Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89CB9E4EA4EA11F0AF6D9398DAE4EC9C.roa
File: 89CB9E4EA4EA11F0AF6D9398DAE4EC9C.roa (raw, json)
Hash identifier: fPBASCNpSbY0UZBkNwJw3Wv5np2zmQLy0Hpm4lldb5Q=
Subject key identifier: B5:32:90:C2:EE:30:9F:DE:60:D0:E3:0B:3D:F8:24:85:20:4B:87:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A2F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89CB9E4EA4EA11F0AF6D9398DAE4EC9C.roa
Signing time: Thu 09 Oct 2025 08:32:49 +0000
ROA not before: Thu 09 Oct 2025 08:32:45 +0000
ROA not after: Mon 17 Nov 2025 08:32:45 +0000
asID: 153671
IP address blocks: 154.81.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107254 (0x1a2f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 9 08:32:45 2025 GMT
Not After : Nov 17 08:32:45 2025 GMT
Subject: CN=68e77331-2c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:06:37:4f:b8:0c:0b:8a:c1:3b:13:b4:32:1e:
61:b3:49:d0:ca:19:63:21:a7:44:b6:1d:2a:f9:e9:
32:3b:3e:f5:4b:3a:6c:9e:58:59:72:43:28:63:ec:
93:53:98:c0:e1:49:1b:79:1d:5d:a6:29:18:58:79:
8c:c8:70:5a:9e:d7:ec:17:7b:e3:cb:38:47:87:d3:
c3:f7:f9:5b:8c:75:90:0d:7a:67:75:6a:c9:6f:8a:
d0:89:f0:cf:4c:12:91:da:8d:2f:82:33:fd:79:a7:
48:4d:f5:37:23:e1:a0:df:d5:68:d1:f3:dc:e6:43:
31:d2:75:6b:55:ab:67:51:4c:a3:44:7a:33:30:96:
ee:c9:3f:b5:a8:bb:3b:f7:a7:d6:0e:e2:8a:1d:09:
6f:39:0d:ab:70:bc:f1:34:9e:20:8d:10:2d:11:12:
82:af:2e:f6:94:fe:2a:41:06:65:e5:23:c3:a1:08:
ea:cc:f9:fc:9a:d6:68:aa:a8:7e:4c:48:4a:7c:50:
b6:e7:bc:c3:78:a0:19:2c:bc:79:82:b5:ed:1b:e7:
15:fa:12:b3:f4:9c:8a:64:16:11:0f:f5:82:0c:4e:
e4:0b:37:22:89:8b:db:b3:b3:43:8a:49:3c:32:6c:
55:f1:e9:b9:e5:ed:36:75:86:dd:ff:a4:6c:b5:0f:
f8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:32:90:C2:EE:30:9F:DE:60:D0:E3:0B:3D:F8:24:85:20:4B:87:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89CB9E4EA4EA11F0AF6D9398DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.152.0/22
Signature Algorithm: sha256WithRSAEncryption
66:82:ff:27:d8:42:2d:8d:a2:03:b9:0d:64:f9:e6:7f:60:91:
30:e9:a7:f6:10:f1:57:3b:07:04:b6:e2:30:d3:f9:63:41:c3:
41:81:4c:88:18:79:a3:1e:52:78:32:d3:7a:f7:91:15:a3:52:
37:2b:ac:32:21:ee:69:28:21:1a:50:eb:60:8f:ab:e7:f3:0c:
89:1f:c1:79:42:61:2e:4c:51:5e:29:5e:2e:32:63:87:5f:22:
0b:94:58:2b:56:c2:60:fa:8e:1f:32:a2:ae:ad:4e:47:66:0e:
cc:02:97:68:d7:f4:da:cb:4f:5f:9f:2c:56:da:ec:d3:48:c1:
b9:15:25:05:7f:35:36:1c:e5:1a:91:72:fe:d4:37:c1:1b:ff:
c0:b8:0a:af:3c:ca:dd:9d:5c:25:88:29:29:bb:62:50:37:d6:
25:34:e8:16:e2:12:ff:c5:13:43:49:92:69:db:b5:31:68:a2:
b7:4a:c6:7a:f6:8f:d0:94:fb:7f:20:05:78:d8:57:5c:c7:98:
bf:d4:4d:6a:b5:d5:5d:5a:0d:29:90:98:ed:0b:bb:ff:f0:8a:
ca:8a:e4:57:47:5a:ed:fa:d4:80:a3:67:fd:5b:61:42:dd:b6:
9b:30:88:84:84:82:bd:d0:cb:c7:3b:09:bc:ba:fc:86:0b:85:
d7:9f:9b:0d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaL2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA5MDgzMjQ1WhcNMjUxMTE3MDgzMjQ1WjAYMRYw
FAYDVQQDEw02OGU3NzMzMS0yYzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqgY3T7gMC4rBOxO0Mh5hs0nQyhljIadEth0q+ekyOz71SzpsnlhZckMo
Y+yTU5jA4UkbeR1dpikYWHmMyHBantfsF3vjyzhHh9PD9/lbjHWQDXpndWrJb4rQ
ifDPTBKR2o0vgjP9eadITfU3I+Gg39Vo0fPc5kMx0nVrVatnUUyjRHozMJbuyT+1
qLs796fWDuKKHQlvOQ2rcLzxNJ4gjRAtERKCry72lP4qQQZl5SPDoQjqzPn8mtZo
qqh+TEhKfFC257zDeKAZLLx5grXtG+cV+hKz9JyKZBYRD/WCDE7kCzciiYvbs7ND
ikk8MmxV8em55e02dYbd/6RstQ/4rQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLUy
kMLuMJ/eYNDjCz34JIUgS4f6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUNCOUU0RUE0RUExMUYwQUY2RDkzOThEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlGYMA0GCSqGSIb3DQEB
CwUAA4IBAQBmgv8n2EItjaIDuQ1k+eZ/YJEw6af2EPFXOwcEtuIw0/ljQcNBgUyI
GHmjHlJ4MtN695EVo1I3K6wyIe5pKCEaUOtgj6vn8wyJH8F5QmEuTFFeKV4uMmOH
XyILlFgrVsJg+o4fMqKurU5HZg7MApdo1/Tay09fnyxW2uzTSMG5FSUFfzU2HOUa
kXL+1DfBG//AuAqvPMrdnVwliCkpu2JQN9YlNOgW4hL/xRNDSZJp27UxaKK3SsZ6
9o/QlPt/IAV42Fdcx5i/1E1qtdVdWg0pkJjtC7v/8IrKiuRXR1rt+tSAo2f9W2FC
3babMIiEhIK90MvHOwm8uvyGC4XXn5sN
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:14 2025 by rpki-client