Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58AEBEBE8A4A11F099EF11DEDAE4EC9C.roa
File: 58AEBEBE8A4A11F099EF11DEDAE4EC9C.roa (raw, json)
Hash identifier: sTO6XDoqOCiKmO8nJJL7gXDAk8Ge4fJ0syjnLpU3usw=
Subject key identifier: E0:4C:6D:60:C2:6B:66:C3:D3:F2:61:64:0B:9B:5D:52:C2:D9:05:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E1A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58AEBEBE8A4A11F099EF11DEDAE4EC9C.roa
Signing time: Fri 05 Sep 2025 11:20:37 +0000
ROA not before: Fri 05 Sep 2025 11:20:32 +0000
ROA not after: Fri 05 Dec 2025 11:20:32 +0000
asID: 6453
IP address blocks: 154.210.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106010 (0x19e1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 5 11:20:32 2025 GMT
Not After : Dec 5 11:20:32 2025 GMT
Subject: CN=68bac785-49c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:74:31:b2:63:81:0d:1e:a2:cf:02:12:0c:96:
dc:0c:3c:1b:e4:cf:38:b7:6c:00:28:37:6c:52:6a:
3c:4e:bb:aa:cf:f4:ad:8a:15:4e:72:27:f9:81:d4:
0c:09:ed:28:3c:51:dd:05:93:32:03:10:60:4b:c0:
c2:8f:c0:73:84:3b:60:72:b7:53:8b:4c:b4:11:fc:
dc:4a:3e:a4:d8:b3:1d:e4:54:de:68:39:81:8f:fc:
a2:22:95:c2:7d:ca:db:6b:40:e6:15:c1:7a:42:46:
57:17:18:24:ec:56:27:d4:fe:b6:c4:63:9e:31:0e:
03:2f:82:60:5d:e8:2b:ef:92:86:98:02:b4:79:25:
2f:21:2b:45:ca:17:dc:f9:b9:ca:61:20:60:d6:58:
d8:ef:25:a5:b4:73:8b:f3:6b:3c:83:7e:eb:b9:27:
c3:89:83:bc:35:f5:e2:4f:a0:87:bb:af:38:dd:68:
2b:c7:6f:27:fb:dd:ec:42:7b:ca:5e:e3:7c:2a:82:
72:7e:2c:e0:d9:f9:65:4e:e7:a5:3d:21:ac:ae:cf:
75:65:4a:b5:48:29:d2:78:71:1b:1f:d2:ab:6c:33:
6f:c1:44:63:89:8d:43:10:a8:09:12:ca:be:4f:1a:
9c:04:ed:fe:b9:11:5c:52:58:d7:30:2e:bf:45:98:
fa:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4C:6D:60:C2:6B:66:C3:D3:F2:61:64:0B:9B:5D:52:C2:D9:05:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58AEBEBE8A4A11F099EF11DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.222.0/24
Signature Algorithm: sha256WithRSAEncryption
44:54:cc:ef:86:f4:96:5f:c0:81:8d:7c:84:eb:7a:40:fc:c6:
3c:bd:bd:52:0c:89:c3:17:9a:b2:53:e7:c8:cb:52:a2:2a:38:
f5:97:d3:30:2f:13:62:86:90:97:65:17:7f:10:98:35:8c:33:
8d:b2:f8:c9:00:6b:86:ed:83:a0:fc:d1:49:0a:0d:20:84:53:
17:91:d0:32:d1:77:c5:02:1b:1b:0e:6c:28:6f:2f:69:80:29:
6d:9a:85:4c:0f:f0:27:02:ee:2a:f2:b8:c2:5f:e0:c0:6b:91:
86:26:d9:33:10:ce:c8:84:d1:62:17:ad:a2:cc:99:3c:4d:47:
72:d1:90:b5:32:93:7b:0c:85:7c:0e:63:80:28:17:d6:56:d9:
45:ae:c3:a5:07:e4:2b:54:cb:74:5c:d0:4b:0c:d3:73:c2:4c:
cf:0e:90:8e:ff:55:f9:98:35:d2:26:f0:b1:22:84:c3:be:d6:
0d:7c:14:f8:6e:bc:b3:2a:c7:4c:36:28:e5:4a:c2:d2:f9:c2:
8f:c6:a9:49:6a:22:3b:f4:ba:a7:7f:c4:1d:3b:be:8c:4b:f1:
26:e0:3f:13:b7:4a:97:27:46:f8:3e:cf:f4:ea:fa:9a:98:4d:
ed:c4:9f:43:af:60:bc:f9:f3:0f:17:8e:08:3b:a4:8d:2e:4e:
6c:28:5e:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ4aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA1MTEyMDMyWhcNMjUxMjA1MTEyMDMyWjAYMRYw
FAYDVQQDEw02OGJhYzc4NS00OWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3QxsmOBDR6izwISDJbcDDwb5M84t2wAKDdsUmo8Truqz/StihVOcif5
gdQMCe0oPFHdBZMyAxBgS8DCj8BzhDtgcrdTi0y0EfzcSj6k2LMd5FTeaDmBj/yi
IpXCfcrba0DmFcF6QkZXFxgk7FYn1P62xGOeMQ4DL4JgXegr75KGmAK0eSUvIStF
yhfc+bnKYSBg1ljY7yWltHOL82s8g37ruSfDiYO8NfXiT6CHu6843Wgrx28n+93s
QnvKXuN8KoJyfizg2fllTuelPSGsrs91ZUq1SCnSeHEbH9KrbDNvwURjiY1DEKgJ
Esq+TxqcBO3+uRFcUljXMC6/RZj6TwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOBM
bWDCa2bD0/JhZAubXVLC2QXbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OEFFQkVCRThBNEExMUYwOTlFRjExREVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLeMA0GCSqGSIb3DQEB
CwUAA4IBAQBEVMzvhvSWX8CBjXyE63pA/MY8vb1SDInDF5qyU+fIy1KiKjj1l9Mw
LxNihpCXZRd/EJg1jDONsvjJAGuG7YOg/NFJCg0ghFMXkdAy0XfFAhsbDmwoby9p
gCltmoVMD/AnAu4q8rjCX+DAa5GGJtkzEM7IhNFiF62izJk8TUdy0ZC1MpN7DIV8
DmOAKBfWVtlFrsOlB+QrVMt0XNBLDNNzwkzPDpCO/1X5mDXSJvCxIoTDvtYNfBT4
bryzKsdMNijlSsLS+cKPxqlJaiI79Lqnf8QdO76MS/Em4D8Tt0qXJ0b4Ps/06vqa
mE3txJ9Dr2C8+fMPF44IO6SNLk5sKF73
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:15 2025 by rpki-client