Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D0A7458AA6D11F0BFDC118CDAE4EC9C.roa
File: 8D0A7458AA6D11F0BFDC118CDAE4EC9C.roa (raw, json)
Hash identifier: kpTmKKCEzVyriCrEXE4+LAwHXjwFHxIPTRMCUqNSNv4=
Subject key identifier: DA:B8:CB:35:EA:94:DE:CB:B9:B5:57:6A:FE:8F:A0:EF:92:43:7C:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A3D7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D0A7458AA6D11F0BFDC118CDAE4EC9C.roa
Signing time: Thu 16 Oct 2025 08:53:15 +0000
ROA not before: Thu 16 Oct 2025 08:53:10 +0000
ROA not after: Sat 25 Oct 2025 08:53:10 +0000
asID: 23764
IP address blocks: 154.209.21.0/24 maxlen: 24
154.209.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107479 (0x1a3d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 08:53:10 2025 GMT
Not After : Oct 25 08:53:10 2025 GMT
Subject: CN=68f0b27b-7ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:59:23:2d:ed:84:35:6c:7e:de:67:e4:95:a0:
cd:44:78:b0:d0:8d:69:8e:58:6f:57:35:3c:49:7b:
12:cf:e3:4d:c7:d3:19:9f:4f:4b:5b:c6:75:e7:23:
a6:34:58:ae:f1:d0:0e:e9:d2:3b:74:24:45:e7:fd:
9b:d5:d4:01:c9:d7:52:ec:ed:71:dd:77:20:de:d8:
85:b3:ea:f2:9c:75:c0:eb:01:02:c4:3c:d2:67:50:
60:4d:8e:e4:9f:9a:50:86:f9:78:74:39:ff:44:ea:
4f:4e:0d:90:1b:be:1d:83:4e:16:57:69:8a:53:35:
39:15:29:67:8d:43:1b:f0:0a:f6:31:09:15:97:d9:
22:6a:11:3f:e9:25:d2:65:85:d1:02:b6:89:be:1b:
30:3b:6f:f0:70:94:5f:b1:a5:32:c0:01:01:7a:ec:
79:b4:06:48:30:ef:cc:a3:8a:81:2f:d1:91:45:af:
da:a1:e5:17:46:16:eb:42:fc:cb:cd:8f:c5:9d:75:
a8:e8:f6:42:03:d6:f8:b2:de:48:15:59:e3:6d:a4:
76:31:eb:80:3a:d3:b9:57:60:aa:8f:cf:fc:3b:ce:
8a:ea:52:bf:9b:b9:78:2e:68:64:4f:17:c5:c3:53:
60:ae:b8:71:53:0f:5e:e6:99:a0:eb:b6:58:da:88:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:CB:35:EA:94:DE:CB:B9:B5:57:6A:FE:8F:A0:EF:92:43:7C:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D0A7458AA6D11F0BFDC118CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.21.0/24
154.209.23.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5f:05:a1:01:8d:50:7e:88:7e:93:49:aa:e4:a8:64:57:04:
db:65:6f:aa:28:d6:55:9d:d5:46:ec:6f:b2:33:dc:af:83:69:
53:e4:12:58:38:cf:77:a1:4b:4d:a8:18:59:68:9b:6b:35:86:
09:32:17:34:de:be:22:8f:22:0e:44:09:5d:16:d9:8f:36:a3:
f2:b2:2c:19:75:7b:f8:85:2d:c4:32:b3:e1:0b:08:a2:05:03:
07:a7:88:47:6d:e1:7d:8a:dc:ef:ba:d6:e4:d6:ad:af:74:5e:
5c:a6:8b:3a:b0:b4:22:eb:15:c1:c6:f8:f6:b4:4a:8c:2e:55:
b3:30:a8:4c:a9:5b:8a:28:c9:cf:23:61:b7:8c:b2:cd:b1:23:
27:0f:70:69:13:7f:f4:3e:94:3b:8b:14:5a:c8:3a:68:56:70:
aa:18:e3:82:d0:8a:38:0c:0a:4e:75:78:b2:dc:33:d3:eb:e5:
21:07:52:cb:ab:99:a8:89:42:b2:b7:24:44:e2:fb:ba:19:e3:
fa:ae:06:ef:18:d3:04:a7:6c:61:ea:77:3e:80:fd:d6:42:1e:
84:d0:e6:30:b2:eb:d6:14:92:c1:16:10:a1:ed:78:18:02:35:
88:cf:91:5b:79:fe:b9:46:e7:a0:a9:b3:d0:38:26:1e:ba:20:
03:ab:36:cf
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaPXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MDg1MzEwWhcNMjUxMDI1MDg1MzEwWjAYMRYw
FAYDVQQDEw02OGYwYjI3Yi03ZWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAolkjLe2ENWx+3mfklaDNRHiw0I1pjlhvVzU8SXsSz+NNx9MZn09LW8Z1
5yOmNFiu8dAO6dI7dCRF5/2b1dQByddS7O1x3Xcg3tiFs+rynHXA6wECxDzSZ1Bg
TY7kn5pQhvl4dDn/ROpPTg2QG74dg04WV2mKUzU5FSlnjUMb8Ar2MQkVl9kiahE/
6SXSZYXRAraJvhswO2/wcJRfsaUywAEBeux5tAZIMO/Mo4qBL9GRRa/aoeUXRhbr
QvzLzY/FnXWo6PZCA9b4st5IFVnjbaR2MeuAOtO5V2Cqj8/8O86K6lK/m7l4Lmhk
TxfFw1NgrrhxUw9e5pmg67ZY2ogPjwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNq4
yzXqlN7LubVXav6PoO+SQ3zgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RDBBNzQ1OEFBNkQxMUYwQkZEQzExOENEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmtEVAwQAmtEXMA0GCSqG
SIb3DQEBCwUAA4IBAQANXwWhAY1Qfoh+k0mq5KhkVwTbZW+qKNZVndVG7G+yM9yv
g2lT5BJYOM93oUtNqBhZaJtrNYYJMhc03r4ijyIORAldFtmPNqPysiwZdXv4hS3E
MrPhCwiiBQMHp4hHbeF9itzvutbk1q2vdF5cpos6sLQi6xXBxvj2tEqMLlWzMKhM
qVuKKMnPI2G3jLLNsSMnD3BpE3/0PpQ7ixRayDpoVnCqGOOC0Io4DApOdXiy3DPT
6+UhB1LLq5moiUKytyRE4vu6GeP6rgbvGNMEp2xh6nc+gP3WQh6E0OYwsuvWFJLB
FhCh7XgYAjWIz5Fbef65RuegqbPQOCYeuiADqzbP
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:20 2025 by rpki-client