Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872135A8ADAC11F0AFDDAF91DAE4EC9C.roa
File: 872135A8ADAC11F0AFDDAF91DAE4EC9C.roa (raw, json)
Hash identifier: crqouZAmtPJa4lDY0j5mS98cJp4n1L/brRfhZ3dOh1k=
Subject key identifier: 89:A0:34:CE:D0:55:BD:CA:00:3D:76:50:D9:F1:4A:23:64:DA:62:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A457
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872135A8ADAC11F0AFDDAF91DAE4EC9C.roa
Signing time: Mon 20 Oct 2025 12:01:36 +0000
ROA not before: Mon 20 Oct 2025 12:01:32 +0000
ROA not after: Sun 30 Nov 2025 12:01:32 +0000
asID: 142032
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 Oct 2025 13:41:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107607 (0x1a457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 20 12:01:32 2025 GMT
Not After : Nov 30 12:01:32 2025 GMT
Subject: CN=68f624a0-8c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:51:d9:4d:e1:a3:a4:18:a0:f0:2b:a4:89:18:
ab:ab:c4:8d:9c:6f:04:de:d6:60:8d:75:92:e2:23:
f0:71:44:77:9a:13:cc:d6:59:2e:9b:4e:f2:ee:c5:
d7:c7:d6:80:ed:fe:7d:c0:7e:df:0d:2d:4f:9d:5a:
a8:8b:43:31:24:c9:58:c4:62:c5:fc:04:b6:27:74:
fe:db:52:ce:03:25:ee:24:08:f2:d9:68:17:50:67:
9f:29:f7:b4:88:fa:ed:95:8e:45:6e:5d:2b:1f:e2:
15:66:c1:6b:58:49:48:4f:94:26:53:7b:5d:58:11:
b9:27:16:38:55:43:19:02:f6:a5:6e:f4:0d:07:35:
73:b6:bf:18:20:86:e4:3c:e7:cd:93:a3:29:86:23:
09:b0:71:cb:2a:47:76:e7:83:a3:29:fc:2a:08:0b:
5a:0d:5f:71:0e:25:d6:5b:50:d7:ce:7e:97:89:aa:
3b:b6:18:16:54:38:84:62:19:e2:11:ce:2c:82:31:
8a:be:c7:56:d1:ea:3a:64:ff:b8:c3:26:19:6f:31:
6c:23:f8:87:38:95:b5:cd:93:91:69:bb:9f:b4:31:
c0:5d:73:eb:60:80:b4:e6:ef:03:11:20:78:55:33:
94:53:a5:c0:7f:8d:af:27:63:10:a2:80:6e:f7:a7:
31:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A0:34:CE:D0:55:BD:CA:00:3D:76:50:D9:F1:4A:23:64:DA:62:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/872135A8ADAC11F0AFDDAF91DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
59:3f:9c:7a:55:53:71:a7:17:13:2a:98:78:7d:67:3c:ae:fb:
c2:40:8d:cf:cf:d9:44:31:a8:bc:95:14:cf:54:73:59:40:38:
12:2a:18:08:69:06:69:ef:13:32:dd:34:2c:d9:92:63:a8:b6:
ca:84:35:db:f0:a8:96:da:a8:2e:f9:d1:ce:80:7f:8c:99:fc:
ca:d8:96:5a:ab:1f:5f:c8:bc:f5:be:87:38:45:59:bd:17:c2:
76:50:ff:ab:a1:26:3e:92:bd:33:ae:ae:2a:bf:9a:a9:66:36:
67:59:0c:9f:28:b0:4b:5a:60:b3:7b:9c:69:7d:54:bd:fe:1a:
78:b4:82:49:b9:43:d2:bc:10:73:e4:de:73:6a:f4:d8:b9:ca:
cd:be:38:5b:18:5d:e1:c7:d6:7f:e1:33:a2:10:21:f8:39:13:
22:f2:55:aa:65:29:dd:c9:80:fd:ae:50:55:4f:b6:42:b0:70:
52:87:05:98:8a:17:dd:fe:a8:66:f4:0e:bc:91:d0:2b:49:4c:
ff:1f:c5:f6:3b:95:82:d2:93:b4:c6:16:72:a3:65:f7:e5:39:
4b:9a:c5:a9:03:cc:86:e6:3b:1a:3f:26:6d:7b:95:57:40:62:
23:e1:9b:38:99:16:aa:ad:52:f0:d9:95:26:b6:a4:53:a2:03:
e7:a4:83:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaRXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIwMTIwMTMyWhcNMjUxMTMwMTIwMTMyWjAYMRYw
FAYDVQQDEw02OGY2MjRhMC04YzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7FHZTeGjpBig8CukiRirq8SNnG8E3tZgjXWS4iPwcUR3mhPM1lkum07y
7sXXx9aA7f59wH7fDS1PnVqoi0MxJMlYxGLF/AS2J3T+21LOAyXuJAjy2WgXUGef
Kfe0iPrtlY5Fbl0rH+IVZsFrWElIT5QmU3tdWBG5JxY4VUMZAvalbvQNBzVztr8Y
IIbkPOfNk6MphiMJsHHLKkd254OjKfwqCAtaDV9xDiXWW1DXzn6Xiao7thgWVDiE
YhniEc4sgjGKvsdW0eo6ZP+4wyYZbzFsI/iHOJW1zZORabuftDHAXXPrYIC05u8D
ESB4VTOUU6XAf42vJ2MQooBu96cxNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFImg
NM7QVb3KAD12UNnxSiNk2mJzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzIxMzVBOEFEQUMxMUYwQUZEREFGOTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBZP5x6VVNxpxcTKph4fWc8rvvCQI3Pz9lEMai8lRTPVHNZQDgSKhgI
aQZp7xMy3TQs2ZJjqLbKhDXb8KiW2qgu+dHOgH+MmfzK2JZaqx9fyLz1voc4RVm9
F8J2UP+roSY+kr0zrq4qv5qpZjZnWQyfKLBLWmCze5xpfVS9/hp4tIJJuUPSvBBz
5N5zavTYucrNvjhbGF3hx9Z/4TOiECH4ORMi8lWqZSndyYD9rlBVT7ZCsHBShwWY
ihfd/qhm9A68kdArSUz/H8X2O5WC0pO0xhZyo2X35TlLmsWpA8yG5jsaPyZte5VX
QGIj4Zs4mRaqrVLw2ZUmtqRTogPnpIPK
-----END CERTIFICATE-----
Generated at Tue Oct 28 00:43:01 2025 by rpki-client