Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C452814A08811F0907CAB9DDAE4EC9C.roa
File: 7C452814A08811F0907CAB9DDAE4EC9C.roa (raw, json)
Hash identifier: OJbKhmobeeFEv3iOAwBVQf98PooYWZu9Pt0CNKE5mNw=
Subject key identifier: 4A:EF:90:D7:98:84:0F:75:02:7B:3D:B2:4F:DF:69:FE:E7:D1:50:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A23B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C452814A08811F0907CAB9DDAE4EC9C.roa
Signing time: Fri 03 Oct 2025 18:40:51 +0000
ROA not before: Fri 03 Oct 2025 18:40:45 +0000
ROA not after: Sat 31 Jan 2026 18:40:45 +0000
asID: 328608
IP address blocks: 154.83.240.0/22 maxlen: 24
154.88.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107067 (0x1a23b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 3 18:40:45 2025 GMT
Not After : Jan 31 18:40:45 2026 GMT
Subject: CN=68e018b3-24e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ee:48:e8:f5:58:88:f4:30:9d:a8:c5:ae:74:
41:2e:4c:ed:46:89:a7:1f:52:54:69:6b:8a:4f:44:
2d:2a:1f:85:41:a9:e2:b4:c6:73:63:9c:aa:4c:07:
08:c8:82:f5:f7:04:f9:5b:ed:c9:84:ce:41:31:22:
c8:ff:3c:11:40:9c:a8:88:7f:b1:f6:66:f7:b5:cd:
be:86:c3:7f:5e:4d:8c:4e:3a:da:33:af:19:50:6a:
9d:7e:af:cf:03:b8:19:e4:a7:12:6b:39:2a:94:23:
39:03:3d:99:e4:6b:47:e8:0a:a6:48:16:e4:3a:e3:
33:f3:c1:df:0a:b1:02:7e:cf:e8:7a:20:b8:21:27:
3f:5f:6b:8e:72:df:13:e1:96:b1:2b:64:6e:3e:bf:
07:2a:82:fe:dc:9d:d5:b6:fa:5d:ec:ad:3b:68:d3:
d0:d0:3f:f5:e0:04:1c:76:c7:09:ea:48:a1:66:b5:
fc:07:9e:e2:c6:76:89:12:bb:1e:4d:10:66:c4:24:
03:a2:26:c3:8d:34:11:5d:84:8d:03:0d:4c:c0:65:
7c:c5:76:a4:7f:90:c2:67:3c:8f:63:35:e4:fc:c5:
82:c9:a3:42:0f:33:e7:04:60:40:d0:7d:e8:f4:ef:
8b:09:ec:29:00:71:22:59:33:11:bc:94:ba:d5:2d:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:EF:90:D7:98:84:0F:75:02:7B:3D:B2:4F:DF:69:FE:E7:D1:50:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C452814A08811F0907CAB9DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.240.0/22
154.88.36.0/22
Signature Algorithm: sha256WithRSAEncryption
20:d2:c9:54:8c:71:c5:30:5d:eb:67:26:62:27:c6:98:e1:a1:
85:04:26:99:b5:35:d9:bd:22:d3:08:7e:01:dd:7a:91:53:88:
f9:a0:9e:d4:34:66:03:2d:1e:4e:4d:ab:d3:16:0e:04:b8:3e:
08:e9:00:d2:68:63:dd:89:3e:32:6b:03:f3:04:dd:6f:07:1e:
ea:80:9f:ba:9d:9b:a2:ce:79:34:6e:15:a7:82:59:e1:ad:5a:
c6:4f:71:f7:6f:db:10:0c:91:b8:ae:63:11:ca:8a:3d:fc:c8:
fa:f3:fb:b7:2f:b5:4a:7d:1e:b3:c5:ae:e5:e2:1c:f5:b8:b9:
db:60:0c:a3:67:2a:bb:e9:03:7e:31:2a:ce:17:b7:0f:75:7b:
69:4f:47:3c:bf:0d:bf:90:c9:f5:df:94:d1:68:29:02:eb:5d:
30:63:8d:1d:e1:a3:24:35:b9:2b:1d:86:c9:13:cc:6f:9b:32:
3c:b2:ce:e5:c1:ea:87:99:18:a9:50:52:69:e6:75:72:f3:e0:
f5:ea:17:c5:cc:e7:8c:b7:0b:58:50:a8:02:4d:42:04:35:dd:
a0:fe:46:e6:f2:e8:11:d3:0f:e6:94:c4:56:c5:cc:8b:17:2f:
c8:10:3b:4b:8b:b1:82:eb:33:5a:ec:a0:1c:d1:a4:1b:1d:a4:
6c:0b:9a:ae
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaI7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAzMTg0MDQ1WhcNMjYwMTMxMTg0MDQ1WjAYMRYw
FAYDVQQDEw02OGUwMThiMy0yNGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqO5I6PVYiPQwnajFrnRBLkztRomnH1JUaWuKT0QtKh+FQanitMZzY5yq
TAcIyIL19wT5W+3JhM5BMSLI/zwRQJyoiH+x9mb3tc2+hsN/Xk2MTjraM68ZUGqd
fq/PA7gZ5KcSazkqlCM5Az2Z5GtH6AqmSBbkOuMz88HfCrECfs/oeiC4ISc/X2uO
ct8T4ZaxK2RuPr8HKoL+3J3Vtvpd7K07aNPQ0D/14AQcdscJ6kihZrX8B57ixnaJ
ErseTRBmxCQDoibDjTQRXYSNAw1MwGV8xXakf5DCZzyPYzXk/MWCyaNCDzPnBGBA
0H3o9O+LCewpAHEiWTMRvJS61S1pAQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFErv
kNeYhA91Ans9sk/faf7n0VDZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QzQ1MjgxNEEwODgxMUYwOTA3Q0FCOUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlPwAwQCmlgkMA0GCSqG
SIb3DQEBCwUAA4IBAQAg0slUjHHFMF3rZyZiJ8aY4aGFBCaZtTXZvSLTCH4B3XqR
U4j5oJ7UNGYDLR5OTavTFg4EuD4I6QDSaGPdiT4yawPzBN1vBx7qgJ+6nZuiznk0
bhWnglnhrVrGT3H3b9sQDJG4rmMRyoo9/Mj68/u3L7VKfR6zxa7l4hz1uLnbYAyj
Zyq76QN+MSrOF7cPdXtpT0c8vw2/kMn135TRaCkC610wY40d4aMkNbkrHYbJE8xv
mzI8ss7lweqHmRipUFJp5nVy8+D16hfFzOeMtwtYUKgCTUIENd2g/kbm8ugR0w/m
lMRWxcyLFy/IEDtLi7GC6zNa7KAc0aQbHaRsC5qu
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:00 2025 by rpki-client