Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2E2157CAA6511F0A89A8FD8DAE4EC9C.roa
File: A2E2157CAA6511F0A89A8FD8DAE4EC9C.roa (raw, json)
Hash identifier: XHrjyFSYjNIbo4nhFJulwagg6VMucFX9UHg8Hee8ols=
Subject key identifier: 79:62:35:1C:BD:FC:B9:69:A2:60:84:B6:8A:A9:39:3F:0D:EE:CD:25
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A3C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2E2157CAA6511F0A89A8FD8DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 07:56:35 +0000
ROA not before: Thu 16 Oct 2025 07:56:30 +0000
ROA not after: Sat 12 Sep 2026 07:56:30 +0000
asID: 151610
IP address blocks: 154.194.39.0/24 maxlen: 24
154.194.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107458 (0x1a3c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 07:56:30 2025 GMT
Not After : Sep 12 07:56:30 2026 GMT
Subject: CN=68f0a533-4a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:52:ab:f9:a2:ce:39:da:96:ae:ca:3e:89:32:
93:4a:89:34:c0:09:c6:4b:c1:6b:0f:a5:d3:b7:04:
d5:00:d4:51:86:1c:c0:01:c8:e5:c8:00:2f:0e:95:
67:6f:6e:46:13:6c:ad:15:ce:d6:17:5e:d9:ed:57:
5c:57:4f:ce:a1:02:cd:d9:b3:84:eb:11:7f:32:c7:
5d:a2:4d:90:7e:28:ab:e2:b5:ac:81:88:5e:79:a2:
fc:3d:58:68:76:99:46:80:62:84:99:98:b3:c4:79:
b4:b1:8a:7a:ef:c1:4a:18:ef:87:9f:a4:7a:0a:c9:
a4:5e:67:91:60:80:8c:34:a4:c7:24:bc:ca:9d:e3:
ab:96:d4:3d:f2:5a:95:8c:27:63:af:a6:c1:da:35:
b4:7c:08:3a:82:58:c3:3e:e0:5a:4d:48:44:13:3b:
3d:80:0b:ab:f9:87:c1:f7:e0:84:85:c1:2c:19:39:
7c:85:ba:ba:2a:fe:7a:ad:7a:c2:89:8e:19:20:2d:
8f:28:2d:6a:54:7a:e0:fc:de:50:25:28:3b:10:97:
a5:39:b3:54:7d:d7:56:4a:2c:05:51:3a:53:51:fd:
30:49:2a:51:06:06:5d:50:cd:ee:98:cc:cf:f6:81:
8a:da:23:36:bc:14:52:a2:97:65:4d:62:3a:8c:0d:
43:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:62:35:1C:BD:FC:B9:69:A2:60:84:B6:8A:A9:39:3F:0D:EE:CD:25
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2E2157CAA6511F0A89A8FD8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.39.0-154.194.40.255
Signature Algorithm: sha256WithRSAEncryption
28:ab:d3:42:d8:10:aa:5a:20:6c:f7:1f:21:64:ab:22:6d:b5:
43:96:f7:23:6f:8e:b7:37:fe:16:2f:f1:d7:48:7a:29:18:d4:
f0:43:d7:d7:57:95:5d:bc:f7:2d:91:0a:de:63:bd:a5:26:57:
55:f2:2f:b2:8d:1e:dd:8b:a6:ad:65:2b:d8:73:c4:3a:1b:75:
be:e0:7f:1e:90:56:5f:67:e7:12:e4:ca:82:a2:e1:32:fa:e5:
97:ca:24:fc:3a:f3:f3:28:30:c3:b1:0d:cc:58:76:9e:28:f8:
05:b6:7e:e4:d0:bd:1e:91:5e:62:d1:6f:10:55:f9:b3:2a:f3:
f4:dd:a4:db:a3:a9:0c:b7:60:18:14:a1:be:ec:23:c9:83:f1:
25:7d:05:69:65:97:56:44:8c:04:46:fb:a6:f8:8b:b7:4d:5a:
6c:93:3d:69:4f:dc:78:2c:6a:32:77:df:89:5c:3f:82:1a:3d:
31:28:77:b2:ea:a9:f2:e9:4f:2d:c9:c5:ec:6d:9b:c4:23:11:
c2:36:47:56:1e:d7:60:94:f1:50:af:e8:fb:e1:41:9a:a5:3d:
1e:ea:8f:48:33:e0:4a:19:5e:f3:3b:db:1d:77:e0:72:f0:ba:
a5:4a:80:4e:7a:0d:20:56:03:34:7f:a6:c1:26:c6:01:51:22:
93:c5:c2:15
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAaPCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MDc1NjMwWhcNMjYwOTEyMDc1NjMwWjAYMRYw
FAYDVQQDEw02OGYwYTUzMy00YTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3lKr+aLOOdqWrso+iTKTSok0wAnGS8FrD6XTtwTVANRRhhzAAcjlyAAv
DpVnb25GE2ytFc7WF17Z7VdcV0/OoQLN2bOE6xF/Msddok2Qfiir4rWsgYheeaL8
PVhodplGgGKEmZizxHm0sYp678FKGO+Hn6R6CsmkXmeRYICMNKTHJLzKneOrltQ9
8lqVjCdjr6bB2jW0fAg6gljDPuBaTUhEEzs9gAur+YfB9+CEhcEsGTl8hbq6Kv56
rXrCiY4ZIC2PKC1qVHrg/N5QJSg7EJelObNUfddWSiwFUTpTUf0wSSpRBgZdUM3u
mMzP9oGK2iM2vBRSopdlTWI6jA1DeQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHli
NRy9/LlpomCEtoqpOT8N7s0lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMkUyMTU3Q0FBNjUxMUYwQTg5QThGRDhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACawicDBACawigwDQYJ
KoZIhvcNAQELBQADggEBACir00LYEKpaIGz3HyFkqyJttUOW9yNvjrc3/hYv8ddI
eikY1PBD19dXlV289y2RCt5jvaUmV1XyL7KNHt2Lpq1lK9hzxDobdb7gfx6QVl9n
5xLkyoKi4TL65ZfKJPw68/MoMMOxDcxYdp4o+AW2fuTQvR6RXmLRbxBV+bMq8/Td
pNujqQy3YBgUob7sI8mD8SV9BWlll1ZEjARG+6b4i7dNWmyTPWlP3HgsajJ334lc
P4IaPTEod7LqqfLpTy3Jxextm8QjEcI2R1Ye12CU8VCv6PvhQZqlPR7qj0gz4EoZ
XvM72x134HLwuqVKgE56DSBWAzR/psEmxgFRIpPFwhU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:04 2025 by rpki-client