:76:1f:56:
ae:eb:d0:58:c5:d9:a3:ac:4f:08:8b:c4:05:28:b8:
e7:75:d5:d1:c3:ff:76:82:01:4c:54:2d:20:46:2a:
0b:72:7e:d2:c4:ce:1b:49:d0:e2:05:1d:a9:69:72:
2a:cf:d7:d5:0b:aa:3e:2f:92:30:8e:43:02:56:4f:
be:02:04:f9:b2:36:e8:29:a6:a4:3b:cb:1d:76:1f:
ce:4e:44:b1:97:fa:ae:fe:b0:f8:8f:89:ec:c6:3f:
f8:49:8f:86:61:45:75:63:f1:31:ad:50:d2:a1:45:
13:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:77:3B:8B:8E:CC:E0:E0:2C:39:C3:B2:AA:3B:AD:42:5E:41:68:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57852D4AA5BE11F08AAA35F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.1.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:df:2c:bf:f5:8e:03:9c:ee:ee:ac:06:dc:ea:00:48:67:6e:
a2:91:44:c9:a1:62:44:75:81:03:49:7a:89:75:f4:13:a5:86:
08:25:70:d0:52:a1:45:1b:81:5e:5c:61:23:a6:fe:27:f8:d1:
a6:37:51:13:10:7d:ac:13:af:62:7d:28:8e:bc:df:d9:5d:a9:
0b:4c:16:c8:26:b0:a9:9e:cd:9a:30:95:2c:0f:33:df:de:49:
ec:7c:5a:30:85:15:70:0f:ba:76:f1:a2:36:ae:3c:88:4c:f6:
7e:17:e2:6c:bb:c8:2b:36:e9:40:3a:86:da:47:be:47:51:ac:
2e:ec:12:fc:f9:8f:b4:71:b7:7a:c5:8a:18:ab:f0:ad:2f:b3:
01:65:4f:8d:53:5a:59:d3:43:1d:5d:d7:23:bd:98:d7:67:7e:
18:8c:4c:34:6d:58:98:4f:1c:63:bf:06:b2:a3:dd:9f:91:4c:
b3:51:c1:e7:ee:0e:11:8e:a5:0c:95:c8:e5:1b:55:ca:79:a7:
59:cc:7d:69:b6:3f:55:d8:d4:6e:47:07:17:a4:f5:c4:bd:52:
d6:6e:93:29:52:a7:09:fe:7d:ef:b6:54:69:ac:74:0e:2f:31:
98:10:d1:3b:5e:c2:e2:25:db:db:8c:f5:af:27:ec:b9:7c:14:
8b:a9:46:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaM9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEwMDk0ODU0WhcNMjUxMTE3MDk0ODU0WjAYMRYw
FAYDVQQDEw02OGU4ZDY4YS0yZTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmFDXDmSkl6bUvrglFAOGqOqFD0GXpRjpnYgCMye2wPm6knytMlRf25SE
lkvzXVV5GKpfwMRHgy0Xt1SpVrbzg5SSuHOkZl019D8ulmgCQsNt1Z8F9BlTszxi
S51nVhpR7o6tNtLrHHufRONl3sYqsBYvvEi4K76W6KWMT1lcDxZi5wVw3n7O8+DL
xcodwPY0/q52H1au69BYxdmjrE8Ii8QFKLjnddXRw/92ggFMVC0gRioLcn7SxM4b
SdDiBR2paXIqz9fVC6o+L5IwjkMCVk++AgT5sjboKaakO8sddh/OTkSxl/qu/rD4
j4nsxj/4SY+GYUV1Y/ExrVDSoUUTJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF93
O4uOzODgLDnDsqo7rUJeQWh4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Nzg1MkQ0QUE1QkUxMUYwOEFBQTM1RjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscBMA0GCSqGSIb3DQEB
CwUAA4IBAQAu3yy/9Y4DnO7urAbc6gBIZ26ikUTJoWJEdYEDSXqJdfQTpYYIJXDQ
UqFFG4FeXGEjpv4n+NGmN1ETEH2sE69ifSiOvN/ZXakLTBbIJrCpns2aMJUsDzPf
3knsfFowhRVwD7p28aI2rjyITPZ+F+Jsu8grNulAOobaR75HUawu7BL8+Y+0cbd6
xYoYq/CtL7MBZU+NU1pZ00MdXdcjvZjXZ34YjEw0bViYTxxjvwayo92fkUyzUcHn
7g4RjqUMlcjlG1XKeadZzH1ptj9V2NRuRwcXpPXEvVLWbpMpUqcJ/n3vtlRprHQO
LzGYENE7XsLiJdvbjPWvJ+y5fBSLqUYw
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:46 2025 by rpki-client