Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/881CBF1CA29011F09ABCA8D9DAE4EC9C.roa
File: 881CBF1CA29011F09ABCA8D9DAE4EC9C.roa (raw, json)
Hash identifier: 8TTm5/oxNaVhRpVmtRjzcqWLZ9agf59INT9YTZiGohM=
Subject key identifier: F5:CC:FB:98:F7:33:23:C6:05:6C:6C:17:0C:2E:D7:53:B5:8F:6D:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A265
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/881CBF1CA29011F09ABCA8D9DAE4EC9C.roa
Signing time: Mon 06 Oct 2025 08:43:29 +0000
ROA not before: Mon 06 Oct 2025 08:43:25 +0000
ROA not after: Mon 10 Nov 2025 08:43:25 +0000
asID: 51896
IP address blocks: 154.194.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107109 (0x1a265)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 6 08:43:25 2025 GMT
Not After : Nov 10 08:43:25 2025 GMT
Subject: CN=68e38131-7773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4d:e7:2e:78:54:c0:08:33:8a:e0:07:4e:95:
45:62:cd:85:e0:35:17:3b:e5:a0:1c:aa:e4:ee:5f:
d5:7f:b6:97:b8:8a:5b:1d:65:26:0a:15:d0:0e:b9:
d9:1c:a9:62:e4:66:1b:62:2e:b6:2b:b2:ef:91:7c:
3b:87:1c:c4:a1:42:68:08:b2:cb:02:39:b8:23:19:
a3:73:45:8c:a4:41:33:2c:a8:ef:4d:2f:5a:84:97:
3b:42:4b:cb:db:36:cf:cd:79:83:39:63:91:3f:ea:
a7:92:c6:ca:87:40:c4:86:48:fd:2a:ec:18:6e:b3:
a9:2c:a7:c1:84:d6:2d:0f:eb:f2:a2:e2:f5:63:01:
1c:e3:21:08:1a:21:da:c3:74:00:c4:48:0d:b8:70:
1c:d0:5f:7d:3c:91:7c:77:62:65:2d:f3:82:41:2c:
ac:0b:b2:8b:9d:3e:27:7e:e5:2c:f0:7e:bf:d2:27:
bb:a1:47:72:53:d2:55:b8:42:cb:58:88:96:40:43:
cf:7e:4a:4e:35:02:99:89:f3:ad:23:86:14:7f:5e:
cc:1f:ca:93:81:48:02:d6:c3:8d:c7:54:3e:e9:6d:
e3:29:c3:e0:dd:90:af:bc:10:e2:44:c0:e8:8f:52:
e1:3e:3d:89:12:7e:c1:f7:9a:fb:ac:cd:97:54:d8:
cb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CC:FB:98:F7:33:23:C6:05:6C:6C:17:0C:2E:D7:53:B5:8F:6D:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/881CBF1CA29011F09ABCA8D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.43.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:eb:52:83:ef:1b:1b:42:3a:05:a7:06:ac:b5:17:ce:9c:86:
88:c4:2f:0a:ba:d1:b5:76:50:94:eb:5d:4d:61:51:d8:46:61:
f9:7c:fe:3d:44:d8:be:ce:ed:f0:09:a3:d6:8b:ad:28:54:8e:
34:3a:ca:d4:d9:49:ac:3f:18:9c:bb:d6:6c:45:71:df:5f:dd:
62:a5:bf:cc:d7:84:bc:a6:3f:4f:af:4c:f4:58:f8:a3:c4:f6:
66:cb:32:36:ff:e8:f2:78:80:d6:b1:ed:f9:15:f5:d1:4b:b6:
f8:a3:76:60:fc:d0:6a:b6:20:1f:77:ef:c4:5c:87:4b:2e:3e:
16:d2:b6:4c:06:b8:03:f2:34:0a:6e:e9:2a:5f:4e:af:09:1c:
91:48:88:f8:43:c0:90:ea:67:26:73:a2:a1:bd:ba:0d:bc:e3:
06:06:eb:cb:98:5a:7e:c2:4c:f4:66:31:72:e8:d3:ef:19:3a:
61:9b:41:8b:63:1e:2d:01:d2:89:96:11:9c:20:f5:3b:08:c3:
89:59:5b:35:bc:87:ea:c5:e6:18:97:7f:fc:0f:c4:5c:01:18:
a5:b3:f0:3f:ce:7c:51:07:dc:44:71:ae:e4:c7:07:5c:3f:c8:
74:b9:2a:0d:09:ca:07:e8:d9:73:c7:ad:53:c6:be:95:a3:72:
ed:d1:9f:b0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaJlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA2MDg0MzI1WhcNMjUxMTEwMDg0MzI1WjAYMRYw
FAYDVQQDEw02OGUzODEzMS03NzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2E3nLnhUwAgziuAHTpVFYs2F4DUXO+WgHKrk7l/Vf7aXuIpbHWUmChXQ
DrnZHKli5GYbYi62K7LvkXw7hxzEoUJoCLLLAjm4Ixmjc0WMpEEzLKjvTS9ahJc7
QkvL2zbPzXmDOWORP+qnksbKh0DEhkj9KuwYbrOpLKfBhNYtD+vyouL1YwEc4yEI
GiHaw3QAxEgNuHAc0F99PJF8d2JlLfOCQSysC7KLnT4nfuUs8H6/0ie7oUdyU9JV
uELLWIiWQEPPfkpONQKZifOtI4YUf17MH8qTgUgC1sONx1Q+6W3jKcPg3ZCvvBDi
RMDoj1LhPj2JEn7B95r7rM2XVNjLAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPXM
+5j3MyPGBWxsFwwu11O1j236MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODFDQkYxQ0EyOTAxMUYwOUFCQ0E4RDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIrMA0GCSqGSIb3DQEB
CwUAA4IBAQAO61KD7xsbQjoFpwastRfOnIaIxC8KutG1dlCU611NYVHYRmH5fP49
RNi+zu3wCaPWi60oVI40OsrU2UmsPxicu9ZsRXHfX91ipb/M14S8pj9Pr0z0WPij
xPZmyzI2/+jyeIDWse35FfXRS7b4o3Zg/NBqtiAfd+/EXIdLLj4W0rZMBrgD8jQK
bukqX06vCRyRSIj4Q8CQ6mcmc6KhvboNvOMGBuvLmFp+wkz0ZjFy6NPvGTphm0GL
Yx4tAdKJlhGcIPU7CMOJWVs1vIfqxeYYl3/8D8RcARils/A/znxRB9xEca7kxwdc
P8h0uSoNCcoH6Nlzx61Txr6Vo3Lt0Z+w
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:03 2025 by rpki-client