Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6096F636AA8A11F0BB7BD0C1DAE4EC9C.roa
File: 6096F636AA8A11F0BB7BD0C1DAE4EC9C.roa (raw, json)
Hash identifier: b5WcS5pfvdpGDF1TflxTTqOHBOd1R1cf0hVDqY4Y95o=
Subject key identifier: DD:D1:0D:EA:E3:70:85:C5:9C:51:04:00:0E:86:48:C5:2B:C7:9F:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A3FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6096F636AA8A11F0BB7BD0C1DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 12:19:35 +0000
ROA not before: Thu 16 Oct 2025 12:19:27 +0000
ROA not after: Fri 23 Oct 2026 12:19:27 +0000
asID: 133585
IP address blocks: 154.84.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107518 (0x1a3fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 12:19:27 2025 GMT
Not After : Oct 23 12:19:27 2026 GMT
Subject: CN=68f0e2d7-2b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:97:7d:79:d3:b3:ed:d8:22:02:55:8a:8e:65:
4d:2a:e6:e4:e0:3c:bc:ae:ae:56:c3:0e:fd:ef:f3:
ef:03:75:9f:fb:84:73:07:56:13:a7:15:48:46:7a:
10:f5:d7:f4:12:26:4c:6a:4d:a4:cf:5f:b1:ef:e4:
6f:b6:9c:1b:6e:0e:8a:26:90:08:81:a3:8f:7f:35:
5a:9d:87:7c:e5:8b:74:4f:22:c9:ed:d5:4b:0e:0d:
ae:5b:fa:cb:74:c4:7d:82:55:21:09:a3:eb:67:c8:
ed:ca:51:a5:17:e6:6e:99:24:d2:32:b9:14:f5:36:
0d:93:92:50:cc:96:ea:8c:0e:68:9c:88:07:0f:03:
9c:11:ce:0d:2a:de:a7:6f:83:d6:87:a1:95:76:88:
c5:91:9b:2c:63:57:18:7a:9e:d6:40:94:95:9d:2a:
b5:06:be:36:2a:bc:ed:bb:df:26:4f:a2:09:ec:2a:
4f:a6:d9:df:4b:e5:12:b7:6a:ee:da:4a:0b:a6:87:
e1:c5:c1:6f:be:d5:5e:c4:7d:e7:a2:c4:ed:c7:08:
d0:e7:97:dc:51:f6:11:1c:0a:64:10:35:83:a0:a6:
77:3a:d2:65:55:36:29:fd:24:77:24:27:be:28:5d:
ce:0d:8e:66:74:45:41:c3:0c:0d:0b:bc:8d:9d:46:
0a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D1:0D:EA:E3:70:85:C5:9C:51:04:00:0E:86:48:C5:2B:C7:9F:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6096F636AA8A11F0BB7BD0C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.167.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:92:77:82:f0:29:e2:33:96:16:f3:2a:55:c2:ca:a6:67:7a:
d7:16:72:8d:61:a2:d5:4b:49:9b:53:87:ed:78:81:6a:87:27:
0e:96:cb:d5:74:cf:d5:04:88:c2:0f:95:92:f7:9a:c0:71:6e:
17:50:d3:37:19:19:0b:a9:22:44:33:12:e6:01:d5:94:18:4e:
be:0c:57:eb:fd:15:48:a5:37:09:70:71:e6:32:61:62:0e:45:
4c:04:dc:81:1a:24:36:aa:07:ba:28:a2:84:ee:11:4c:82:6f:
57:d1:27:3a:9b:68:ec:df:8c:3d:68:af:4e:00:d8:f0:0d:ea:
f4:5f:b2:b3:99:69:d8:76:a1:0e:9b:56:61:87:e7:9d:c3:c5:
bc:41:61:36:9a:90:d4:96:96:f7:79:66:42:fe:0a:29:35:60:
19:e1:73:7f:78:f2:58:7d:7a:dc:1c:ca:e1:ee:45:b8:4e:96:
df:32:e8:d8:23:60:aa:11:57:72:c1:62:29:20:04:00:0e:63:
00:f9:56:91:85:c7:e0:a0:bb:6b:f5:ce:ec:79:ac:69:a5:e8:
b1:1c:8f:2e:4c:11:e3:61:44:00:c7:95:1d:fd:3b:6c:eb:d2:
3d:b9:94:db:a7:7c:6a:5d:48:3e:81:82:2c:80:e3:92:96:de:
98:a3:80:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaP+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MTIxOTI3WhcNMjYxMDIzMTIxOTI3WjAYMRYw
FAYDVQQDEw02OGYwZTJkNy0yYjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs5d9edOz7dgiAlWKjmVNKubk4Dy8rq5Www797/PvA3Wf+4RzB1YTpxVI
RnoQ9df0EiZMak2kz1+x7+Rvtpwbbg6KJpAIgaOPfzVanYd85Yt0TyLJ7dVLDg2u
W/rLdMR9glUhCaPrZ8jtylGlF+ZumSTSMrkU9TYNk5JQzJbqjA5onIgHDwOcEc4N
Kt6nb4PWh6GVdojFkZssY1cYep7WQJSVnSq1Br42Krztu98mT6IJ7CpPptnfS+US
t2ru2koLpofhxcFvvtVexH3nosTtxwjQ55fcUfYRHApkEDWDoKZ3OtJlVTYp/SR3
JCe+KF3ODY5mdEVBwwwNC7yNnUYKUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN3R
DerjcIXFnFEEAA6GSMUrx5+rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDk2RjYzNkFBOEExMUYwQkI3QkQwQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSnMA0GCSqGSIb3DQEB
CwUAA4IBAQDOkneC8CniM5YW8ypVwsqmZ3rXFnKNYaLVS0mbU4fteIFqhycOlsvV
dM/VBIjCD5WS95rAcW4XUNM3GRkLqSJEMxLmAdWUGE6+DFfr/RVIpTcJcHHmMmFi
DkVMBNyBGiQ2qge6KKKE7hFMgm9X0Sc6m2js34w9aK9OANjwDer0X7KzmWnYdqEO
m1Zhh+edw8W8QWE2mpDUlpb3eWZC/gopNWAZ4XN/ePJYfXrcHMrh7kW4TpbfMujY
I2CqEVdywWIpIAQADmMA+VaRhcfgoLtr9c7seaxppeixHI8uTBHjYUQAx5Ud/Tts
69I9uZTbp3xqXUg+gYIsgOOSlt6Yo4DA
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:51 2025 by rpki-client