Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96604146AB5C11F0AE826D94DAE4EC9C.roa
File: 96604146AB5C11F0AE826D94DAE4EC9C.roa (raw, json)
Hash identifier: Z6pk0wqtGMwmejCMBklwb6uB295rcef18IB9F7GAaA0=
Subject key identifier: EC:AD:5B:0F:D1:0B:1E:6A:1E:6A:D2:6B:CB:A4:A7:31:E1:F8:02:D0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A42E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96604146AB5C11F0AE826D94DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:24:21 +0000
ROA not before: Fri 17 Oct 2025 13:24:15 +0000
ROA not after: Mon 24 Nov 2025 13:24:15 +0000
asID: 153706
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107566 (0x1a42e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 13:24:15 2025 GMT
Not After : Nov 24 13:24:15 2025 GMT
Subject: CN=68f24385-462a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:d7:0e:78:e6:ac:01:f6:cb:75:30:cb:c8:
e4:46:2b:05:44:fb:c1:4a:37:c5:06:3c:0b:7c:ee:
39:5a:8b:f3:0c:ec:d9:18:f9:dc:3e:e8:19:02:ab:
4c:2b:03:a9:08:c5:82:00:14:95:19:c6:31:69:08:
aa:f5:65:f7:6d:7a:db:f3:1d:35:8b:2d:70:fc:65:
27:f9:6d:f1:a8:eb:01:f6:b0:ac:ff:2d:0f:18:7e:
f7:b3:73:18:1c:22:0a:b9:b7:1c:58:24:31:60:34:
c4:cb:4d:e7:38:6d:a9:80:ce:d2:69:24:90:3c:04:
d5:33:00:5b:99:81:e9:99:ba:28:aa:52:3d:1c:d8:
36:ae:f0:50:6b:90:a6:4e:f4:27:96:e2:c7:a9:29:
d2:ee:73:27:05:a9:68:6a:48:6f:3f:b5:fe:fb:89:
bc:02:40:63:fe:62:b8:ba:0f:a8:3b:96:16:73:29:
c3:4c:37:45:7e:31:cd:c4:ff:b5:80:63:29:ff:6b:
60:8d:87:1a:8a:4c:a8:e0:41:a0:05:1f:b9:68:01:
d6:4e:34:56:8d:83:d6:19:4b:81:be:bb:46:60:bd:
a1:70:06:f8:a7:b3:14:a6:34:48:5c:13:b1:69:42:
5f:1d:0c:d9:54:dc:8f:c5:88:6c:e0:42:05:65:81:
34:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AD:5B:0F:D1:0B:1E:6A:1E:6A:D2:6B:CB:A4:A7:31:E1:F8:02:D0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/96604146AB5C11F0AE826D94DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:5f:7f:97:9a:ef:8b:b0:cd:dc:2b:85:fa:31:96:bf:93:5a:
b8:c9:3d:17:f9:c6:27:4d:86:0d:04:91:c0:61:3a:ee:57:3a:
d2:ee:4b:de:79:73:b8:01:81:8d:20:1f:f8:ce:32:ca:f8:a9:
1c:87:17:fc:39:c5:08:0c:52:e7:1c:78:31:7c:6f:1e:46:4d:
ec:db:d7:9d:31:d1:f6:da:76:0e:34:62:82:53:96:cd:55:bc:
d7:a8:0f:d4:35:11:59:1e:a9:bd:97:bc:0d:2f:52:b3:8b:a0:
74:19:9a:ca:77:ce:4e:6b:7c:81:9c:47:57:9f:39:7c:42:da:
a9:eb:ce:d9:62:c2:1e:43:ad:c1:3d:47:f8:bc:21:d6:64:cf:
ac:13:a3:64:8d:b1:1d:60:b4:96:74:97:17:3c:96:fd:88:e2:
6f:9b:fe:14:03:c6:45:86:b7:f8:ad:89:ea:c2:7c:1f:27:2d:
bf:ea:c8:a9:c7:44:fb:5b:24:1f:02:92:70:8e:e6:69:b4:39:
58:f3:6f:e9:61:8c:b7:89:81:3e:dc:0d:44:4e:be:35:a0:65:
b6:8b:0f:06:f1:78:b2:5b:f2:bd:0c:a5:a8:76:67:fb:84:af:
62:68:34:41:7a:c7:fd:66:d7:6c:97:0a:91:c2:4c:3d:df:da:
4b:05:a5:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MTMyNDE1WhcNMjUxMTI0MTMyNDE1WjAYMRYw
FAYDVQQDEw02OGYyNDM4NS00NjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqYHXDnjmrAH2y3Uwy8jkRisFRPvBSjfFBjwLfO45WovzDOzZGPncPugZ
AqtMKwOpCMWCABSVGcYxaQiq9WX3bXrb8x01iy1w/GUn+W3xqOsB9rCs/y0PGH73
s3MYHCIKubccWCQxYDTEy03nOG2pgM7SaSSQPATVMwBbmYHpmbooqlI9HNg2rvBQ
a5CmTvQnluLHqSnS7nMnBaloakhvP7X++4m8AkBj/mK4ug+oO5YWcynDTDdFfjHN
xP+1gGMp/2tgjYcaikyo4EGgBR+5aAHWTjRWjYPWGUuBvrtGYL2hcAb4p7MUpjRI
XBOxaUJfHQzZVNyPxYhs4EIFZYE0gwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOyt
Ww/RCx5qHmrSa8ukpzHh+ALQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NjYwNDE0NkFCNUMxMUYwQUU4MjZEOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQAvX3+Xmu+LsM3cK4X6MZa/k1q4yT0X+cYnTYYNBJHAYTruVzrS7kve
eXO4AYGNIB/4zjLK+Kkchxf8OcUIDFLnHHgxfG8eRk3s29edMdH22nYONGKCU5bN
VbzXqA/UNRFZHqm9l7wNL1Kzi6B0GZrKd85Oa3yBnEdXnzl8Qtqp687ZYsIeQ63B
PUf4vCHWZM+sE6NkjbEdYLSWdJcXPJb9iOJvm/4UA8ZFhrf4rYnqwnwfJy2/6sip
x0T7WyQfApJwjuZptDlY82/pYYy3iYE+3A1ETr41oGW2iw8G8XiyW/K9DKWodmf7
hK9iaDRBesf9ZtdslwqRwkw939pLBaXw
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:10 2025 by rpki-client