Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B4A9C588C8E11F0B310D690DAE4EC9C.roa
File: 8B4A9C588C8E11F0B310D690DAE4EC9C.roa (raw, json)
Hash identifier: Me/CbpXeN9ltmdC7Vl6rAqMQBxi8xtsp4nik+VugbYE=
Subject key identifier: F4:9C:19:BB:F8:53:1F:B1:82:28:7A:49:3B:40:81:16:41:03:0B:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019EB3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B4A9C588C8E11F0B310D690DAE4EC9C.roa
Signing time: Mon 08 Sep 2025 08:33:50 +0000
ROA not before: Mon 08 Sep 2025 08:33:45 +0000
ROA not after: Thu 04 Dec 2025 08:33:45 +0000
asID: 135377
IP address blocks: 154.81.12.0/24 maxlen: 24
154.81.13.0/24 maxlen: 24
154.81.14.0/24 maxlen: 24
154.81.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106163 (0x19eb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 8 08:33:45 2025 GMT
Not After : Dec 4 08:33:45 2025 GMT
Subject: CN=68be94ee-4699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:28:78:af:c9:82:31:fb:91:fd:c7:f9:b1:80:
ad:88:eb:37:48:f5:d0:8c:18:22:78:98:6d:d2:96:
92:15:97:12:9a:f0:a3:c2:9f:d2:c2:24:a8:54:9d:
e5:d3:72:bc:25:05:ca:09:cb:50:21:65:68:99:55:
f1:4d:73:f4:fe:df:16:1b:24:fe:67:21:1f:f6:73:
7c:50:95:1a:c2:4b:1c:60:5e:75:a6:5a:34:2f:89:
33:18:a6:3e:50:98:ef:aa:38:e3:b4:bd:77:68:c6:
35:9d:cb:96:9e:41:42:81:60:95:e9:ab:ff:d7:e8:
8c:85:eb:ed:a6:92:34:3d:80:d2:eb:5b:8f:66:5d:
ba:5b:51:aa:39:cb:f4:39:74:bf:e7:29:6a:8a:1c:
38:ac:53:dc:a5:33:28:2a:43:d0:c7:14:67:8d:a5:
7a:05:ab:a8:b6:6b:08:13:7e:f4:0f:23:dd:07:88:
28:df:93:b8:c3:f3:be:4c:ec:6b:5e:97:19:16:3a:
cf:46:9b:3f:1a:a4:7d:21:ca:50:bf:bf:21:b3:94:
50:01:9c:e7:25:24:34:10:d7:7a:3f:dc:7d:92:02:
d5:6f:5e:f7:95:73:99:56:ef:fd:62:da:10:c2:57:
05:01:c6:df:8e:1a:d0:5c:47:87:fd:68:40:7d:b4:
42:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9C:19:BB:F8:53:1F:B1:82:28:7A:49:3B:40:81:16:41:03:0B:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B4A9C588C8E11F0B310D690DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.12.0/22
Signature Algorithm: sha256WithRSAEncryption
05:56:77:88:6d:7b:0c:99:18:28:fb:a5:23:84:90:1b:56:65:
4e:82:d5:f1:30:68:cc:53:b7:50:cd:a3:f9:b0:cc:7d:bc:16:
0c:a7:0f:f3:19:bc:11:52:49:09:f5:d5:50:d6:3f:7d:6b:ff:
86:aa:0d:24:11:5e:b7:48:be:51:9b:77:af:45:c5:c5:be:b2:
6e:fc:13:6a:08:1b:ec:29:c2:d3:6a:13:67:48:e8:a2:db:ea:
21:ac:bf:f4:4a:c4:9d:f7:fe:e0:2c:c3:57:a8:cb:25:6b:64:
ac:ca:53:32:2b:19:6f:5c:1a:63:a4:99:0b:b5:8c:e5:ec:e9:
3e:e4:b0:d3:27:ff:27:a3:2e:e7:6c:a4:70:5d:b1:96:17:69:
db:71:e4:c0:16:22:f7:24:03:19:73:e5:04:f0:56:80:bf:ee:
85:68:4a:b8:c0:1f:4b:68:72:35:19:d2:c9:ac:18:80:43:41:
c0:f3:5b:f6:cf:c9:32:6f:65:15:b5:a7:ad:f9:ef:82:de:6f:
25:91:87:8d:d7:c2:27:46:99:11:40:e0:a1:02:74:c3:b2:1a:
e9:b4:66:e3:34:4d:2d:59:43:29:ff:78:bb:88:93:f3:36:4a:
01:ae:54:20:1e:fc:c8:37:5a:a5:82:88:79:76:7c:73:7a:05:
5e:cd:b3:6c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ6zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTA4MDgzMzQ1WhcNMjUxMjA0MDgzMzQ1WjAYMRYw
FAYDVQQDEw02OGJlOTRlZS00Njk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxCh4r8mCMfuR/cf5sYCtiOs3SPXQjBgieJht0paSFZcSmvCjwp/SwiSo
VJ3l03K8JQXKCctQIWVomVXxTXP0/t8WGyT+ZyEf9nN8UJUawkscYF51plo0L4kz
GKY+UJjvqjjjtL13aMY1ncuWnkFCgWCV6av/1+iMhevtppI0PYDS61uPZl26W1Gq
Ocv0OXS/5ylqihw4rFPcpTMoKkPQxxRnjaV6BauotmsIE370DyPdB4go35O4w/O+
TOxrXpcZFjrPRps/GqR9IcpQv78hs5RQAZznJSQ0ENd6P9x9kgLVb173lXOZVu/9
YtoQwlcFAcbfjhrQXEeH/WhAfbRCSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPSc
Gbv4Ux+xgih6STtAgRZBAwvfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjRBOUM1ODhDOEUxMUYwQjMxMEQ2OTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlEMMA0GCSqGSIb3DQEB
CwUAA4IBAQAFVneIbXsMmRgo+6UjhJAbVmVOgtXxMGjMU7dQzaP5sMx9vBYMpw/z
GbwRUkkJ9dVQ1j99a/+Gqg0kEV63SL5Rm3evRcXFvrJu/BNqCBvsKcLTahNnSOii
2+ohrL/0SsSd9/7gLMNXqMsla2SsylMyKxlvXBpjpJkLtYzl7Ok+5LDTJ/8noy7n
bKRwXbGWF2nbceTAFiL3JAMZc+UE8FaAv+6FaEq4wB9LaHI1GdLJrBiAQ0HA81v2
z8kyb2UVtaet+e+C3m8lkYeN18InRpkRQOChAnTDshrptGbjNE0tWUMp/3i7iJPz
NkoBrlQgHvzIN1qlgoh5dnxzegVezbNs
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:41 2025 by rpki-client