Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/707FB9D29D4911F0A5403796DAE4EC9C.roa
File: 707FB9D29D4911F0A5403796DAE4EC9C.roa (raw, json)
Hash identifier: DUoMRTrAQHHb2GUKHSYNN2MyUD2ousEuCJ3ek5jVgvY=
Subject key identifier: 4C:56:64:1D:C8:E8:A5:3A:DD:5D:B1:C8:D3:B9:7B:3E:2F:2D:27:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A14B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/707FB9D29D4911F0A5403796DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 15:32:00 +0000
ROA not before: Mon 29 Sep 2025 15:31:55 +0000
ROA not after: Thu 30 Oct 2025 15:31:55 +0000
asID: 20326
IP address blocks: 154.94.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106827 (0x1a14b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 15:31:55 2025 GMT
Not After : Oct 30 15:31:55 2025 GMT
Subject: CN=68daa670-6e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:63:fc:d8:5b:b3:b9:2a:4f:9e:57:95:24:
80:b5:95:e8:6d:98:48:91:74:3c:36:3a:42:67:b9:
68:1f:29:f7:43:44:61:a6:f6:d5:e7:33:b9:19:8c:
a5:2f:33:2e:87:f7:2e:13:af:20:bc:96:39:89:6a:
2c:20:5f:4d:bc:95:a2:a9:08:f0:0f:6c:48:c8:8b:
06:df:60:c7:6c:70:fc:f6:54:fa:1f:ec:b2:95:4e:
59:21:f2:a5:0d:35:c5:ec:bb:ab:f2:ef:36:a6:a1:
e7:06:6f:3d:4a:65:5f:db:b9:1c:df:45:ed:2a:75:
2c:17:50:73:f4:e7:4b:cf:6d:10:d6:1f:3e:70:64:
d9:33:a1:22:33:cf:04:e4:88:d0:e2:35:ac:2b:fd:
df:af:b0:d4:70:c9:79:93:08:26:3a:3a:96:fa:03:
69:dd:2e:18:fe:d7:cb:ae:94:33:a0:2c:bb:1e:4a:
77:c6:60:a7:a6:5e:a3:af:dc:a5:22:a7:07:a1:52:
96:77:be:15:3d:76:c4:3f:40:91:f5:6b:19:4f:30:
33:16:03:3e:7f:1b:b1:ff:2c:2a:04:a5:d2:f7:b7:
da:be:d6:3c:9e:f3:f8:c3:6e:28:f6:0f:db:6c:7e:
3a:ef:33:9e:b2:5a:f8:79:f7:a1:1b:60:31:2d:50:
87:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:56:64:1D:C8:E8:A5:3A:DD:5D:B1:C8:D3:B9:7B:3E:2F:2D:27:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/707FB9D29D4911F0A5403796DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.2.0/23
Signature Algorithm: sha256WithRSAEncryption
84:f6:ad:da:73:1a:10:2f:f6:bd:dd:9d:5d:b3:aa:e0:98:36:
27:72:69:52:70:d2:aa:1b:ec:e0:6d:8f:88:c7:48:cf:57:33:
6d:27:a2:31:e5:4a:8c:80:0c:2e:40:6b:b9:ce:1d:1b:ca:11:
9a:8b:ad:ef:f1:c9:02:1f:6d:6d:db:a1:2e:7e:9a:be:44:35:
73:65:5a:a2:d4:2c:f9:ef:ab:ab:4d:1d:48:7e:e4:e5:c6:bd:
66:bd:6d:ea:5d:f9:21:87:fe:23:38:64:0b:39:8a:e1:80:93:
00:73:df:f8:e0:69:d2:fd:08:86:1b:55:6e:d0:d3:dc:2c:e0:
52:d6:2f:c0:f9:9e:1e:c9:7d:07:8e:b6:07:f6:55:47:42:16:
5a:2b:8b:22:3b:c4:26:5d:e3:40:81:dc:11:ef:76:1e:89:e2:
79:ea:fc:24:d1:36:ad:b5:06:e4:15:e5:96:b0:57:43:67:79:
bd:75:0d:ed:32:d0:85:d2:52:52:a1:35:8b:f7:6e:dd:ec:e5:
1c:66:5d:eb:e7:0f:db:5d:f7:7b:9a:f7:07:23:d1:18:2c:76:
ca:c2:4e:ee:2e:87:41:97:9f:23:62:a8:12:7f:b3:cc:48:ff:
e1:2d:59:18:87:0e:5a:b4:3a:cb:35:14:a4:b7:b9:3c:d4:2a:
53:9b:56:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaFLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MTUzMTU1WhcNMjUxMDMwMTUzMTU1WjAYMRYw
FAYDVQQDEw02OGRhYTY3MC02ZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqalj/Nhbs7kqT55XlSSAtZXobZhIkXQ8NjpCZ7loHyn3Q0RhpvbV5zO5
GYylLzMuh/cuE68gvJY5iWosIF9NvJWiqQjwD2xIyIsG32DHbHD89lT6H+yylU5Z
IfKlDTXF7Lur8u82pqHnBm89SmVf27kc30XtKnUsF1Bz9OdLz20Q1h8+cGTZM6Ei
M88E5IjQ4jWsK/3fr7DUcMl5kwgmOjqW+gNp3S4Y/tfLrpQzoCy7Hkp3xmCnpl6j
r9ylIqcHoVKWd74VPXbEP0CR9WsZTzAzFgM+fxux/ywqBKXS97favtY8nvP4w24o
9g/bbH467zOeslr4efehG2AxLVCH2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFExW
ZB3I6KU63V2xyNO5ez4vLSdlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MDdGQjlEMjlENDkxMUYwQTU0MDM3OTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml4CMA0GCSqGSIb3DQEB
CwUAA4IBAQCE9q3acxoQL/a93Z1ds6rgmDYncmlScNKqG+zgbY+Ix0jPVzNtJ6Ix
5UqMgAwuQGu5zh0byhGai63v8ckCH21t26Eufpq+RDVzZVqi1Cz576urTR1IfuTl
xr1mvW3qXfkhh/4jOGQLOYrhgJMAc9/44GnS/QiGG1Vu0NPcLOBS1i/A+Z4eyX0H
jrYH9lVHQhZaK4siO8QmXeNAgdwR73YeieJ56vwk0TattQbkFeWWsFdDZ3m9dQ3t
MtCF0lJSoTWL927d7OUcZl3r5w/bXfd7mvcHI9EYLHbKwk7uLodBl58jYqgSf7PM
SP/hLVkYhw5atDrLNRSkt7k81CpTm1YQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:10 2025 by rpki-client