Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64BEFA96A5B311F088171AAEDAE4EC9C.roa
File: 64BEFA96A5B311F088171AAEDAE4EC9C.roa (raw, json)
Hash identifier: anqDnaWXM+of5BGg/bx8rLxEJVg5nLCIgVRSefkkLmE=
Subject key identifier: C5:D3:CB:0F:01:CB:33:47:C3:0A:09:B0:1E:9D:3F:A4:F2:33:E0:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A335
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64BEFA96A5B311F088171AAEDAE4EC9C.roa
Signing time: Fri 10 Oct 2025 08:30:36 +0000
ROA not before: Fri 10 Oct 2025 08:30:31 +0000
ROA not after: Mon 17 Nov 2025 08:30:31 +0000
asID: 22773
IP address blocks: 154.85.4.0/22 maxlen: 24
154.85.121.0/24 maxlen: 24
154.85.122.0/24 maxlen: 24
154.94.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107317 (0x1a335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 10 08:30:31 2025 GMT
Not After : Nov 17 08:30:31 2025 GMT
Subject: CN=68e8c42c-a493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:db:45:11:e0:97:d0:45:5c:b9:47:a7:e5:a0:
d6:56:0e:e2:3f:22:03:aa:07:bd:fc:e5:37:bf:4d:
5c:5a:52:34:1e:76:de:9b:b4:28:ae:2e:84:40:f1:
ff:32:5f:d6:c5:79:19:44:2e:9f:12:c2:8d:85:78:
40:1f:84:a6:79:67:a2:10:9a:d6:db:7c:b0:06:ee:
4f:14:7a:e7:a3:7f:a6:aa:58:45:8a:f1:54:cb:dd:
9c:0a:96:e5:78:42:06:15:7b:74:12:1d:c4:f2:d1:
50:13:ac:c6:ae:05:be:b6:5f:08:e8:6b:c9:03:65:
5f:96:a3:31:e9:ef:84:06:17:6a:ef:cc:42:b8:8e:
0b:ca:a7:d7:c7:f4:f2:7c:3b:6c:33:fb:33:78:1c:
99:df:c6:73:bb:f6:3a:ad:ff:37:de:f4:0a:44:f3:
bb:4c:7c:5f:0b:1e:71:9b:18:8a:c8:0b:6c:e8:fd:
db:74:af:0e:a7:31:3d:a8:4e:7d:7d:e2:2f:16:8a:
89:93:6c:dc:12:25:26:12:34:20:4c:00:7d:c0:3c:
81:78:dc:26:27:15:30:52:5a:31:64:6c:9c:65:35:
df:63:44:26:44:47:71:f6:08:31:51:1d:99:9d:a2:
62:b5:35:67:2f:37:7b:0c:0e:0c:e7:20:27:29:e1:
8a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D3:CB:0F:01:CB:33:47:C3:0A:09:B0:1E:9D:3F:A4:F2:33:E0:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64BEFA96A5B311F088171AAEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.4.0/22
154.85.121.0-154.85.122.255
154.94.32.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3a:ef:68:c3:e9:fc:14:c4:96:7b:d2:64:b0:97:71:e8:66:
da:83:18:ee:3b:c6:82:01:c9:9b:3f:c4:2d:e1:7b:3e:7e:59:
ec:15:dd:10:26:53:e0:88:24:b8:20:54:32:d8:d7:7e:e0:5c:
c1:74:b1:26:dc:5a:d1:96:e7:49:cb:a9:3c:16:79:20:f5:d9:
fd:fe:95:9a:82:e3:77:04:83:4c:fd:65:1f:93:5e:69:11:c2:
0b:d6:3f:9d:fe:e5:d7:7c:54:e4:33:9b:2b:11:a5:a7:79:45:
d6:20:a6:34:12:92:04:fd:f8:e1:86:f9:5a:27:76:80:34:34:
f3:48:51:02:cf:00:01:a1:99:96:34:5f:24:b1:1c:5c:46:40:
32:1b:06:db:50:3d:f4:09:a1:ac:c5:38:b4:d5:d4:7f:6b:d8:
65:be:64:ac:63:03:66:8e:e3:b3:2c:d0:35:cd:2a:83:0f:6a:
94:c2:92:3c:ff:58:e0:13:38:16:3b:40:53:fa:a1:1f:9d:08:
95:7f:ef:83:37:38:67:a8:7f:45:f4:2b:98:26:bf:39:99:25:
14:b5:39:da:16:c1:c5:1d:95:e0:9c:e2:4e:47:cf:4c:e2:8f:
d6:b6:94:88:6b:5e:f3:b2:0a:3a:24:18:67:cb:f5:c7:e8:9a:
59:21:62:24
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAaM1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEwMDgzMDMxWhcNMjUxMTE3MDgzMDMxWjAYMRYw
FAYDVQQDEw02OGU4YzQyYy1hNDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5dtFEeCX0EVcuUen5aDWVg7iPyIDqge9/OU3v01cWlI0Hnbem7Qori6E
QPH/Ml/WxXkZRC6fEsKNhXhAH4SmeWeiEJrW23ywBu5PFHrno3+mqlhFivFUy92c
CpbleEIGFXt0Eh3E8tFQE6zGrgW+tl8I6GvJA2VflqMx6e+EBhdq78xCuI4LyqfX
x/TyfDtsM/szeByZ38Zzu/Y6rf833vQKRPO7THxfCx5xmxiKyAts6P3bdK8OpzE9
qE59feIvFoqJk2zcEiUmEjQgTAB9wDyBeNwmJxUwUloxZGycZTXfY0QmREdx9ggx
UR2ZnaJitTVnLzd7DA4M5yAnKeGKwwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFMXT
yw8ByzNHwwoJsB6dP6TyM+A8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NEJFRkE5NkE1QjMxMUYwODgxNzFBQUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCmlUEMAwDBACaVXkDBACa
VXoDBACaXiAwDQYJKoZIhvcNAQELBQADggEBABI672jD6fwUxJZ70mSwl3HoZtqD
GO47xoIByZs/xC3hez5+WewV3RAmU+CIJLggVDLY137gXMF0sSbcWtGW50nLqTwW
eSD12f3+lZqC43cEg0z9ZR+TXmkRwgvWP53+5dd8VOQzmysRpad5RdYgpjQSkgT9
+OGG+VondoA0NPNIUQLPAAGhmZY0XySxHFxGQDIbBttQPfQJoazFOLTV1H9r2GW+
ZKxjA2aO47Ms0DXNKoMPapTCkjz/WOATOBY7QFP6oR+dCJV/74M3OGeof0X0K5gm
vzmZJRS1OdoWwcUdleCc4k5Hz0zij9a2lIhrXvOyCjokGGfL9cfomlkhYiQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:47 2025 by rpki-client