Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63BA9490993611F0A0F5FDB0DAE4EC9C.roa
File: 63BA9490993611F0A0F5FDB0DAE4EC9C.roa (raw, json)
Hash identifier: x/qIHO/8Mxqn9uJPE6AWqfBPNWpE48P2HgCageFIYJA=
Subject key identifier: 37:94:59:85:35:7F:CC:F1:E2:2A:8D:A2:B9:2B:6C:AB:EA:F1:C3:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A048
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63BA9490993611F0A0F5FDB0DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 11:05:33 +0000
ROA not before: Wed 24 Sep 2025 11:05:27 +0000
ROA not after: Sun 14 Dec 2025 11:05:27 +0000
asID: 139880
IP address blocks: 154.89.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106568 (0x1a048)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 11:05:27 2025 GMT
Not After : Dec 14 11:05:27 2025 GMT
Subject: CN=68d3d07d-a6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d2:7b:d6:3f:54:72:77:ac:59:7a:b4:9b:59:
1b:1b:5b:b8:4f:11:70:d3:99:de:0a:91:6d:75:ae:
d6:8a:e8:5e:9c:8b:2b:4b:38:03:ee:5f:30:df:61:
70:8d:96:f5:77:cd:f9:c7:a8:3e:ce:96:1f:0e:bb:
0e:c0:ca:96:15:92:74:b0:bb:6e:91:2e:7e:06:9f:
ff:98:3c:d4:4a:7b:58:0f:f6:7a:4c:9a:00:f1:e5:
19:84:b7:40:a8:5a:fd:11:c8:e5:2d:ef:8b:57:fc:
00:44:77:81:b9:ee:32:aa:7d:0f:21:9e:23:b7:3d:
1c:7e:95:5a:da:2a:38:69:2e:d3:8f:55:53:d3:43:
1c:b1:6b:41:d5:14:e1:bc:6a:ce:a8:78:a6:6e:62:
32:bf:4c:1b:66:c9:f2:35:28:b7:bd:6d:f1:aa:b3:
d4:c3:44:85:a6:f7:20:4c:41:7f:28:5c:c7:b5:21:
dd:c4:2d:e4:67:b6:7c:8c:c0:b3:05:a0:cb:cc:3d:
dd:61:f8:cc:37:b6:b5:06:c9:bc:3f:03:e4:91:91:
c1:5d:a0:38:03:51:65:6e:1f:53:34:a6:23:5d:93:
7a:3a:6e:6f:41:02:1d:aa:22:be:75:55:c6:a7:44:
cd:03:90:84:ef:3e:57:d2:93:af:9d:b2:49:d2:d4:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:94:59:85:35:7F:CC:F1:E2:2A:8D:A2:B9:2B:6C:AB:EA:F1:C3:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63BA9490993611F0A0F5FDB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.224.0/20
Signature Algorithm: sha256WithRSAEncryption
34:11:9c:5f:86:1f:6c:40:e1:7a:a4:af:4e:79:aa:f1:45:1f:
14:6c:6f:6d:a7:17:cd:2c:bd:b2:3c:35:9f:56:1a:a4:92:8b:
4b:65:60:4f:86:b3:e0:cd:c5:14:e9:bb:86:ad:ff:75:bf:b0:
41:96:18:b0:d5:63:39:b0:a7:81:f0:c2:2f:d4:e3:48:25:65:
5d:bd:1d:cf:a0:75:f8:f6:a8:a6:50:1e:dd:48:e2:6e:95:07:
a9:6e:3e:d4:39:ac:5d:09:42:8f:e2:54:3f:4c:6f:02:f8:c4:
ae:70:3f:52:f7:b7:25:57:e3:6b:ab:c7:7c:e7:b5:ff:b5:dc:
2f:1b:09:df:40:07:1c:1d:c5:3f:d7:63:04:21:74:c5:b6:d2:
bc:61:49:f6:2f:4f:18:96:c3:bd:32:79:46:24:8f:a6:1e:82:
a1:70:d9:c0:79:bc:69:08:8b:a6:88:3b:98:53:92:c0:11:92:
fc:3e:57:01:2a:58:1a:2d:a2:5a:b3:79:e5:27:39:71:e0:2b:
87:33:a7:f9:28:13:e2:04:c4:b2:e5:b1:ef:74:5f:fb:ce:90:
8d:32:da:dd:ff:4f:88:f9:5a:81:c5:cd:8f:6c:84:b2:40:cc:
83:e0:a9:ae:80:7e:cc:c6:a8:66:f8:57:a2:98:cf:7b:14:58:
23:74:15:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaBIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTEwNTI3WhcNMjUxMjE0MTEwNTI3WjAYMRYw
FAYDVQQDEw02OGQzZDA3ZC1hNmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA99J71j9UcnesWXq0m1kbG1u4TxFw05neCpFtda7WiuhenIsrSzgD7l8w
32FwjZb1d835x6g+zpYfDrsOwMqWFZJ0sLtukS5+Bp//mDzUSntYD/Z6TJoA8eUZ
hLdAqFr9EcjlLe+LV/wARHeBue4yqn0PIZ4jtz0cfpVa2io4aS7Tj1VT00McsWtB
1RThvGrOqHimbmIyv0wbZsnyNSi3vW3xqrPUw0SFpvcgTEF/KFzHtSHdxC3kZ7Z8
jMCzBaDLzD3dYfjMN7a1Bsm8PwPkkZHBXaA4A1Flbh9TNKYjXZN6Om5vQQIdqiK+
dVXGp0TNA5CE7z5X0pOvnbJJ0tRA/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDeU
WYU1f8zx4iqNorkrbKvq8cOtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82M0JBOTQ5MDk5MzYxMUYwQTBGNUZEQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlngMA0GCSqGSIb3DQEB
CwUAA4IBAQA0EZxfhh9sQOF6pK9OearxRR8UbG9tpxfNLL2yPDWfVhqkkotLZWBP
hrPgzcUU6buGrf91v7BBlhiw1WM5sKeB8MIv1ONIJWVdvR3PoHX49qimUB7dSOJu
lQepbj7UOaxdCUKP4lQ/TG8C+MSucD9S97clV+Nrq8d857X/tdwvGwnfQAccHcU/
12MEIXTFttK8YUn2L08YlsO9MnlGJI+mHoKhcNnAebxpCIumiDuYU5LAEZL8PlcB
KlgaLaJas3nlJzlx4CuHM6f5KBPiBMSy5bHvdF/7zpCNMtrd/0+I+VqBxc2PbISy
QMyD4KmugH7Mxqhm+FeimM97FFgjdBU+
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:03 2025 by rpki-client