Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5EAE74DC84AD11F0B6BAF4D0DAE4EC9C.roa
File: 5EAE74DC84AD11F0B6BAF4D0DAE4EC9C.roa (raw, json)
Hash identifier: xQJ/HumhP7tz1XTlkiAuZ9PPJidcPoU+W9/NoSFoZ9g=
Subject key identifier: D4:E8:B1:EC:FA:2E:5F:3D:89:50:08:AB:BB:88:F1:2C:A8:45:5C:31
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019A40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5EAE74DC84AD11F0B6BAF4D0DAE4EC9C.roa
Signing time: Fri 29 Aug 2025 07:54:20 +0000
ROA not before: Fri 29 Aug 2025 07:54:16 +0000
ROA not after: Sun 05 Oct 2025 07:54:16 +0000
asID: 151419
IP address blocks: 154.88.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 09:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105024 (0x19a40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 29 07:54:16 2025 GMT
Not After : Oct 5 07:54:16 2025 GMT
Subject: CN=68b15cac-3164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:53:e7:16:3a:11:e5:6d:45:09:c6:ba:64:28:
ef:fd:f3:4d:e5:06:5b:2b:64:e7:cc:ae:18:17:7d:
78:43:ac:08:fb:07:ff:8e:15:05:6e:c5:1e:37:18:
0d:71:91:5d:6a:94:df:ae:a0:7a:1f:a8:63:e8:da:
67:10:67:83:55:61:04:e2:e6:59:1c:f9:71:00:09:
27:cf:eb:e1:39:4c:20:7a:16:51:54:84:db:c9:7f:
5a:46:04:ba:97:52:fd:26:c2:1d:9c:0b:25:9e:57:
10:5b:34:20:c2:55:0b:34:61:e9:13:dc:3c:c1:56:
6b:66:7b:69:e9:7d:03:83:87:e7:42:bf:d2:7f:a2:
55:8b:6a:dc:b0:88:fc:c1:1d:fa:6d:bd:66:cc:6d:
67:96:8a:34:2a:12:40:d6:30:d8:22:aa:e8:55:56:
9c:d4:82:b2:b9:68:a8:73:25:eb:85:50:8c:e3:ff:
c7:ab:3e:d9:3f:09:80:22:d2:fd:d2:ba:f8:5e:21:
93:75:84:a3:45:e4:76:cb:c4:6b:9c:1f:f8:2f:31:
e2:75:fe:c4:cf:e2:96:cf:1e:e7:af:1c:f1:aa:ec:
93:30:18:12:82:28:72:fe:75:70:fa:4a:92:01:89:
16:4a:2b:a0:18:53:26:96:07:fd:d7:f4:0c:0b:be:
98:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E8:B1:EC:FA:2E:5F:3D:89:50:08:AB:BB:88:F1:2C:A8:45:5C:31
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5EAE74DC84AD11F0B6BAF4D0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.66.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:28:ee:e3:60:75:a7:ce:55:50:07:d4:4f:c0:52:46:c0:bf:
66:da:f5:75:a4:00:57:1f:61:75:5f:3a:ed:db:99:4b:8b:85:
98:f4:60:2c:d7:1d:e9:a5:c4:d0:3d:d7:ec:8d:7f:3a:8a:1b:
da:d7:b3:d8:86:d1:f9:76:22:a1:b3:4c:02:49:d2:27:bf:ae:
bb:fd:21:96:04:5e:50:bf:c0:80:db:6a:73:20:2f:73:b8:6b:
92:a7:49:44:05:88:91:ad:e7:16:5b:5e:d7:68:96:5c:bb:ec:
a2:77:d5:94:e3:10:a6:aa:c4:be:f4:7e:c6:27:de:71:9c:16:
94:83:e5:9c:d1:65:9c:46:38:b5:93:f8:00:af:df:13:41:9e:
0a:89:16:47:e4:2e:37:aa:7b:08:9d:f0:95:88:0b:9b:08:6f:
5b:b0:3e:ab:5a:c0:2b:16:f4:0c:88:6b:dc:6a:38:a8:8a:71:
b1:5f:f3:9d:07:a6:da:12:71:2c:ae:32:1a:57:5a:35:a0:83:
22:17:ae:25:f2:22:99:24:df:21:51:4a:fe:be:9a:2f:9b:77:
b0:a3:7b:54:c0:17:bd:96:99:99:17:50:57:da:4d:5d:62:f3:
19:73:ea:bd:66:c0:13:f0:34:29:ff:42:ce:e5:fc:f7:17:e6:
a3:fd:d9:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZpAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODI5MDc1NDE2WhcNMjUxMDA1MDc1NDE2WjAYMRYw
FAYDVQQDEw02OGIxNWNhYy0zMTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv1PnFjoR5W1FCca6ZCjv/fNN5QZbK2TnzK4YF314Q6wI+wf/jhUFbsUe
NxgNcZFdapTfrqB6H6hj6NpnEGeDVWEE4uZZHPlxAAknz+vhOUwgehZRVITbyX9a
RgS6l1L9JsIdnAslnlcQWzQgwlULNGHpE9w8wVZrZntp6X0Dg4fnQr/Sf6JVi2rc
sIj8wR36bb1mzG1nloo0KhJA1jDYIqroVVac1IKyuWiocyXrhVCM4//Hqz7ZPwmA
ItL90rr4XiGTdYSjReR2y8RrnB/4LzHidf7Ez+KWzx7nrxzxquyTMBgSgihy/nVw
+kqSAYkWSiugGFMmlgf91/QMC76YNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNTo
sez6Ll89iVAIq7uI8SyoRVwxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RUFFNzREQzg0QUQxMUYwQjZCQUY0RDBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQArKO7jYHWnzlVQB9RPwFJGwL9m2vV1pABXH2F1Xzrt25lLi4WY9GAs
1x3ppcTQPdfsjX86ihva17PYhtH5diKhs0wCSdInv667/SGWBF5Qv8CA22pzIC9z
uGuSp0lEBYiRrecWW17XaJZcu+yid9WU4xCmqsS+9H7GJ95xnBaUg+Wc0WWcRji1
k/gAr98TQZ4KiRZH5C43qnsInfCViAubCG9bsD6rWsArFvQMiGvcajioinGxX/Od
B6baEnEsrjIaV1o1oIMiF64l8iKZJN8hUUr+vpovm3ewo3tUwBe9lpmZF1BX2k1d
YvMZc+q9ZsAT8DQp/0LO5fz3F+aj/dnW
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:45 2025 by rpki-client