Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/773FFF9C8FB211F0B9D0CEA2DAE4EC9C.roa
File: 773FFF9C8FB211F0B9D0CEA2DAE4EC9C.roa (raw, json)
Hash identifier: TWf9AdEYP9Spc7ugakMWOfXVdqVizsqBuPRrbsQ541o=
Subject key identifier: 35:12:B1:16:01:75:DF:CE:44:B3:BC:A2:6C:BB:52:1B:DB:DD:30:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019F78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/773FFF9C8FB211F0B9D0CEA2DAE4EC9C.roa
Signing time: Fri 12 Sep 2025 08:28:32 +0000
ROA not before: Fri 12 Sep 2025 08:28:24 +0000
ROA not after: Thu 04 Dec 2025 08:28:24 +0000
asID: 149440
IP address blocks: 154.81.220.0/24 maxlen: 24
154.91.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106360 (0x19f78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 12 08:28:24 2025 GMT
Not After : Dec 4 08:28:24 2025 GMT
Subject: CN=68c3d9b0-7960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:02:cf:91:8d:f9:de:29:f2:8f:34:94:a2:
ff:f8:d3:55:97:b7:c3:4c:27:97:57:0c:85:5c:ef:
e8:bc:52:22:a8:83:61:3b:a0:07:ec:27:25:b2:a7:
5c:9a:5e:de:02:17:87:a1:40:68:0f:f6:fb:d3:bd:
7d:3c:8f:b5:70:c3:30:f1:29:b3:b2:c9:eb:a9:a1:
c1:c9:67:d7:4f:e2:b4:aa:d1:64:32:2d:d9:a0:87:
3d:3b:f4:e5:ca:16:06:91:2d:16:fd:22:51:be:e3:
4e:bc:f9:04:11:c6:b1:8d:41:19:d8:1a:51:87:16:
38:e9:94:00:fe:d4:bc:b8:5c:be:d0:78:e5:1e:86:
82:96:ac:42:93:37:da:23:7e:3f:14:54:ad:db:63:
3d:9f:71:e4:25:5a:31:0c:97:f1:f5:f4:e4:f0:37:
8e:33:4c:52:4d:85:d5:66:96:77:f5:6c:17:63:01:
e4:f6:ab:88:9c:f5:45:b2:23:ec:89:eb:a9:80:2e:
e9:26:7c:ba:52:40:33:14:bf:75:61:b4:91:eb:52:
2a:9f:d5:96:2a:77:f5:cc:f9:fa:c7:5f:13:f6:35:
80:bf:f8:61:c4:62:7f:6c:1d:42:40:6a:db:c6:99:
54:79:a9:1a:53:9f:af:a1:82:a6:0f:6a:da:5c:c0:
0a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:12:B1:16:01:75:DF:CE:44:B3:BC:A2:6C:BB:52:1B:DB:DD:30:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/773FFF9C8FB211F0B9D0CEA2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.220.0/24
154.91.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:c1:d4:3c:3e:7a:69:4a:b6:55:cf:f7:c7:7e:48:dc:93:2f:
a2:be:aa:f9:0e:9c:0b:89:21:79:6e:62:5d:6d:32:15:fa:60:
f4:d7:32:3b:7f:de:79:64:a1:24:30:25:90:8d:99:c7:e0:d1:
96:ae:6e:3a:91:f8:63:9c:6a:bd:4f:84:26:71:fb:46:d1:30:
0e:3a:da:e4:45:8e:d5:24:33:0f:70:a6:e0:89:9e:32:96:9e:
77:a9:40:a4:2a:1f:19:33:54:c0:b7:4a:7c:be:82:c2:8b:48:
28:7a:1f:8f:35:ef:d4:3e:c7:3a:2a:b8:91:9a:44:17:fb:45:
c2:d2:49:47:98:3f:5e:15:d2:90:8a:15:37:3c:8f:d3:79:9b:
83:04:bd:3e:a4:e1:41:b9:81:f5:ba:e1:49:61:ed:bf:86:bf:
d5:bc:fa:33:41:b7:74:3d:46:d0:db:d3:c7:af:da:d9:3d:4e:
94:51:5b:ed:69:88:cb:d7:89:e4:0b:b5:2f:f5:28:d3:35:09:
c1:5b:e3:70:cb:0b:33:3e:85:20:e4:f5:8d:47:a8:ef:30:81:
8a:7a:11:8a:c3:a2:fe:5a:7e:27:dc:26:a1:0d:90:ce:7f:c3:
d9:16:2d:90:b9:a1:57:21:29:c1:3c:a2:2c:33:4a:ce:dd:d5:
7e:46:55:92
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZ94MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTEyMDgyODI0WhcNMjUxMjA0MDgyODI0WjAYMRYw
FAYDVQQDEw02OGMzZDliMC03OTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqywCz5GN+d4p8o80lKL/+NNVl7fDTCeXVwyFXO/ovFIiqINhO6AH7Ccl
sqdcml7eAheHoUBoD/b70719PI+1cMMw8SmzssnrqaHByWfXT+K0qtFkMi3ZoIc9
O/TlyhYGkS0W/SJRvuNOvPkEEcaxjUEZ2BpRhxY46ZQA/tS8uFy+0HjlHoaClqxC
kzfaI34/FFSt22M9n3HkJVoxDJfx9fTk8DeOM0xSTYXVZpZ39WwXYwHk9quInPVF
siPsieupgC7pJny6UkAzFL91YbSR61Iqn9WWKnf1zPn6x18T9jWAv/hhxGJ/bB1C
QGrbxplUeakaU5+voYKmD2raXMAKpwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDUS
sRYBdd/ORLO8omy7Uhvb3TBoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NzNGRkY5QzhGQjIxMUYwQjlEMENFQTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlHcAwQAmlsAMA0GCSqG
SIb3DQEBCwUAA4IBAQC5wdQ8PnppSrZVz/fHfkjcky+ivqr5DpwLiSF5bmJdbTIV
+mD01zI7f955ZKEkMCWQjZnH4NGWrm46kfhjnGq9T4QmcftG0TAOOtrkRY7VJDMP
cKbgiZ4ylp53qUCkKh8ZM1TAt0p8voLCi0goeh+PNe/UPsc6KriRmkQX+0XC0klH
mD9eFdKQihU3PI/TeZuDBL0+pOFBuYH1uuFJYe2/hr/VvPozQbd0PUbQ29PHr9rZ
PU6UUVvtaYjL14nkC7Uv9SjTNQnBW+NwywszPoUg5PWNR6jvMIGKehGKw6L+Wn4n
3CahDZDOf8PZFi2QuaFXISnBPKIsM0rO3dV+RlWS
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:02 2025 by rpki-client