Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8443624AB00C11F08C1160E8DAE4EC9C.roa
File: 8443624AB00C11F08C1160E8DAE4EC9C.roa (raw, json)
Hash identifier: Bc0uuQM+QO9BVSWZakeoLsXZ5qCHpVcD4RoIKow/dUM=
Subject key identifier: 8B:55:1D:70:E0:E0:0D:59:78:EE:B2:E2:3C:CA:49:A9:F8:43:27:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8443624AB00C11F08C1160E8DAE4EC9C.roa
Signing time: Thu 23 Oct 2025 12:33:46 +0000
ROA not before: Thu 23 Oct 2025 12:33:41 +0000
ROA not after: Sun 30 Nov 2025 12:33:41 +0000
asID: 153671
IP address blocks: 154.196.128.0/24 maxlen: 24
154.196.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 26 Oct 2025 00:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107710 (0x1a4be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 23 12:33:41 2025 GMT
Not After : Nov 30 12:33:41 2025 GMT
Subject: CN=68fa20aa-63ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3f:79:86:ac:38:57:40:06:cc:cc:e4:7a:fd:
31:c2:ed:d0:da:e6:e7:a8:44:56:1a:8e:77:32:da:
58:cd:37:9b:25:83:e5:db:fc:9c:cf:55:bf:81:35:
02:85:eb:6d:17:42:7f:d8:d4:74:e5:ab:1c:52:6f:
ec:61:82:72:4f:a6:ea:c6:62:c4:93:4d:20:2d:bd:
b1:38:f7:be:bb:51:54:e1:68:ac:df:39:2a:bf:85:
f7:07:ac:4b:7e:53:a2:04:95:1d:92:fb:3f:17:8c:
68:f8:a3:11:ec:5b:04:94:22:d9:51:e7:84:f3:b4:
8d:b7:b9:7b:d6:54:fc:64:d5:8c:56:ef:c3:75:35:
4c:c2:cc:dd:6c:82:6c:44:7c:a0:2c:06:7c:0b:3f:
54:63:d9:5c:cf:af:b1:37:b3:48:a3:82:e0:e8:18:
3a:52:9b:d5:96:fa:4b:b3:5c:34:0b:d3:13:2c:7b:
31:9c:34:8d:29:e9:83:85:a2:10:74:95:0d:54:4b:
ad:ec:52:53:f0:35:53:13:92:a0:57:e0:bf:7c:f9:
83:79:34:4c:18:2d:75:89:b1:c9:16:41:8a:f6:7b:
dd:d3:1a:a1:65:ff:53:72:ca:db:ff:a9:11:44:e4:
d1:51:57:20:03:7e:1a:4c:e4:b0:46:de:a1:af:99:
16:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:55:1D:70:E0:E0:0D:59:78:EE:B2:E2:3C:CA:49:A9:F8:43:27:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8443624AB00C11F08C1160E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.128.0/24
154.196.152.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:dc:d7:c6:66:f1:35:63:7f:0d:c3:06:7a:95:17:23:a3:80:
2d:7c:21:00:42:50:64:f1:85:16:ee:63:67:51:5f:b3:c1:23:
5d:31:1b:3d:26:d8:09:e0:78:c1:9c:07:0a:48:5d:5e:5f:0b:
5f:21:d7:f7:8c:a5:8f:6a:78:2e:aa:5c:00:5f:30:7e:8a:08:
3b:e1:94:3e:38:9c:4c:aa:6e:a4:a8:00:b1:5c:95:7d:1f:bc:
90:ca:75:bf:61:12:42:47:48:65:2a:19:68:1d:d2:59:5f:71:
78:00:36:85:68:1a:6b:fd:b0:5c:8b:24:a7:9a:a0:1d:8d:81:
5e:d4:0f:e0:a4:a6:63:c4:a0:77:07:08:2c:36:5f:06:44:29:
75:30:e3:9a:e6:5e:4a:76:d8:b5:90:7c:84:9e:f1:4d:e5:1f:
93:82:61:9f:7c:25:43:10:44:bf:fb:e0:5f:ea:33:10:41:8f:
8f:69:2f:41:65:09:60:73:a9:4e:4a:e1:8c:69:bc:91:95:d5:
44:19:52:64:fd:66:df:70:13:ea:7f:d6:f5:97:85:44:e6:0a:
6b:e9:ee:92:69:ad:28:3b:31:9a:5a:0f:40:8c:bf:a6:3c:33:
e9:30:0b:48:98:30:9b:ff:fe:a3:fe:66:91:ec:81:45:35:1f:
82:4f:28:bb
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaS+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIzMTIzMzQxWhcNMjUxMTMwMTIzMzQxWjAYMRYw
FAYDVQQDEw02OGZhMjBhYS02M2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3D95hqw4V0AGzMzkev0xwu3Q2ubnqERWGo53MtpYzTebJYPl2/ycz1W/
gTUChettF0J/2NR05ascUm/sYYJyT6bqxmLEk00gLb2xOPe+u1FU4Wis3zkqv4X3
B6xLflOiBJUdkvs/F4xo+KMR7FsElCLZUeeE87SNt7l71lT8ZNWMVu/DdTVMwszd
bIJsRHygLAZ8Cz9UY9lcz6+xN7NIo4Lg6Bg6UpvVlvpLs1w0C9MTLHsxnDSNKemD
haIQdJUNVEut7FJT8DVTE5KgV+C/fPmDeTRMGC11ibHJFkGK9nvd0xqhZf9Tcsrb
/6kRROTRUVcgA34aTOSwRt6hr5kWSQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFItV
HXDg4A1ZeO6y4jzKSan4QydvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NDQzNjI0QUIwMEMxMUYwOEMxMTYwRThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsSAAwQDmsSYMA0GCSqG
SIb3DQEBCwUAA4IBAQC13NfGZvE1Y38NwwZ6lRcjo4AtfCEAQlBk8YUW7mNnUV+z
wSNdMRs9JtgJ4HjBnAcKSF1eXwtfIdf3jKWPanguqlwAXzB+igg74ZQ+OJxMqm6k
qACxXJV9H7yQynW/YRJCR0hlKhloHdJZX3F4ADaFaBpr/bBciySnmqAdjYFe1A/g
pKZjxKB3BwgsNl8GRCl1MOOa5l5Kdti1kHyEnvFN5R+TgmGffCVDEES/++Bf6jMQ
QY+PaS9BZQlgc6lOSuGMabyRldVEGVJk/WbfcBPqf9b1l4VE5gpr6e6Saa0oOzGa
Wg9AjL+mPDPpMAtImDCb//6j/maR7IFFNR+CTyi7
-----END CERTIFICATE-----
Generated at Fri Oct 24 14:53:31 2025 by rpki-client