Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/746E0B7899EF11F0B175BFE4DAE4EC9C.roa
File: 746E0B7899EF11F0B175BFE4DAE4EC9C.roa (raw, json)
Hash identifier: f59sh2EHl4jfDMn4pRIlEmSzxuuboqm1/1Qml2nsV2Y=
Subject key identifier: 0B:12:55:64:B7:4E:C7:F5:6A:C0:A2:4F:1C:CE:1E:DB:17:D6:06:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/746E0B7899EF11F0B175BFE4DAE4EC9C.roa
Signing time: Thu 25 Sep 2025 09:10:18 +0000
ROA not before: Thu 25 Sep 2025 09:10:13 +0000
ROA not after: Thu 04 Dec 2025 09:10:13 +0000
asID: 63139
IP address blocks: 154.93.83.0/24 maxlen: 24
154.93.95.0/24 maxlen: 24
154.93.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106733 (0x1a0ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 25 09:10:13 2025 GMT
Not After : Dec 4 09:10:13 2025 GMT
Subject: CN=68d506fa-8875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:45:2b:57:1a:61:11:58:56:1f:51:d7:a1:f6:
34:08:2e:e4:48:0d:4f:7a:0e:8b:41:a2:99:c6:e9:
cc:3b:0e:c6:aa:d8:3e:23:ee:4e:e2:92:e7:84:0b:
92:fa:8c:7c:e3:42:bf:0a:cb:83:27:85:10:f0:74:
c7:73:87:8c:8e:03:a2:78:85:69:0b:10:d8:8b:a4:
f6:6c:d1:38:1e:52:ed:5b:7e:31:26:7e:63:34:e5:
4e:ef:f6:31:d6:56:e3:ec:c9:ef:ad:07:ac:e4:ed:
f9:87:57:af:42:0e:74:fa:c0:58:49:21:5b:b0:8b:
e4:d0:01:7b:30:66:d0:bd:2a:0a:7e:44:b9:47:c9:
b2:56:84:e5:bc:7d:08:6d:75:e2:02:1c:e1:ec:c2:
c2:7a:e2:77:01:96:fe:a1:b7:09:12:82:b9:7b:da:
67:e3:7f:13:ce:49:9c:f5:29:1a:9e:8a:2b:4c:0c:
6a:d4:16:65:55:2c:48:af:ff:59:7e:18:46:50:1d:
69:52:d5:cf:4b:1a:ad:c7:81:46:10:1d:87:bf:2c:
93:fd:9c:82:f1:11:27:fa:a1:85:97:44:52:b2:cd:
38:d5:93:a2:97:bc:79:55:8a:85:0c:97:f5:f5:84:
b0:d3:32:6c:22:13:f6:f8:f0:c5:e7:5b:cc:d1:8f:
a5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:12:55:64:B7:4E:C7:F5:6A:C0:A2:4F:1C:CE:1E:DB:17:D6:06:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/746E0B7899EF11F0B175BFE4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.83.0/24
154.93.95.0/24
154.93.123.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ca:8e:87:14:d8:d3:23:1f:ae:b7:79:3a:0c:8f:0b:f4:10:
55:62:fd:43:f5:80:e8:a2:51:45:f0:b0:74:46:eb:6a:0c:d5:
37:23:9c:b0:81:7c:5a:db:4a:42:6c:93:61:4d:06:44:32:b2:
7b:16:de:f4:a7:fd:31:b5:10:76:6a:3f:7f:8b:26:09:1a:b7:
c5:06:ef:81:de:bc:07:a7:9e:e4:37:10:0a:84:b9:45:4c:70:
de:ca:ab:32:c7:7e:0f:39:17:5f:33:6f:8f:8b:ce:70:67:2f:
3b:b8:54:e4:ed:30:4e:3a:d0:75:f6:b1:9d:1f:d7:05:a3:bd:
27:11:19:82:da:39:fc:24:9d:45:62:a8:f1:6f:bf:d0:f5:c9:
3e:dc:ba:00:ba:7f:38:09:57:d8:34:c5:43:d5:d6:9a:ed:a8:
8a:83:9b:9e:13:4f:6c:60:5f:39:08:e4:62:16:f5:d9:e3:8d:
fc:76:a9:b1:ae:05:b1:32:97:78:62:09:cf:6c:b7:03:c0:e1:
d2:7b:12:44:87:a8:50:62:86:fa:aa:cb:93:60:10:d0:25:cc:
2d:df:53:3b:e1:ad:92:67:c6:e3:45:b9:72:b1:8d:fd:5a:98:
cb:94:6c:62:46:b7:91:e7:cc:6b:c4:07:5a:cc:f8:65:a3:e7:
85:10:0e:93
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAaDtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI1MDkxMDEzWhcNMjUxMjA0MDkxMDEzWjAYMRYw
FAYDVQQDEw02OGQ1MDZmYS04ODc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAokUrVxphEVhWH1HXofY0CC7kSA1Peg6LQaKZxunMOw7Gqtg+I+5O4pLn
hAuS+ox840K/CsuDJ4UQ8HTHc4eMjgOieIVpCxDYi6T2bNE4HlLtW34xJn5jNOVO
7/Yx1lbj7MnvrQes5O35h1evQg50+sBYSSFbsIvk0AF7MGbQvSoKfkS5R8myVoTl
vH0IbXXiAhzh7MLCeuJ3AZb+obcJEoK5e9pn438Tzkmc9SkanoorTAxq1BZlVSxI
r/9ZfhhGUB1pUtXPSxqtx4FGEB2HvyyT/ZyC8REn+qGFl0RSss041ZOil7x5VYqF
DJf19YSw0zJsIhP2+PDF51vM0Y+l3QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFAsS
VWS3Tsf1asCiTxzOHtsX1gbQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NDZFMEI3ODk5RUYxMUYwQjE3NUJGRTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAml1TAwQAml1fAwQAml17
MA0GCSqGSIb3DQEBCwUAA4IBAQAkyo6HFNjTIx+ut3k6DI8L9BBVYv1D9YDoolFF
8LB0RutqDNU3I5ywgXxa20pCbJNhTQZEMrJ7Ft70p/0xtRB2aj9/iyYJGrfFBu+B
3rwHp57kNxAKhLlFTHDeyqsyx34PORdfM2+Pi85wZy87uFTk7TBOOtB19rGdH9cF
o70nERmC2jn8JJ1FYqjxb7/Q9ck+3LoAun84CVfYNMVD1daa7aiKg5ueE09sYF85
CORiFvXZ4438dqmxrgWxMpd4YgnPbLcDwOHSexJEh6hQYob6qsuTYBDQJcwt31M7
4a2SZ8bjRblysY39WpjLlGxiRreR58xrxAdazPhlo+eFEA6T
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:46 2025 by rpki-client