Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91B7DE60A99F11F0A0CDBB89DAE4EC9C.roa
File: 91B7DE60A99F11F0A0CDBB89DAE4EC9C.roa (raw, json)
Hash identifier: vCYznkQ9PWLWZCtNvd9iPhwlSlwNYds76Mapl5QWQ4Q=
Subject key identifier: B6:6D:C2:53:21:B5:7A:06:83:7E:54:1D:28:18:8E:CE:F2:B2:8E:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A381
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91B7DE60A99F11F0A0CDBB89DAE4EC9C.roa
Signing time: Wed 15 Oct 2025 08:18:46 +0000
ROA not before: Wed 15 Oct 2025 08:18:41 +0000
ROA not after: Mon 20 Oct 2025 08:18:41 +0000
asID: 22773
IP address blocks: 154.194.16.0/22 maxlen: 24
154.194.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Oct 2025 08:18:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107393 (0x1a381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 15 08:18:41 2025 GMT
Not After : Oct 20 08:18:41 2025 GMT
Subject: CN=68ef58e6-5174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e8:73:2d:89:17:30:ad:d7:8c:15:5f:ea:5a:
aa:17:14:46:4b:44:88:e0:61:af:15:84:5d:d4:65:
b2:3b:ff:46:0a:39:5d:a1:7d:03:20:ca:32:7e:08:
04:31:b8:62:10:e8:2c:f8:b9:58:05:09:5f:01:3d:
42:48:9a:eb:c2:bf:0f:19:7e:1b:6d:64:de:d7:00:
7f:89:56:52:6b:9d:29:11:01:83:76:b3:21:82:52:
e8:21:35:2f:f2:c9:5c:4c:fb:b5:28:ca:a8:e9:a6:
97:86:ea:b6:c7:2b:2a:aa:24:85:71:44:37:d2:9c:
dd:d6:fe:b3:44:75:8b:d7:af:dd:13:41:27:71:1e:
41:32:77:88:59:7e:78:95:4b:c5:a0:48:51:2b:63:
c6:f7:8c:74:78:ef:33:89:06:93:b8:20:db:ae:d4:
b6:42:b9:32:c3:df:d9:57:b9:83:36:d5:86:7d:f6:
38:19:4d:7f:4a:f4:8b:7b:bc:8f:e0:73:0e:be:fa:
12:50:5d:31:d8:fc:37:b6:6d:c6:2d:90:a5:4f:f6:
9f:f8:a5:5c:62:f2:f0:6e:ff:e8:71:a2:b6:db:2a:
80:95:74:22:cd:92:70:12:ed:8a:06:8a:30:3f:59:
cd:68:b9:b4:14:be:f8:20:7c:2f:a3:82:bf:16:2a:
b0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6D:C2:53:21:B5:7A:06:83:7E:54:1D:28:18:8E:CE:F2:B2:8E:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91B7DE60A99F11F0A0CDBB89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
154.194.24.0/22
Signature Algorithm: sha256WithRSAEncryption
07:de:4d:0e:ca:6f:d8:3a:07:f7:d3:bd:42:ca:45:5a:e8:1c:
3d:55:c0:62:3e:94:92:f8:20:cf:70:07:c9:35:47:ec:ae:28:
e8:4c:61:39:4d:cf:a4:51:fa:6d:e9:25:e8:58:22:ab:65:42:
01:d0:83:ef:6f:8b:13:51:c0:74:94:7e:3e:9a:40:aa:3f:1c:
ad:a5:05:e7:bf:1a:f0:f3:4a:7e:c4:6d:ff:f0:2f:d6:1d:47:
1c:f8:01:7c:01:87:e7:ec:a3:87:f8:96:f8:6e:9d:b3:90:06:
92:5c:3c:11:e7:05:18:ea:59:87:f0:d5:0d:5f:64:61:6f:c2:
78:a0:9e:9d:c8:e5:90:c4:1e:bc:7c:39:fc:a8:f3:27:82:73:
05:19:5b:0c:a4:da:f9:91:59:39:87:2f:1c:79:89:8b:4f:ed:
06:39:92:24:47:64:aa:27:b1:4d:7b:83:aa:cf:63:c0:2a:1c:
a7:0b:7b:0a:27:18:49:d0:33:10:a2:e5:1e:d3:b3:51:fb:e3:
c4:f8:24:f8:89:f3:42:eb:b5:b1:07:12:db:81:34:ff:79:4b:
25:f9:de:98:83:b1:db:26:96:eb:08:ed:8d:ec:bc:8c:82:2a:
ce:96:20:15:39:0e:7a:bc:da:c1:b2:aa:6c:c0:f7:c4:5f:51:
95:dc:da:e2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaOBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE1MDgxODQxWhcNMjUxMDIwMDgxODQxWjAYMRYw
FAYDVQQDEw02OGVmNThlNi01MTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4uhzLYkXMK3XjBVf6lqqFxRGS0SI4GGvFYRd1GWyO/9GCjldoX0DIMoy
fggEMbhiEOgs+LlYBQlfAT1CSJrrwr8PGX4bbWTe1wB/iVZSa50pEQGDdrMhglLo
ITUv8slcTPu1KMqo6aaXhuq2xysqqiSFcUQ30pzd1v6zRHWL16/dE0EncR5BMneI
WX54lUvFoEhRK2PG94x0eO8ziQaTuCDbrtS2Qrkyw9/ZV7mDNtWGffY4GU1/SvSL
e7yP4HMOvvoSUF0x2Pw3tm3GLZClT/af+KVcYvLwbv/ocaK22yqAlXQizZJwEu2K
BoowP1nNaLm0FL74IHwvo4K/FiqwrQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFLZt
wlMhtXoGg35UHSgYjs7yso7mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MUI3REU2MEE5OUYxMUYwQTBDREJCODlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsIQAwQCmsIYMA0GCSqG
SIb3DQEBCwUAA4IBAQAH3k0Oym/YOgf3071CykVa6Bw9VcBiPpSS+CDPcAfJNUfs
rijoTGE5Tc+kUfpt6SXoWCKrZUIB0IPvb4sTUcB0lH4+mkCqPxytpQXnvxrw80p+
xG3/8C/WHUcc+AF8AYfn7KOH+Jb4bp2zkAaSXDwR5wUY6lmH8NUNX2Rhb8J4oJ6d
yOWQxB68fDn8qPMngnMFGVsMpNr5kVk5hy8ceYmLT+0GOZIkR2SqJ7FNe4Oqz2PA
KhynC3sKJxhJ0DMQouUe07NR++PE+CT4ifNC67WxBxLbgTT/eUsl+d6Yg7HbJpbr
CO2N7LyMgirOliAVOQ56vNrBsqpswPfEX1GV3Nri
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:57 2025 by rpki-client