Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8351B40C996611F0AE4404E3DAE4EC9C.roa
File: 8351B40C996611F0AE4404E3DAE4EC9C.roa (raw, json)
Hash identifier: 9HAHI6vHN+DdztlZlHx0ECF5QnFLNYFyUySnNMRr6vQ=
Subject key identifier: 21:ED:63:69:74:51:3C:01:3D:10:E8:DE:1F:0F:F9:66:95:7D:B5:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A098
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8351B40C996611F0AE4404E3DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 16:50:02 +0000
ROA not before: Wed 24 Sep 2025 16:49:58 +0000
ROA not after: Thu 30 Oct 2025 16:49:58 +0000
asID: 328608
IP address blocks: 154.91.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106648 (0x1a098)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 16:49:58 2025 GMT
Not After : Oct 30 16:49:58 2025 GMT
Subject: CN=68d4213a-de09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:6d:b0:27:68:eb:ef:09:cc:d0:b2:03:1d:
ed:df:86:07:65:2e:d6:43:a5:9c:b1:40:c5:3a:6c:
95:85:d0:46:a0:fe:46:f6:e9:47:a2:02:f9:09:1e:
7a:88:64:5f:be:19:59:72:6d:8f:2e:58:df:1d:16:
6b:3c:23:f3:3f:a9:e0:8c:a0:3e:34:7b:f5:a5:b4:
99:0c:55:3c:e7:a5:c0:e8:22:1c:c1:fd:98:0d:cf:
c7:b6:e6:a5:87:0c:de:c0:36:d2:0c:28:c7:71:8e:
af:eb:24:84:52:cf:e0:7c:c5:fc:37:d7:3d:7c:71:
a3:2c:39:fd:d7:85:e0:05:35:b7:fe:3b:b5:58:6c:
91:69:4f:fd:8e:cd:8b:0a:c7:8a:08:65:ca:4f:92:
d6:2d:9a:a0:d1:2c:8a:6e:85:e0:0a:b3:f3:3d:83:
84:d7:23:b2:ce:76:42:67:3b:41:67:5e:ef:cd:79:
da:f9:4b:c4:6b:3a:31:af:6f:82:25:24:4d:6b:2d:
61:fa:7d:66:0b:c3:3b:53:79:79:75:5d:58:4d:d3:
32:66:91:64:ee:e5:ca:f4:ed:af:5d:d3:47:9b:1d:
f3:7a:15:e6:21:a7:a2:d1:e1:81:98:53:f6:40:cf:
e3:a1:66:29:f3:03:33:2f:7c:78:49:72:ee:3a:0c:
67:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:ED:63:69:74:51:3C:01:3D:10:E8:DE:1F:0F:F9:66:95:7D:B5:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8351B40C996611F0AE4404E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.37.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:f0:f3:a8:0f:50:68:1a:1c:1e:c8:1f:a0:9e:ab:09:b2:7c:
89:23:1a:5e:dd:71:a7:48:e8:86:d9:51:3a:ef:d7:85:b0:ea:
1f:89:11:bc:05:b8:0f:d9:39:a8:28:18:31:0a:62:d0:26:4f:
e9:82:7c:d6:ba:df:14:fb:4f:ce:19:14:dc:de:73:dc:0a:9b:
b0:35:1d:25:2b:78:a2:36:7b:19:d4:cc:28:ff:a4:8a:0b:7c:
0f:e2:6f:12:6d:22:9e:59:ae:9e:33:35:97:eb:45:a8:39:70:
c8:bd:25:75:98:67:ed:8f:5b:7b:53:2c:78:69:be:88:9b:91:
f6:89:16:a7:7c:fe:8c:cd:d9:5d:83:85:85:de:ac:57:93:3c:
2a:82:47:cc:d4:fd:34:cd:aa:8b:cb:1e:f8:6f:f8:af:07:05:
20:89:02:5b:42:39:4d:e6:87:a4:e6:3b:2c:b5:ef:a6:c2:be:
cd:dc:20:37:5e:cc:98:e3:b5:9b:d7:a2:4c:5c:b3:09:57:db:
bc:56:3b:7f:07:c8:b3:9d:fd:e8:3f:4a:fb:7e:9e:80:0d:62:
6a:91:00:93:72:12:5f:12:ca:0f:30:57:5c:d0:48:c7:f9:97:
fc:6a:96:03:4a:f7:ba:8d:93:ae:ca:e5:5d:91:81:13:71:0c:
46:f9:db:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaCYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTY0OTU4WhcNMjUxMDMwMTY0OTU4WjAYMRYw
FAYDVQQDEw02OGQ0MjEzYS1kZTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlbBtsCdo6+8JzNCyAx3t34YHZS7WQ6WcsUDFOmyVhdBGoP5G9ulHogL5
CR56iGRfvhlZcm2PLljfHRZrPCPzP6ngjKA+NHv1pbSZDFU856XA6CIcwf2YDc/H
tualhwzewDbSDCjHcY6v6ySEUs/gfMX8N9c9fHGjLDn914XgBTW3/ju1WGyRaU/9
js2LCseKCGXKT5LWLZqg0SyKboXgCrPzPYOE1yOyznZCZztBZ17vzXna+UvEazox
r2+CJSRNay1h+n1mC8M7U3l5dV1YTdMyZpFk7uXK9O2vXdNHmx3zehXmIaei0eGB
mFP2QM/joWYp8wMzL3x4SXLuOgxngQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCHt
Y2l0UTwBPRDo3h8P+WaVfbVoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MzUxQjQwQzk5NjYxMUYwQUU0NDA0RTNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlslMA0GCSqGSIb3DQEB
CwUAA4IBAQAu8POoD1BoGhweyB+gnqsJsnyJIxpe3XGnSOiG2VE679eFsOofiRG8
BbgP2TmoKBgxCmLQJk/pgnzWut8U+0/OGRTc3nPcCpuwNR0lK3iiNnsZ1Mwo/6SK
C3wP4m8SbSKeWa6eMzWX60WoOXDIvSV1mGftj1t7Uyx4ab6Im5H2iRanfP6Mzdld
g4WF3qxXkzwqgkfM1P00zaqLyx74b/ivBwUgiQJbQjlN5oek5jsste+mwr7N3CA3
XsyY47Wb16JMXLMJV9u8Vjt/B8iznf3oP0r7fp6ADWJqkQCTchJfEsoPMFdc0EjH
+Zf8apYDSve6jZOuyuVdkYETcQxG+dvP
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:13 2025 by rpki-client