Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68A4015A8C5A11F0B98DE0B0DAE4EC9C.roa
File: 68A4015A8C5A11F0B98DE0B0DAE4EC9C.roa (raw, json)
Hash identifier: 23AqDGAN1B67edz96fxugu7z9l9qtw3/qj0TTwPCmYs=
Subject key identifier: E3:CC:E5:EC:8E:4E:40:A9:14:4D:CC:82:14:76:71:FC:EB:96:D3:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019E84
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68A4015A8C5A11F0B98DE0B0DAE4EC9C.roa
Signing time: Mon 08 Sep 2025 02:20:38 +0000
ROA not before: Mon 08 Sep 2025 02:20:34 +0000
ROA not after: Sun 21 Sep 2025 02:20:34 +0000
asID: 54252
IP address blocks: 154.201.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 05:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106116 (0x19e84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 8 02:20:34 2025 GMT
Not After : Sep 21 02:20:34 2025 GMT
Subject: CN=68be3d76-60b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8a:12:5a:06:19:56:74:94:61:f7:44:3f:01:
11:7b:c4:27:d4:db:ed:e5:e5:e1:bf:3b:4c:8b:e0:
e6:2b:4d:c6:e7:67:8e:ad:d8:11:db:0d:55:68:dd:
9c:b3:b8:65:af:a0:5d:11:ab:5d:f0:d4:4f:bb:60:
4c:b9:2d:f9:6e:3c:47:61:d3:78:46:ba:53:58:49:
19:37:9e:c6:17:d1:45:84:3b:42:b4:72:4d:a3:64:
57:23:a0:8e:e1:9a:94:ab:72:7d:23:18:8e:79:d3:
9d:bc:8e:05:cf:b6:9a:aa:a7:22:f8:fe:5c:58:25:
c3:13:d2:37:0e:a8:af:9b:ee:ff:33:18:f0:83:bd:
14:3f:75:8d:a5:37:c2:a9:27:b2:51:d6:57:47:f0:
59:b6:60:a9:10:c3:d0:1f:a3:79:ee:7e:7b:68:9a:
25:f5:ab:e6:28:3b:bf:f0:66:3c:86:1a:e5:ed:1b:
aa:1e:13:5b:ec:ea:cf:6f:17:fe:74:5a:4d:c1:d1:
f0:d5:6e:72:d6:1d:52:64:97:0f:a1:ef:87:1c:0b:
b3:18:24:0d:68:26:33:86:c2:db:ed:be:a5:7a:1e:
28:68:b2:5b:1b:75:46:d7:5b:ac:9a:82:45:01:39:
14:f9:b7:3e:55:9a:b5:e3:63:ed:63:f9:72:7a:4c:
d3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CC:E5:EC:8E:4E:40:A9:14:4D:CC:82:14:76:71:FC:EB:96:D3:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68A4015A8C5A11F0B98DE0B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.53.0/24
Signature Algorithm: sha256WithRSAEncryption
19:95:c1:6b:2d:9b:15:51:62:0b:42:f6:c0:3c:cf:db:27:d7:
53:ec:9c:72:27:b6:71:a9:2a:15:92:6f:c9:f1:5c:ff:f0:0c:
fa:5d:31:ca:3a:41:b1:a5:58:00:f2:26:52:b1:8b:26:b9:fe:
f6:77:6a:55:e9:39:35:a0:30:2d:61:dc:10:98:a5:58:05:22:
08:b0:8b:09:3f:2b:e0:8f:ca:2e:2f:5a:00:5d:20:94:6a:dc:
90:83:d8:be:5c:59:0b:30:de:3b:b3:52:ed:89:a3:fc:20:da:
f5:18:8a:29:54:47:5e:a5:5f:2f:ea:5a:a3:c1:ed:78:32:cc:
af:ba:95:da:bd:2b:50:44:b2:e9:7e:9f:af:17:e8:7a:bb:76:
59:75:7a:0b:5c:40:30:02:0b:37:2d:65:81:73:5a:16:95:08:
06:a0:3b:9f:6f:39:0e:2c:62:04:e5:1e:94:2d:c1:ff:74:e1:
26:c7:fc:20:53:69:3e:77:58:d9:17:71:8d:e6:e8:ce:03:b3:
fd:ea:bd:a8:29:e6:c1:e0:30:f0:00:ad:96:68:fb:ed:70:bf:
31:02:58:4d:d2:18:4b:00:22:00:6b:9b:60:41:b5:b3:71:59:
39:22:6c:84:70:f0:fc:c3:70:04:a3:c7:9a:ef:33:51:b4:1a:
f0:e3:8b:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ6EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA4MDIyMDM0WhcNMjUwOTIxMDIyMDM0WjAYMRYw
FAYDVQQDEw02OGJlM2Q3Ni02MGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyIoSWgYZVnSUYfdEPwERe8Qn1Nvt5eXhvztMi+DmK03G52eOrdgR2w1V
aN2cs7hlr6BdEatd8NRPu2BMuS35bjxHYdN4RrpTWEkZN57GF9FFhDtCtHJNo2RX
I6CO4ZqUq3J9IxiOedOdvI4Fz7aaqqci+P5cWCXDE9I3Dqivm+7/Mxjwg70UP3WN
pTfCqSeyUdZXR/BZtmCpEMPQH6N57n57aJol9avmKDu/8GY8hhrl7RuqHhNb7OrP
bxf+dFpNwdHw1W5y1h1SZJcPoe+HHAuzGCQNaCYzhsLb7b6leh4oaLJbG3VG11us
moJFATkU+bc+VZq142PtY/lyekzTfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOPM
5eyOTkCpFE3MghR2cfzrltP7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OEE0MDE1QThDNUExMUYwQjk4REUwQjBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsk1MA0GCSqGSIb3DQEB
CwUAA4IBAQAZlcFrLZsVUWILQvbAPM/bJ9dT7JxyJ7ZxqSoVkm/J8Vz/8Az6XTHK
OkGxpVgA8iZSsYsmuf72d2pV6Tk1oDAtYdwQmKVYBSIIsIsJPyvgj8ouL1oAXSCU
atyQg9i+XFkLMN47s1LtiaP8INr1GIopVEdepV8v6lqjwe14MsyvupXavStQRLLp
fp+vF+h6u3ZZdXoLXEAwAgs3LWWBc1oWlQgGoDufbzkOLGIE5R6ULcH/dOEmx/wg
U2k+d1jZF3GN5ujOA7P96r2oKebB4DDwAK2WaPvtcL8xAlhN0hhLACIAa5tgQbWz
cVk5ImyEcPD8w3AEo8ea7zNRtBrw44uT
-----END CERTIFICATE-----
Generated at Wed Sep 17 09:53:04 2025 by rpki-client