Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/799E0BB49EAB11F09FA77294DAE4EC9C.roa
File: 799E0BB49EAB11F09FA77294DAE4EC9C.roa (raw, json)
Hash identifier: UG/iHzHgotEzHRydtVb58baRLf11MIK1FQ0eygjaoDU=
Subject key identifier: F2:36:DD:F4:4F:32:33:B6:7C:C1:48:1C:87:9A:C4:F9:89:9F:97:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/799E0BB49EAB11F09FA77294DAE4EC9C.roa
Signing time: Wed 01 Oct 2025 09:46:17 +0000
ROA not before: Wed 01 Oct 2025 09:46:10 +0000
ROA not after: Sat 13 Dec 2025 09:46:10 +0000
asID: 25818
IP address blocks: 154.91.204.0/22 maxlen: 24
154.91.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106989 (0x1a1ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 1 09:46:10 2025 GMT
Not After : Dec 13 09:46:10 2025 GMT
Subject: CN=68dcf869-53b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:bb:a9:7d:fa:d0:97:4b:9e:79:1d:41:f9:
c0:ca:9e:dc:a0:8a:05:6e:b2:0e:e5:90:dd:11:27:
5b:d9:44:03:b2:c9:a8:67:0f:6b:65:55:22:ce:cc:
cf:df:96:5d:12:04:1f:2d:dc:92:fd:17:31:5a:9e:
e8:5f:57:6d:ce:e3:9a:d2:20:c0:80:38:4e:60:f9:
91:1e:c0:ed:e5:32:37:fd:31:8b:67:08:67:0f:3d:
8b:62:5a:57:de:cc:9f:23:40:dc:e0:66:ec:4b:a3:
7d:ad:92:e3:16:0c:72:1e:32:08:51:27:96:6d:55:
18:01:69:70:53:c7:71:21:0a:ab:35:22:63:1c:1e:
5b:a3:cd:ac:3a:a2:4a:74:50:89:9b:7e:ff:e3:35:
b5:c2:93:17:c2:41:32:d0:85:4c:f8:4a:12:4a:c0:
b9:2a:d7:17:89:ec:5a:53:a4:58:4e:99:5d:36:9f:
2b:60:62:d1:c6:53:42:72:33:06:d4:7c:4d:b0:6c:
c8:10:82:2e:fb:83:f9:3f:89:78:dd:98:7d:fd:08:
b7:56:60:39:1c:4d:00:f7:d5:11:af:2c:ce:6a:65:
65:26:7d:ea:a2:5b:d1:74:b6:67:a6:63:d1:ac:c9:
ce:41:7d:aa:20:12:ce:6e:fc:50:32:00:42:1b:24:
5d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:36:DD:F4:4F:32:33:B6:7C:C1:48:1C:87:9A:C4:F9:89:9F:97:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/799E0BB49EAB11F09FA77294DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.204.0-154.91.223.255
Signature Algorithm: sha256WithRSAEncryption
44:72:fd:1b:5a:aa:6e:c4:c1:c4:af:ac:02:55:90:2f:8f:bb:
63:1b:6c:a3:6c:04:9f:59:c3:8a:bb:3e:df:10:d8:d0:30:be:
54:9a:25:dc:fb:6f:90:56:e2:1f:45:0b:36:96:50:24:10:a5:
42:27:94:e5:d2:e5:cf:d4:39:a4:2a:b6:5f:9b:91:a2:5e:46:
4b:c5:0d:7d:5c:03:2a:13:09:d5:b7:7a:39:f8:32:e8:d4:ac:
13:d3:9a:6b:3c:7d:42:be:ca:5d:70:7b:04:39:34:fa:32:86:
47:0a:c2:aa:ae:b3:12:74:49:0b:24:d8:13:8b:eb:1c:b4:65:
ec:5f:84:64:57:43:cb:a3:6a:7d:2f:10:c1:c9:c6:51:3b:b9:
29:d3:d8:96:b3:2f:d5:3b:c4:e5:c0:1b:f6:ac:34:e5:bd:26:
2f:76:54:f5:49:7c:77:61:ad:9f:5a:b4:51:53:33:a4:f3:69:
40:82:1e:a9:3a:12:14:39:8e:68:4f:e8:52:cf:19:90:1f:db:
67:e8:a0:a5:b4:b9:57:85:79:ae:ce:78:4c:e5:fb:32:46:20:
af:1f:7a:9a:8b:17:4b:f3:f5:8a:de:10:8b:49:10:c7:bc:ee:
75:83:7a:c8:70:e3:d1:5b:25:9a:8d:fb:0c:16:75:16:14:e1:
b3:d5:63:0c
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAaHtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAxMDk0NjEwWhcNMjUxMjEzMDk0NjEwWjAYMRYw
FAYDVQQDEw02OGRjZjg2OS01M2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvv67qX360JdLnnkdQfnAyp7coIoFbrIO5ZDdESdb2UQDssmoZw9rZVUi
zszP35ZdEgQfLdyS/RcxWp7oX1dtzuOa0iDAgDhOYPmRHsDt5TI3/TGLZwhnDz2L
YlpX3syfI0Dc4GbsS6N9rZLjFgxyHjIIUSeWbVUYAWlwU8dxIQqrNSJjHB5bo82s
OqJKdFCJm37/4zW1wpMXwkEy0IVM+EoSSsC5KtcXiexaU6RYTpldNp8rYGLRxlNC
cjMG1HxNsGzIEIIu+4P5P4l43Zh9/Qi3VmA5HE0A99URryzOamVlJn3qolvRdLZn
pmPRrMnOQX2qIBLObvxQMgBCGyRduwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPI2
3fRPMjO2fMFIHIeaxPmJn5cnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OTlFMEJCNDlFQUIxMUYwOUZBNzcyOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKaW8wDBAWaW8AwDQYJ
KoZIhvcNAQELBQADggEBAERy/Rtaqm7EwcSvrAJVkC+Pu2MbbKNsBJ9Zw4q7Pt8Q
2NAwvlSaJdz7b5BW4h9FCzaWUCQQpUInlOXS5c/UOaQqtl+bkaJeRkvFDX1cAyoT
CdW3ejn4MujUrBPTmms8fUK+yl1wewQ5NPoyhkcKwqqusxJ0SQsk2BOL6xy0Zexf
hGRXQ8ujan0vEMHJxlE7uSnT2JazL9U7xOXAG/asNOW9Ji92VPVJfHdhrZ9atFFT
M6TzaUCCHqk6EhQ5jmhP6FLPGZAf22fooKW0uVeFea7OeEzl+zJGIK8fepqLF0vz
9YreEItJEMe87nWDeshw49FbJZqN+wwWdRYU4bPVYww=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:52 2025 by rpki-client