Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A55B9B8A997011F09B9BACA5DAE4EC9C.roa
File: A55B9B8A997011F09B9BACA5DAE4EC9C.roa (raw, json)
Hash identifier: 6St0QCL73DUa3izmTyaVw/6qynjmyaUbGQfggR9U5vY=
Subject key identifier: C0:8B:95:D0:89:D6:29:F6:EA:BC:4D:D3:10:AB:B8:AA:01:A6:41:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A55B9B8A997011F09B9BACA5DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 18:02:34 +0000
ROA not before: Wed 24 Sep 2025 18:02:28 +0000
ROA not after: Thu 30 Oct 2025 18:02:28 +0000
asID: 401696
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106662 (0x1a0a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 18:02:28 2025 GMT
Not After : Oct 30 18:02:28 2025 GMT
Subject: CN=68d4323a-9954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9a:78:78:2a:cc:b6:88:5b:f0:46:9e:4e:78:
b2:21:72:c2:dd:4c:67:c7:a0:11:cb:b5:e0:19:eb:
a3:76:89:df:d1:45:69:1b:20:ff:16:34:6b:06:a1:
25:ca:3c:20:b2:bb:bf:53:1f:09:3f:b5:3f:33:15:
75:29:a5:7a:b1:0f:81:e9:90:0c:d2:0d:cb:60:3b:
91:fa:01:50:95:95:58:48:50:a3:29:9a:48:fd:cd:
4c:d8:ec:77:63:0a:a6:c8:e2:e0:ba:17:e9:a5:31:
a0:32:7e:3e:3e:2b:19:79:10:30:c1:06:6b:cd:6e:
1d:fa:24:7b:d1:66:97:20:56:a5:00:be:9a:30:e8:
41:cc:95:3c:55:c3:35:e5:26:86:4b:9d:f9:47:92:
b5:f2:21:87:69:4a:15:3a:ad:76:67:b1:5f:2a:0f:
42:cb:0c:03:28:7b:bd:28:61:5f:9d:a1:98:78:0b:
6b:9a:86:69:dd:ef:7f:f7:9e:67:aa:ee:48:69:19:
d4:b1:52:5a:4c:5b:25:2a:c5:b7:ff:df:09:5f:ac:
f9:8f:1f:0f:00:f0:9b:95:8f:e4:15:8d:c2:0a:c4:
ce:6d:8a:9c:40:a6:ed:65:b7:6d:56:59:eb:32:54:
12:f3:44:97:1c:68:8c:8b:ef:0d:df:f7:fa:b6:b0:
14:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:8B:95:D0:89:D6:29:F6:EA:BC:4D:D3:10:AB:B8:AA:01:A6:41:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A55B9B8A997011F09B9BACA5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
52:be:98:d0:90:44:e6:1e:6e:0b:dc:15:e6:6b:e5:1d:ec:52:
f9:19:56:26:9d:d4:3c:9d:61:3d:38:9a:85:db:47:f6:ff:57:
b0:e0:f7:6f:71:2c:f7:d4:3a:8f:65:a1:4d:a1:08:65:2b:d4:
1a:14:c7:e0:bc:93:b5:52:5c:ec:03:79:e8:eb:7a:02:21:6f:
80:67:02:8d:62:1a:38:a0:37:db:1b:c5:70:bd:30:d5:06:43:
3e:47:d0:51:b8:39:44:cd:0f:e4:f9:1b:b0:2c:45:d4:b1:59:
f5:8a:c3:38:9e:4a:af:f2:e5:44:5a:64:ed:89:c2:12:d9:90:
0c:e4:22:bb:69:7d:6c:65:47:32:b3:1e:18:6c:51:a6:be:ba:
da:f2:b1:2c:77:22:59:21:f0:3c:86:f5:34:73:65:00:ad:14:
ea:2b:22:44:8c:ae:b2:91:2e:1f:27:56:42:fc:68:96:fc:5e:
10:b6:22:44:25:de:9e:dc:8e:f9:e1:a5:22:b5:bf:53:8a:5d:
16:f4:ad:09:9f:7f:dd:3b:b1:92:53:2e:72:a7:b6:57:d7:a7:
f7:26:a7:63:48:f8:09:4e:a2:a7:5a:ae:0f:28:6e:e3:86:c3:
08:f5:02:06:06:ca:4d:f1:96:bf:c5:2d:82:eb:1d:3f:79:e6:
6d:8e:4f:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaCmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTgwMjI4WhcNMjUxMDMwMTgwMjI4WjAYMRYw
FAYDVQQDEw02OGQ0MzIzYS05OTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArpp4eCrMtohb8EaeTniyIXLC3Uxnx6ARy7XgGeujdonf0UVpGyD/FjRr
BqElyjwgsru/Ux8JP7U/MxV1KaV6sQ+B6ZAM0g3LYDuR+gFQlZVYSFCjKZpI/c1M
2Ox3YwqmyOLguhfppTGgMn4+PisZeRAwwQZrzW4d+iR70WaXIFalAL6aMOhBzJU8
VcM15SaGS535R5K18iGHaUoVOq12Z7FfKg9CywwDKHu9KGFfnaGYeAtrmoZp3e9/
955nqu5IaRnUsVJaTFslKsW3/98JX6z5jx8PAPCblY/kFY3CCsTObYqcQKbtZbdt
VlnrMlQS80SXHGiMi+8N3/f6trAUUwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMCL
ldCJ1in26rxN0xCruKoBpkFsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNTVCOUI4QTk5NzAxMUYwOUI5QkFDQTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBSvpjQkETmHm4L3BXma+Ud7FL5GVYmndQ8nWE9OJqF20f2/1ew4Pdv
cSz31DqPZaFNoQhlK9QaFMfgvJO1UlzsA3no63oCIW+AZwKNYho4oDfbG8VwvTDV
BkM+R9BRuDlEzQ/k+RuwLEXUsVn1isM4nkqv8uVEWmTticIS2ZAM5CK7aX1sZUcy
sx4YbFGmvrra8rEsdyJZIfA8hvU0c2UArRTqKyJEjK6ykS4fJ1ZC/GiW/F4QtiJE
Jd6e3I754aUitb9Til0W9K0Jn3/dO7GSUy5yp7ZX16f3JqdjSPgJTqKnWq4PKG7j
hsMI9QIGBspN8Za/xS2C6x0/eeZtjk8v
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:30 2025 by rpki-client