Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A30C1299EA11F0B84C0DC7DAE4EC9C.roa
File: 95A30C1299EA11F0B84C0DC7DAE4EC9C.roa (raw, json)
Hash identifier: YxVoRpd9JjZxLHiLthz3+VjtDWvRXsFeNUlbkZMs6xI=
Subject key identifier: 1D:F3:1F:12:47:E5:4F:7F:F2:34:64:EE:3B:E6:7B:61:16:49:1B:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A30C1299EA11F0B84C0DC7DAE4EC9C.roa
Signing time: Thu 25 Sep 2025 08:35:26 +0000
ROA not before: Thu 25 Sep 2025 08:35:21 +0000
ROA not after: Sat 15 Nov 2025 08:35:21 +0000
asID: 63139
IP address blocks: 154.203.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106723 (0x1a0e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 25 08:35:21 2025 GMT
Not After : Nov 15 08:35:21 2025 GMT
Subject: CN=68d4fece-7df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d5:7e:94:2f:18:4b:0d:38:14:0f:8c:89:e7:
6a:b4:17:e2:e3:53:5e:b9:ef:bd:8f:eb:e8:55:08:
0d:3e:51:25:18:b8:d5:72:4a:dc:b1:34:c1:39:82:
bb:57:9d:e6:b2:96:9c:47:87:ea:e7:6a:69:2d:55:
5b:43:ac:d4:fe:20:ed:0e:12:1c:13:e9:e9:6e:6d:
ed:bc:52:d0:e6:65:7a:b0:ca:7b:49:0b:bd:c9:02:
ab:91:95:dc:02:45:ea:cf:81:20:cc:46:41:a3:f5:
f6:6e:76:f3:ab:c8:7d:22:10:c7:38:30:d5:c1:85:
7b:cc:83:f3:a0:fb:8b:30:9b:0d:e6:88:82:c1:86:
d6:08:23:77:80:4a:37:bd:4c:72:f4:8c:c9:cf:f8:
1e:a8:30:b8:25:fa:c1:47:71:d7:f4:0a:88:38:22:
cb:c8:55:8a:38:b6:e8:6f:63:af:29:3f:ab:29:a4:
cd:2f:bc:2c:ac:c4:57:f3:88:23:90:5d:d4:b4:e9:
87:9d:2f:fa:48:3f:2a:22:f1:4f:18:f5:e6:e7:b2:
6e:5a:3a:9e:09:68:91:32:3d:a8:25:ab:dc:c1:e3:
a9:08:47:60:06:7a:d6:f1:09:dd:86:f9:2d:a7:0e:
9d:d4:26:5f:d1:69:58:6b:7e:f4:08:b2:23:c0:67:
18:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F3:1F:12:47:E5:4F:7F:F2:34:64:EE:3B:E6:7B:61:16:49:1B:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A30C1299EA11F0B84C0DC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.179.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:eb:c6:3c:47:cd:96:60:32:d0:4e:76:1a:50:b1:4e:3d:67:
a4:e3:0d:b5:25:eb:45:8e:da:6e:d0:e4:37:4a:f1:38:fb:8b:
ff:bc:76:c3:26:97:0f:92:14:54:98:06:4c:01:83:9f:b4:9d:
5c:5b:14:13:21:b9:dc:ed:3f:15:8d:cb:4d:83:73:5d:ba:fd:
b4:94:04:b4:c1:c4:e2:6b:f2:31:67:dc:45:1f:8e:ee:d0:1d:
05:d2:95:86:a4:8f:06:78:aa:71:d2:38:b9:fe:a6:71:f2:c7:
f2:7f:44:dc:47:f2:31:ed:77:b0:54:9f:7e:bf:54:5c:c5:dc:
dc:78:98:09:39:6f:01:0d:5b:0e:d6:3d:49:15:fc:41:74:58:
66:3c:bb:b4:67:61:b8:57:7d:99:f6:69:60:ab:5c:06:de:93:
bd:40:10:8e:db:4d:1d:e4:2f:1f:91:c2:c3:2c:44:6b:30:f4:
87:30:f0:0b:f1:ce:3d:eb:95:2a:64:5e:ff:e2:88:82:a8:0f:
3e:f9:c2:9d:c2:e4:97:8c:66:e6:a7:2d:75:e7:29:8e:93:17:
72:14:35:78:23:e6:03:8d:b5:87:c4:f1:62:df:b4:98:d3:2f:
ec:df:70:d8:65:bb:77:06:97:63:f2:89:cf:f2:96:f8:76:73:
17:f5:20:b0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaDjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI1MDgzNTIxWhcNMjUxMTE1MDgzNTIxWjAYMRYw
FAYDVQQDEw02OGQ0ZmVjZS03ZGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuNV+lC8YSw04FA+MiedqtBfi41Neue+9j+voVQgNPlElGLjVckrcsTTB
OYK7V53mspacR4fq52ppLVVbQ6zU/iDtDhIcE+npbm3tvFLQ5mV6sMp7SQu9yQKr
kZXcAkXqz4EgzEZBo/X2bnbzq8h9IhDHODDVwYV7zIPzoPuLMJsN5oiCwYbWCCN3
gEo3vUxy9IzJz/geqDC4JfrBR3HX9AqIOCLLyFWKOLbob2OvKT+rKaTNL7wsrMRX
84gjkF3UtOmHnS/6SD8qIvFPGPXm57JuWjqeCWiRMj2oJavcweOpCEdgBnrW8Qnd
hvktpw6d1CZf0WlYa370CLIjwGcYFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB3z
HxJH5U9/8jRk7jvme2EWSRu1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NUEzMEMxMjk5RUExMUYwQjg0QzBEQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuzMA0GCSqGSIb3DQEB
CwUAA4IBAQC/68Y8R82WYDLQTnYaULFOPWek4w21JetFjtpu0OQ3SvE4+4v/vHbD
JpcPkhRUmAZMAYOftJ1cWxQTIbnc7T8VjctNg3Nduv20lAS0wcTia/IxZ9xFH47u
0B0F0pWGpI8GeKpx0ji5/qZx8sfyf0TcR/Ix7XewVJ9+v1RcxdzceJgJOW8BDVsO
1j1JFfxBdFhmPLu0Z2G4V32Z9mlgq1wG3pO9QBCO200d5C8fkcLDLERrMPSHMPAL
8c4965UqZF7/4oiCqA8++cKdwuSXjGbmpy115ymOkxdyFDV4I+YDjbWHxPFi37SY
0y/s33DYZbt3Bpdj8onP8pb4dnMX9SCw
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:52 2025 by rpki-client