Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8331A6389F7611F09E6BC0B3DAE4EC9C.roa
File: 8331A6389F7611F09E6BC0B3DAE4EC9C.roa (raw, json)
Hash identifier: jZDIIjqDSAc/kIzINB7uiFb3pNNXz+1MBkVjTbIQp1s=
Subject key identifier: 78:FB:34:50:55:18:32:3F:CF:6B:32:4F:02:7A:69:9A:F4:AF:03:91
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A200
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8331A6389F7611F09E6BC0B3DAE4EC9C.roa
Signing time: Thu 02 Oct 2025 09:59:41 +0000
ROA not before: Thu 02 Oct 2025 09:59:35 +0000
ROA not after: Mon 10 Nov 2025 09:59:35 +0000
asID: 401696
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107008 (0x1a200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 2 09:59:35 2025 GMT
Not After : Nov 10 09:59:35 2025 GMT
Subject: CN=68de4d0d-ad0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:86:9b:84:92:d3:66:ec:a8:06:57:b6:e1:3e:
db:4d:d0:ad:83:db:db:81:f0:1b:33:1a:c4:01:26:
be:8d:7a:d3:d1:49:9a:ea:f7:49:fa:99:31:60:65:
31:d0:cd:06:52:ff:c5:30:1c:28:65:4b:74:ea:cb:
90:d0:15:8c:61:80:97:b3:08:ab:41:7f:ba:12:f1:
34:a8:fd:d7:d7:22:36:1c:ac:15:f2:c0:b6:66:c1:
f1:54:0d:24:ba:d3:fb:0f:79:49:a2:3d:98:6e:08:
1b:67:4f:99:e4:e6:58:0f:33:a1:48:c9:23:45:37:
dc:92:46:ff:ca:7d:63:8c:23:62:e2:3d:87:81:64:
c8:e7:d8:6d:47:54:00:94:5c:b5:22:d7:df:a2:0a:
89:ca:3d:3f:0d:83:7b:55:43:1c:05:5c:9f:2b:6c:
f1:f8:8d:c3:64:5d:b3:b8:16:41:9d:f6:a2:0f:0a:
b9:14:af:5d:05:b9:6f:35:5b:3e:53:5d:7d:1c:4e:
29:0e:15:68:37:74:29:c2:a1:67:93:d2:5c:32:6c:
8e:32:30:93:ec:53:37:fb:32:60:e0:4c:30:9a:5b:
1c:63:6a:ac:6a:5c:be:32:ea:29:d7:05:38:8d:fc:
f6:5c:5e:ee:2e:bb:7d:5c:e0:64:a1:15:80:52:bb:
7c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FB:34:50:55:18:32:3F:CF:6B:32:4F:02:7A:69:9A:F4:AF:03:91
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8331A6389F7611F09E6BC0B3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
34:f2:df:71:a4:db:8a:55:b8:13:be:ba:08:28:bb:ce:2d:d8:
30:7c:80:5b:03:11:fc:41:cd:bc:1e:67:95:8d:38:ad:02:b6:
00:c1:c9:cf:db:24:b7:e2:ca:9c:7a:35:4b:90:b4:b1:0c:24:
e2:54:53:b1:41:90:85:6c:47:7c:88:c4:eb:4d:8d:57:47:ff:
2d:f7:ff:f8:e9:f7:39:72:37:bc:73:7c:35:33:c3:d5:94:f8:
56:16:8c:36:06:08:79:aa:41:72:7e:33:0e:f3:84:a9:e8:28:
a0:9b:ac:8f:2c:47:30:c1:7e:29:01:09:fe:e2:1b:02:58:99:
3d:22:b0:da:73:2c:e4:c3:4e:a5:38:a0:82:b3:36:0f:85:ce:
06:05:23:b9:0c:ea:8a:ee:79:4f:4f:f7:87:6a:52:bf:a7:44:
24:2d:76:28:39:cd:5d:88:d0:69:ea:37:81:89:3d:4c:f4:8e:
8f:55:1a:9e:4a:2a:5e:e0:99:bd:c7:fa:ca:43:d4:68:6f:91:
1e:72:78:d3:ba:c5:44:cd:89:64:2a:26:b6:85:bf:a9:9d:9e:
5c:f4:a5:7f:93:36:8a:f1:99:fb:7e:75:ec:d7:c7:f8:b5:fd:
21:fb:f3:d3:13:4d:15:91:f6:35:a5:07:d4:ee:8d:65:33:8e:
b6:70:bb:8f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaIAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDAyMDk1OTM1WhcNMjUxMTEwMDk1OTM1WjAYMRYw
FAYDVQQDEw02OGRlNGQwZC1hZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5YabhJLTZuyoBle24T7bTdCtg9vbgfAbMxrEASa+jXrT0Uma6vdJ+pkx
YGUx0M0GUv/FMBwoZUt06suQ0BWMYYCXswirQX+6EvE0qP3X1yI2HKwV8sC2ZsHx
VA0kutP7D3lJoj2YbggbZ0+Z5OZYDzOhSMkjRTfckkb/yn1jjCNi4j2HgWTI59ht
R1QAlFy1ItffogqJyj0/DYN7VUMcBVyfK2zx+I3DZF2zuBZBnfaiDwq5FK9dBblv
NVs+U119HE4pDhVoN3QpwqFnk9JcMmyOMjCT7FM3+zJg4EwwmlscY2qsaly+Muop
1wU4jfz2XF7uLrt9XOBkoRWAUrt8NwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHj7
NFBVGDI/z2syTwJ6aZr0rwORMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MzMxQTYzODlGNzYxMUYwOUU2QkMwQjNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQA08t9xpNuKVbgTvroIKLvOLdgwfIBbAxH8Qc28HmeVjTitArYAwcnP
2yS34sqcejVLkLSxDCTiVFOxQZCFbEd8iMTrTY1XR/8t9//46fc5cje8c3w1M8PV
lPhWFow2Bgh5qkFyfjMO84Sp6Cigm6yPLEcwwX4pAQn+4hsCWJk9IrDacyzkw06l
OKCCszYPhc4GBSO5DOqK7nlPT/eHalK/p0QkLXYoOc1diNBp6jeBiT1M9I6PVRqe
Sipe4Jm9x/rKQ9Rob5EecnjTusVEzYlkKia2hb+pnZ5c9KV/kzaK8Zn7fnXs18f4
tf0h+/PTE00VkfY1pQfU7o1lM462cLuP
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:09 2025 by rpki-client