Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9703A9E6988111F092760C9EDAE4EC9C.roa
File: 9703A9E6988111F092760C9EDAE4EC9C.roa (raw, json)
Hash identifier: y79do0tCHj0mEbPt1BsUoxbQzJEbJmPMUalw2P0c2+k=
Subject key identifier: 3C:B7:87:FB:1A:60:66:E2:9C:A1:8E:84:42:E2:9C:83:AA:06:3D:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A03F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9703A9E6988111F092760C9EDAE4EC9C.roa
Signing time: Tue 23 Sep 2025 13:31:20 +0000
ROA not before: Tue 23 Sep 2025 13:31:16 +0000
ROA not after: Sun 14 Dec 2025 13:31:16 +0000
asID: 139880
IP address blocks: 154.83.224.0/20 maxlen: 24
154.199.32.0/20 maxlen: 24
154.199.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106559 (0x1a03f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 23 13:31:16 2025 GMT
Not After : Dec 14 13:31:16 2025 GMT
Subject: CN=68d2a128-196a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8b:a4:3e:b9:e4:2a:4d:1d:7f:9d:85:32:34:
67:13:8c:19:5c:a2:54:a8:ed:09:6d:5e:84:ad:51:
9b:6e:11:af:2b:5d:7f:44:36:ed:6b:6f:24:9e:7a:
73:4f:6a:cf:8e:29:7d:f4:e7:4c:4c:51:4e:92:07:
93:ac:c6:ff:3e:fa:74:99:87:c7:14:e1:50:69:74:
6d:69:08:00:2b:7e:c0:57:ce:2b:50:e9:a2:ca:00:
7a:41:e1:b4:15:22:7a:43:81:86:95:77:e1:08:f4:
be:97:a8:46:a4:9b:42:31:aa:d7:3d:d6:39:d2:0a:
2a:27:b8:03:f5:52:fa:58:c2:70:60:96:99:7a:65:
79:2e:ab:de:a7:4b:d4:8c:d3:ae:76:79:34:e9:6b:
34:45:fa:ac:d2:46:32:49:85:45:a8:cc:6a:5e:41:
a8:d3:26:b0:84:b2:47:a6:89:f0:a0:9e:16:b5:b6:
e1:29:0e:60:8e:f5:70:1b:42:6f:5e:29:32:a2:fe:
82:33:e6:27:2d:3c:59:ec:99:7c:56:39:09:84:e0:
ac:4b:3a:04:27:09:96:1e:9d:e3:0d:f4:93:f0:44:
35:87:f9:fa:15:d0:a9:52:ce:bd:ef:55:39:08:52:
7d:8f:c4:4d:4b:b5:14:16:06:16:76:9b:c4:3d:d0:
93:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B7:87:FB:1A:60:66:E2:9C:A1:8E:84:42:E2:9C:83:AA:06:3D:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9703A9E6988111F092760C9EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.224.0/20
154.199.32.0/20
154.199.160.0/19
Signature Algorithm: sha256WithRSAEncryption
14:b1:0f:6c:0e:01:04:51:ba:3d:3e:90:8e:20:72:42:21:85:
c7:3c:56:d2:39:80:fe:77:d4:c8:22:b9:03:bf:0a:4e:1d:50:
73:a3:5f:ad:63:03:dc:a7:8e:03:f7:68:85:3f:fc:3a:bb:77:
1e:cd:87:00:8d:64:f2:6d:48:03:47:de:c7:28:db:22:bf:17:
53:cc:8d:be:dd:1f:6c:56:10:f1:d7:6e:55:0a:c9:f6:f0:ef:
c9:f9:75:ed:02:ff:e0:a1:1f:46:c1:5b:54:cf:7b:63:66:91:
5e:f5:d5:87:bc:b9:4a:80:b4:a5:3d:6e:7a:fe:1d:fb:2c:87:
91:25:52:2b:be:0a:97:29:4f:b6:e8:e9:d1:7d:bd:88:ae:f5:
a3:7a:7f:e7:1f:db:ae:8a:fd:69:80:0c:90:c5:bc:ee:5f:0a:
06:71:ae:f8:7f:4a:d7:e9:c4:6c:34:3f:26:57:a8:f9:43:b3:
58:88:87:0c:a0:e3:5b:ff:2c:17:cf:bb:63:12:7d:12:c9:33:
b7:69:cf:29:48:01:ef:1a:41:29:5e:78:f6:a8:07:ae:85:6d:
22:70:b9:a3:7b:77:0c:7c:d1:e1:70:4a:c5:0d:58:ff:c5:40:
5f:7d:67:1b:b1:19:82:f3:f6:98:06:07:42:81:d8:ab:0b:6d:
03:f0:17:ea
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAaA/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTIzMTMzMTE2WhcNMjUxMjE0MTMzMTE2WjAYMRYw
FAYDVQQDEw02OGQyYTEyOC0xOTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0YukPrnkKk0df52FMjRnE4wZXKJUqO0JbV6ErVGbbhGvK11/RDbta28k
nnpzT2rPjil99OdMTFFOkgeTrMb/Pvp0mYfHFOFQaXRtaQgAK37AV84rUOmiygB6
QeG0FSJ6Q4GGlXfhCPS+l6hGpJtCMarXPdY50goqJ7gD9VL6WMJwYJaZemV5Lqve
p0vUjNOudnk06Ws0Rfqs0kYySYVFqMxqXkGo0yawhLJHponwoJ4WtbbhKQ5gjvVw
G0JvXikyov6CM+YnLTxZ7Jl8VjkJhOCsSzoEJwmWHp3jDfST8EQ1h/n6FdCpUs69
71U5CFJ9j8RNS7UUFgYWdpvEPdCTowIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFDy3
h/saYGbinKGOhELinIOqBj0rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NzAzQTlFNjk4ODExMUYwOTI3NjBDOUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEmlPgAwQEmscgAwQFmseg
MA0GCSqGSIb3DQEBCwUAA4IBAQAUsQ9sDgEEUbo9PpCOIHJCIYXHPFbSOYD+d9TI
IrkDvwpOHVBzo1+tYwPcp44D92iFP/w6u3cezYcAjWTybUgDR97HKNsivxdTzI2+
3R9sVhDx125VCsn28O/J+XXtAv/goR9GwVtUz3tjZpFe9dWHvLlKgLSlPW56/h37
LIeRJVIrvgqXKU+26OnRfb2IrvWjen/nH9uuiv1pgAyQxbzuXwoGca74f0rX6cRs
ND8mV6j5Q7NYiIcMoONb/ywXz7tjEn0SyTO3ac8pSAHvGkEpXnj2qAeuhW0icLmj
e3cMfNHhcErFDVj/xUBffWcbsRmC8/aYBgdCgdirC20D8Bfq
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:10 2025 by rpki-client