Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AC5FC06A4F011F0A8B7B9BCDAE4EC9C.roa
File: 5AC5FC06A4F011F0A8B7B9BCDAE4EC9C.roa (raw, json)
Hash identifier: PXuw67TazENK19Ph1mhObYrTJsg0gYa5WIYKV32ou50=
Subject key identifier: 89:0C:51:3B:C5:CD:11:9C:1B:3E:1E:6E:D7:C6:BD:77:B2:33:15:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A302
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AC5FC06A4F011F0A8B7B9BCDAE4EC9C.roa
Signing time: Thu 09 Oct 2025 09:14:27 +0000
ROA not before: Thu 09 Oct 2025 09:14:23 +0000
ROA not after: Sun 16 Nov 2025 09:14:23 +0000
asID: 22773
IP address blocks: 154.202.23.0/24 maxlen: 24
154.202.30.0/24 maxlen: 24
154.202.31.0/24 maxlen: 24
154.202.69.0/24 maxlen: 24
154.202.72.0/24 maxlen: 24
154.202.73.0/24 maxlen: 24
154.202.76.0/24 maxlen: 24
154.202.77.0/24 maxlen: 24
154.202.109.0/24 maxlen: 24
154.202.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107266 (0x1a302)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 9 09:14:23 2025 GMT
Not After : Nov 16 09:14:23 2025 GMT
Subject: CN=68e77cf3-0940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:b6:88:98:2b:de:4c:94:a4:b1:42:ef:8c:
28:f9:d6:c0:ae:7c:8c:3b:c0:fb:aa:75:dd:10:67:
5d:de:2b:f9:9d:61:09:80:8d:e2:45:de:fb:fe:e3:
de:19:2d:82:c4:56:4a:55:a5:31:26:f6:df:af:1a:
75:a7:eb:2b:33:31:6f:20:86:26:15:e3:4b:39:94:
e4:a8:35:09:7e:6a:f4:c7:a6:02:cf:27:64:84:24:
a5:58:87:2e:e9:2e:28:ac:c6:9d:2a:32:e7:71:7e:
89:75:07:d8:ea:e4:27:5f:75:a2:bd:5d:6f:ac:64:
60:ec:33:a1:ac:1c:b9:08:bf:97:01:a9:a9:6f:6e:
ef:b8:2e:3e:3e:96:bd:21:c2:a3:9b:5f:7c:6d:8f:
fc:90:09:54:2e:2b:4d:0a:94:e2:f8:cd:bf:18:0f:
cb:99:53:08:ce:21:a7:95:9c:fc:6a:96:d0:a2:6d:
f7:ef:e3:54:0d:bf:88:79:77:f7:78:66:84:9d:cf:
68:25:70:c0:0e:9d:c2:80:3b:51:52:30:38:d9:13:
65:76:88:74:cb:c4:71:1c:fd:ed:90:ba:17:ec:0a:
d9:75:67:d3:e0:41:c3:bb:19:c6:bd:7c:c8:5f:ea:
d1:70:d5:6b:31:36:47:60:5e:bb:56:81:d1:f1:b6:
47:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0C:51:3B:C5:CD:11:9C:1B:3E:1E:6E:D7:C6:BD:77:B2:33:15:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AC5FC06A4F011F0A8B7B9BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.23.0/24
154.202.30.0/23
154.202.69.0/24
154.202.72.0/23
154.202.76.0/23
154.202.109.0-154.202.110.255
Signature Algorithm: sha256WithRSAEncryption
a5:c2:b4:52:25:d6:91:f8:3c:a4:a7:7d:3a:68:da:66:09:9f:
87:f0:f1:e5:c2:7d:1e:f1:0f:a0:65:1a:f8:df:e5:eb:73:a7:
84:f8:68:ed:b0:75:39:f2:6c:6c:f8:41:01:9e:ce:58:98:ec:
19:9c:e2:29:86:30:e5:58:30:bd:90:ac:0b:c5:73:a4:60:82:
14:dd:ac:c0:c9:ad:33:75:74:4a:5c:3f:a9:cb:d7:02:be:4b:
6d:3d:ac:4c:b2:2c:94:c1:68:ba:b9:44:cb:60:5b:38:9a:4b:
28:be:33:69:d4:45:37:01:29:24:12:38:b1:d3:02:1a:ed:2e:
14:0c:0d:e9:39:61:29:96:6f:e3:7d:cf:80:8c:ec:2c:4b:18:
ae:65:66:4e:fe:b5:44:a6:ca:be:42:5d:92:5c:ee:f1:b2:d2:
c4:e2:bc:fb:38:ac:27:11:2b:f3:f9:f3:79:35:7f:a9:a1:e7:
8e:2e:89:d5:43:d0:67:23:a2:84:91:bc:17:97:df:9b:b1:42:
31:0d:2c:ea:e5:be:17:9f:d0:44:9c:17:21:0b:f6:c7:e7:ba:
31:56:de:45:67:d2:a3:45:40:ba:2f:37:05:00:86:c4:6f:81:
85:a4:57:98:b8:db:05:a5:55:af:c4:1a:58:2d:76:fe:3d:24:
69:26:59:52
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAaMCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA5MDkxNDIzWhcNMjUxMTE2MDkxNDIzWjAYMRYw
FAYDVQQDEw02OGU3N2NmMy0wOTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApWO2iJgr3kyUpLFC74wo+dbArnyMO8D7qnXdEGdd3iv5nWEJgI3iRd77
/uPeGS2CxFZKVaUxJvbfrxp1p+srMzFvIIYmFeNLOZTkqDUJfmr0x6YCzydkhCSl
WIcu6S4orMadKjLncX6JdQfY6uQnX3WivV1vrGRg7DOhrBy5CL+XAampb27vuC4+
Ppa9IcKjm198bY/8kAlULitNCpTi+M2/GA/LmVMIziGnlZz8apbQom337+NUDb+I
eXf3eGaEnc9oJXDADp3CgDtRUjA42RNldoh0y8RxHP3tkLoX7ArZdWfT4EHDuxnG
vXzIX+rRcNVrMTZHYF67VoHR8bZHQQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFIkM
UTvFzRGcGz4ebtfGvXeyMxV/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QUM1RkMwNkE0RjAxMUYwQThCN0I5QkNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAmsoXAwQBmsoeAwQAmspF
AwQBmspIAwQBmspMMAwDBACaym0DBACaym4wDQYJKoZIhvcNAQELBQADggEBAKXC
tFIl1pH4PKSnfTpo2mYJn4fw8eXCfR7xD6BlGvjf5etzp4T4aO2wdTnybGz4QQGe
zliY7Bmc4imGMOVYML2QrAvFc6RgghTdrMDJrTN1dEpcP6nL1wK+S209rEyyLJTB
aLq5RMtgWziaSyi+M2nURTcBKSQSOLHTAhrtLhQMDek5YSmWb+N9z4CM7CxLGK5l
Zk7+tUSmyr5CXZJc7vGy0sTivPs4rCcRK/P583k1f6mh544uidVD0GcjooSRvBeX
35uxQjENLOrlvhef0EScFyEL9sfnujFW3kVn0qNFQLovNwUAhsRvgYWkV5i42wWl
Va/EGlgtdv49JGkmWVI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:51 2025 by rpki-client