Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD1CB322A5AF11F0A7B70F96DAE4EC9C.roa
File: AD1CB322A5AF11F0A7B70F96DAE4EC9C.roa (raw, json)
Hash identifier: JAcB8nnrlw8i7YtmRGAVmI17q6PIlnmlz3jb/OwNs74=
Subject key identifier: 44:9F:04:6F:08:56:D3:65:C4:3C:66:CB:42:8C:F6:C8:B4:19:FD:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A329
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD1CB322A5AF11F0A7B70F96DAE4EC9C.roa
Signing time: Fri 10 Oct 2025 08:03:59 +0000
ROA not before: Fri 10 Oct 2025 08:03:55 +0000
ROA not after: Wed 05 Nov 2025 08:03:55 +0000
asID: 272040
IP address blocks: 154.88.184.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107305 (0x1a329)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 10 08:03:55 2025 GMT
Not After : Nov 5 08:03:55 2025 GMT
Subject: CN=68e8bdef-56dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2e:f7:8b:1c:b7:e5:24:6b:43:d7:c2:55:74:
0f:65:8b:7e:ee:91:b7:99:82:f0:0b:5b:3a:f7:24:
b1:46:08:3c:37:7c:28:c4:fc:fe:0c:11:0b:d2:26:
c6:18:f8:72:de:fc:0c:d4:b3:0b:05:f3:83:96:89:
15:f2:7b:c1:26:55:f1:1c:b0:0e:42:33:7f:5b:15:
85:b6:f9:bb:ff:f9:07:3d:e0:89:3a:e3:2c:1a:32:
29:12:9b:66:d9:84:e8:95:5a:18:4c:da:75:eb:37:
f9:f9:db:78:5e:10:2b:0e:b2:6d:73:0a:2d:5a:e0:
22:bb:07:3c:2d:8e:7f:29:48:5e:4c:a3:7d:3e:bc:
3c:51:a0:72:68:cd:de:b0:bc:77:99:c9:f0:65:61:
5d:d0:9c:e5:30:e8:de:5b:e1:02:22:72:a8:51:d9:
60:25:53:6d:96:99:d6:04:fa:4b:95:89:53:4a:77:
12:f4:7e:c6:6d:20:79:01:b6:73:6b:25:ca:2e:ea:
b7:3c:f0:d3:17:79:6b:c6:a6:40:96:0f:ef:df:6c:
eb:0c:d7:1e:bc:66:28:4a:66:25:2f:10:d9:67:b0:
93:c9:6d:2f:a4:c3:f1:1e:a1:b5:d6:3a:35:1b:36:
2e:89:a1:7e:4f:c4:d6:93:38:a2:d2:c7:4d:0d:88:
96:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9F:04:6F:08:56:D3:65:C4:3C:66:CB:42:8C:F6:C8:B4:19:FD:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD1CB322A5AF11F0A7B70F96DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.184.0/23
Signature Algorithm: sha256WithRSAEncryption
76:1b:6e:dd:5c:44:0c:2c:19:f3:e0:43:65:a1:be:b6:b8:7a:
f2:2f:77:17:5e:7f:f2:29:e9:93:ed:70:0f:04:ea:99:f3:f0:
4f:f2:8c:b9:4c:29:9a:56:c7:8c:bb:b8:5d:53:8c:ff:f7:fe:
1c:26:9f:f2:c5:1b:df:2d:f2:89:6b:29:f4:5e:7e:3e:fc:cb:
17:e5:37:36:85:5c:b6:09:55:bb:ad:9f:2d:00:6a:ae:7a:10:
90:cf:e7:57:55:39:2c:a1:80:a9:04:6a:4c:67:37:b7:e8:00:
6e:d7:2d:79:40:fd:36:b6:af:39:48:dc:f7:82:4b:e2:22:68:
35:71:34:71:ea:ef:80:01:7b:9c:f3:ac:10:7f:49:6f:a8:20:
67:9d:40:73:47:01:f0:9d:9f:31:5f:27:84:cc:37:c8:91:7a:
0c:d4:11:01:99:e5:ff:ef:e8:64:f1:0b:e0:f6:8f:fe:76:78:
b3:17:79:3c:3f:f8:7f:82:4d:e7:02:99:a6:82:a3:7d:28:c4:
bb:a1:ac:e5:7f:55:23:0d:c5:cd:d4:e9:a4:98:1d:1d:ec:a7:
e3:2f:fc:97:7d:30:89:73:88:58:5c:d8:d9:05:64:85:c7:82:
2d:fa:f5:4c:11:8f:cb:95:24:cb:fc:33:fd:a0:e2:bf:7a:b8:
20:11:31:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaMpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDEwMDgwMzU1WhcNMjUxMTA1MDgwMzU1WjAYMRYw
FAYDVQQDEw02OGU4YmRlZi01NmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyi73ixy35SRrQ9fCVXQPZYt+7pG3mYLwC1s69ySxRgg8N3woxPz+DBEL
0ibGGPhy3vwM1LMLBfODlokV8nvBJlXxHLAOQjN/WxWFtvm7//kHPeCJOuMsGjIp
Eptm2YTolVoYTNp16zf5+dt4XhArDrJtcwotWuAiuwc8LY5/KUheTKN9Prw8UaBy
aM3esLx3mcnwZWFd0JzlMOjeW+ECInKoUdlgJVNtlpnWBPpLlYlTSncS9H7GbSB5
AbZzayXKLuq3PPDTF3lrxqZAlg/v32zrDNcevGYoSmYlLxDZZ7CTyW0vpMPxHqG1
1jo1GzYuiaF+T8TWkzii0sdNDYiWrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFESf
BG8IVtNlxDxmy0KM9si0Gf3xMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRDFDQjMyMkE1QUYxMUYwQTdCNzBGOTZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmli4MA0GCSqGSIb3DQEB
CwUAA4IBAQB2G27dXEQMLBnz4ENlob62uHryL3cXXn/yKemT7XAPBOqZ8/BP8oy5
TCmaVseMu7hdU4z/9/4cJp/yxRvfLfKJayn0Xn4+/MsX5Tc2hVy2CVW7rZ8tAGqu
ehCQz+dXVTksoYCpBGpMZze36ABu1y15QP02tq85SNz3gkviImg1cTRx6u+AAXuc
86wQf0lvqCBnnUBzRwHwnZ8xXyeEzDfIkXoM1BEBmeX/7+hk8Qvg9o/+dnizF3k8
P/h/gk3nApmmgqN9KMS7oazlf1UjDcXN1OmkmB0d7KfjL/yXfTCJc4hYXNjZBWSF
x4It+vVMEY/LlSTL/DP9oOK/erggETGq
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:17 2025 by rpki-client