Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E3368689AC311F0877610C3DAE4EC9C.roa
File: 7E3368689AC311F0877610C3DAE4EC9C.roa (raw, json)
Hash identifier: Vv+0GaKYK//4e0ghZpAgZUwc/6TRLsQWA/QW7mZMizQ=
Subject key identifier: 02:BB:49:80:F5:C2:C3:DA:D2:D5:73:4D:5C:D0:BF:77:90:03:42:CA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A12F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E3368689AC311F0877610C3DAE4EC9C.roa
Signing time: Fri 26 Sep 2025 10:28:08 +0000
ROA not before: Fri 26 Sep 2025 10:28:01 +0000
ROA not after: Sun 02 Nov 2025 10:28:01 +0000
asID: 17497
IP address blocks: 154.81.142.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106799 (0x1a12f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 26 10:28:01 2025 GMT
Not After : Nov 2 10:28:01 2025 GMT
Subject: CN=68d66ab8-6a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fa:34:7b:d1:08:f5:28:86:bb:e7:bd:78:73:
67:3e:50:15:bb:e0:26:ff:f4:da:6b:fd:b0:65:70:
cf:0d:c5:6d:25:0b:7d:6b:f8:e1:6d:91:17:91:2b:
ea:c3:dd:a3:5a:6f:cb:45:eb:38:27:2c:1c:f1:76:
58:2d:87:85:88:88:85:34:8d:f6:b6:03:81:e9:58:
3e:38:91:99:88:d7:c8:3b:5a:58:69:0c:8d:40:10:
68:e5:b9:9d:8d:47:13:fc:b1:3e:02:1d:01:20:74:
6b:44:9b:8b:0d:c2:62:b2:0c:78:ce:06:fd:33:0a:
c6:67:0c:6c:4f:93:2b:b3:7d:30:42:fd:ef:21:f7:
a5:4f:6c:69:a1:69:77:df:37:22:86:54:fc:88:6d:
86:d8:8e:c3:32:83:6e:dc:b8:1e:5f:ea:8d:fa:57:
ef:9f:37:5f:f3:68:5b:af:1b:85:4b:12:8b:42:d2:
7d:bf:c9:cc:ca:51:89:0b:cc:dd:5c:d8:91:88:98:
32:b7:7c:b4:31:e3:c5:86:7d:fe:86:c1:fe:71:be:
e1:b7:01:97:63:f7:16:d2:50:26:e0:50:9a:03:39:
94:37:4e:6b:dc:b5:ca:57:81:13:b2:66:18:b9:e1:
d4:2a:21:1f:4b:f7:3d:ea:10:40:83:0c:42:2a:83:
ce:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BB:49:80:F5:C2:C3:DA:D2:D5:73:4D:5C:D0:BF:77:90:03:42:CA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E3368689AC311F0877610C3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.142.0/23
Signature Algorithm: sha256WithRSAEncryption
59:c2:05:3e:27:8d:d0:ad:ca:86:40:e3:b0:93:c1:e2:93:c6:
47:00:97:02:a9:e6:71:a8:5c:5b:bb:69:fc:18:b4:55:1c:7c:
d1:d0:37:3b:7d:11:d2:5e:19:44:a7:f8:53:61:39:16:2e:34:
bd:4b:f0:b9:bf:19:c1:6e:29:8e:81:42:53:32:0f:c8:0f:18:
91:1d:d0:ae:89:95:c2:a8:53:49:67:b4:f7:e4:f2:be:a2:4f:
c1:5f:8e:23:1a:cb:5e:f8:1e:22:4e:d8:a0:40:59:da:34:e5:
e6:a4:46:13:8b:fc:79:bd:52:65:f6:96:1b:32:a5:ee:85:47:
f3:58:fe:94:67:ce:8d:3b:bd:b9:cb:7b:e5:76:7e:d6:05:e0:
57:1e:50:04:90:8b:5d:2d:de:e4:d8:83:07:33:60:e4:7a:cb:
0e:63:cb:f6:7e:9c:c4:3f:09:63:b3:a8:63:48:d8:bb:b0:a8:
54:c9:ac:d4:13:91:d4:bb:8e:2c:43:72:56:e6:30:ca:82:42:
3e:9b:8d:be:18:eb:34:1d:e9:eb:e9:55:1d:34:5b:e6:05:6f:
4b:74:3f:11:6b:ed:7c:f2:10:0c:b2:59:1f:8c:89:d8:8c:df:
bb:11:97:88:24:e8:53:6f:24:f1:e5:80:70:72:4a:d6:d2:e1:
5b:8b:1d:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaEvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI2MTAyODAxWhcNMjUxMTAyMTAyODAxWjAYMRYw
FAYDVQQDEw02OGQ2NmFiOC02YTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApfo0e9EI9SiGu+e9eHNnPlAVu+Am//Taa/2wZXDPDcVtJQt9a/jhbZEX
kSvqw92jWm/LRes4Jywc8XZYLYeFiIiFNI32tgOB6Vg+OJGZiNfIO1pYaQyNQBBo
5bmdjUcT/LE+Ah0BIHRrRJuLDcJisgx4zgb9MwrGZwxsT5Mrs30wQv3vIfelT2xp
oWl33zcihlT8iG2G2I7DMoNu3LgeX+qN+lfvnzdf82hbrxuFSxKLQtJ9v8nMylGJ
C8zdXNiRiJgyt3y0MePFhn3+hsH+cb7htwGXY/cW0lAm4FCaAzmUN05r3LXKV4ET
smYYueHUKiEfS/c96hBAgwxCKoPOqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAK7
SYD1wsPa0tVzTVzQv3eQA0LKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RTMzNjg2ODlBQzMxMUYwODc3NjEwQzNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlGOMA0GCSqGSIb3DQEB
CwUAA4IBAQBZwgU+J43QrcqGQOOwk8Hik8ZHAJcCqeZxqFxbu2n8GLRVHHzR0Dc7
fRHSXhlEp/hTYTkWLjS9S/C5vxnBbimOgUJTMg/IDxiRHdCuiZXCqFNJZ7T35PK+
ok/BX44jGste+B4iTtigQFnaNOXmpEYTi/x5vVJl9pYbMqXuhUfzWP6UZ86NO725
y3vldn7WBeBXHlAEkItdLd7k2IMHM2DkessOY8v2fpzEPwljs6hjSNi7sKhUyazU
E5HUu44sQ3JW5jDKgkI+m42+GOs0Henr6VUdNFvmBW9LdD8Ra+188hAMslkfjInY
jN+7EZeIJOhTbyTx5YBwckrW0uFbix1j
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:53 2025 by rpki-client