Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D1068C6AA9411F08486AB85DAE4EC9C.roa
File: 5D1068C6AA9411F08486AB85DAE4EC9C.roa (raw, json)
Hash identifier: PmxI+f3qajDwV+zPrN4a9Cl7PlNNyLSq7N1QFrv/D3E=
Subject key identifier: 7B:96:12:96:21:C1:C8:10:8F:A9:C6:E9:80:A2:E0:35:7C:CE:0C:23
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A409
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D1068C6AA9411F08486AB85DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 13:31:04 +0000
ROA not before: Thu 16 Oct 2025 13:31:00 +0000
ROA not after: Mon 24 Nov 2025 13:31:00 +0000
asID: 214413
IP address blocks: 154.194.226.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107529 (0x1a409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 13:31:00 2025 GMT
Not After : Nov 24 13:31:00 2025 GMT
Subject: CN=68f0f398-2dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:05:26:f0:09:89:88:50:56:dd:6e:39:2b:2e:
72:04:55:c1:db:a2:8c:86:0a:dc:43:f5:0f:b2:b0:
68:8f:b7:db:1a:22:d0:27:c7:ce:a2:7c:36:eb:50:
4b:cf:e5:a0:f1:f4:00:5c:a3:65:e1:67:87:b6:41:
a8:30:79:bc:04:41:98:60:61:5d:95:b9:13:7c:6d:
39:cf:9c:53:c7:b3:42:73:48:89:37:af:a2:bb:b5:
36:17:f8:e2:70:b6:63:c4:2d:d2:2f:ed:2f:d0:2c:
76:b7:7d:d4:e0:45:25:22:65:ea:f2:0f:fa:c2:e8:
24:da:ee:c8:eb:f8:a2:4c:aa:82:92:a0:01:be:f2:
91:d0:fb:b2:72:65:d9:da:69:dd:71:cc:d6:a0:45:
79:90:87:9d:4e:13:3e:73:4a:1d:03:ca:d7:77:2e:
ce:31:e0:b8:c3:db:d3:71:72:c3:c6:c5:06:af:b2:
f2:7f:a9:f3:cf:f6:49:df:48:4b:7b:67:3e:4b:63:
14:7e:0c:89:93:05:14:78:d4:5f:8c:df:89:b1:35:
36:c4:12:b8:4d:8e:82:31:da:60:5a:de:0e:a4:88:
2c:af:ac:97:9d:32:88:90:34:d0:4b:97:52:81:ec:
09:47:39:39:14:be:5d:20:41:ce:32:d5:06:e8:6d:
43:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:96:12:96:21:C1:C8:10:8F:A9:C6:E9:80:A2:E0:35:7C:CE:0C:23
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D1068C6AA9411F08486AB85DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.226.0/23
Signature Algorithm: sha256WithRSAEncryption
25:cc:2b:8a:f4:a4:20:d2:bd:6b:1f:94:2a:b2:53:d5:93:85:
5d:a8:fd:39:58:18:ca:2d:56:af:99:6d:f9:31:70:eb:4a:a8:
3a:36:0f:e3:fb:ce:2c:67:e6:81:3c:17:da:30:34:f0:c9:d9:
95:fd:df:73:8f:5b:17:f2:00:96:4b:95:ee:ab:a5:23:6b:b4:
f7:24:79:56:80:6a:cb:57:36:77:28:f2:9c:a3:6e:f1:04:06:
d5:8d:23:1b:07:0b:b9:b9:0f:3d:d5:ca:88:55:a0:89:79:18:
1f:95:bb:2a:20:bc:1b:a0:ad:1e:93:77:23:35:1e:13:3b:09:
56:0f:0c:42:e7:08:31:38:eb:6a:14:b7:70:de:7f:11:18:69:
03:3c:4a:7b:79:6b:08:ec:b4:96:af:ca:db:5a:e9:b6:7f:54:
fe:72:7a:de:7f:84:60:d9:25:42:e0:b4:88:7f:97:0e:6f:05:
97:28:29:eb:36:5d:b6:fe:15:7c:4b:f6:8b:1c:1b:19:fb:28:
d9:d6:50:8d:76:3c:8a:6c:c3:fd:e2:f5:95:05:a6:a9:c2:61:
f4:7e:52:db:75:96:55:45:17:ef:c0:d4:2a:5d:13:36:fc:40:
39:e1:9c:4b:24:c4:d8:4e:2d:d8:fa:67:63:03:ab:86:79:d5:
41:3d:c7:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MTMzMTAwWhcNMjUxMTI0MTMzMTAwWjAYMRYw
FAYDVQQDEw02OGYwZjM5OC0yZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvwUm8AmJiFBW3W45Ky5yBFXB26KMhgrcQ/UPsrBoj7fbGiLQJ8fOonw2
61BLz+Wg8fQAXKNl4WeHtkGoMHm8BEGYYGFdlbkTfG05z5xTx7NCc0iJN6+iu7U2
F/jicLZjxC3SL+0v0Cx2t33U4EUlImXq8g/6wugk2u7I6/iiTKqCkqABvvKR0Puy
cmXZ2mndcczWoEV5kIedThM+c0odA8rXdy7OMeC4w9vTcXLDxsUGr7Lyf6nzz/ZJ
30hLe2c+S2MUfgyJkwUUeNRfjN+JsTU2xBK4TY6CMdpgWt4OpIgsr6yXnTKIkDTQ
S5dSgewJRzk5FL5dIEHOMtUG6G1DGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHuW
EpYhwcgQj6nG6YCi4DV8zgwjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDEwNjhDNkFBOTQxMUYwODQ4NkFCODVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsLiMA0GCSqGSIb3DQEB
CwUAA4IBAQAlzCuK9KQg0r1rH5QqslPVk4VdqP05WBjKLVavmW35MXDrSqg6Ng/j
+84sZ+aBPBfaMDTwydmV/d9zj1sX8gCWS5Xuq6Uja7T3JHlWgGrLVzZ3KPKco27x
BAbVjSMbBwu5uQ891cqIVaCJeRgflbsqILwboK0ek3cjNR4TOwlWDwxC5wgxOOtq
FLdw3n8RGGkDPEp7eWsI7LSWr8rbWum2f1T+cnref4Rg2SVC4LSIf5cObwWXKCnr
Nl22/hV8S/aLHBsZ+yjZ1lCNdjyKbMP94vWVBaapwmH0flLbdZZVRRfvwNQqXRM2
/EA54ZxLJMTYTi3Y+mdjA6uGedVBPccc
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:21 2025 by rpki-client