Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF589E5899ED11F0AA9E65DBDAE4EC9C.roa
File: AF589E5899ED11F0AA9E65DBDAE4EC9C.roa (raw, json)
Hash identifier: MGcnzgWqa34/K5scapcN8zWynjVAHc3Ha1yyDOovRD0=
Subject key identifier: BA:66:53:1C:B9:AB:8C:9A:D1:00:B1:AB:FC:26:51:7C:66:BF:DA:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF589E5899ED11F0AA9E65DBDAE4EC9C.roa
Signing time: Thu 25 Sep 2025 08:57:38 +0000
ROA not before: Thu 25 Sep 2025 08:57:33 +0000
ROA not after: Sat 15 Nov 2025 08:57:33 +0000
asID: 55320
IP address blocks: 154.205.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106729 (0x1a0e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 25 08:57:33 2025 GMT
Not After : Nov 15 08:57:33 2025 GMT
Subject: CN=68d50402-49e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2b:9e:b5:cd:91:e1:e8:7a:9d:0e:da:8f:f5:
17:6e:f2:2c:ac:45:53:d1:09:79:6b:3c:de:42:8e:
27:d1:62:e0:c5:15:9d:d9:a0:35:a1:73:c2:ab:e8:
fa:9a:f2:d3:f7:f9:cb:29:98:02:b2:1b:0b:23:f6:
67:ef:53:f7:a3:a6:55:5d:f2:d3:31:83:e9:bb:2b:
c3:af:48:41:ad:5d:13:e3:b7:49:6c:26:03:65:27:
74:01:75:4b:6d:e2:b2:84:5a:55:95:f2:d6:e8:96:
69:63:ef:5a:b7:15:74:88:3e:ed:53:05:12:06:af:
cd:39:7e:51:bb:8b:bd:f8:25:76:79:0e:6b:1e:1a:
4e:13:0d:34:ef:4e:cf:61:ad:48:c6:70:fb:1a:8f:
4e:7c:a0:1b:62:c8:9d:96:66:9e:af:7a:a9:50:28:
e0:83:0a:a9:4d:5b:09:e7:fa:9e:fd:9e:20:77:df:
8b:fe:de:37:a3:57:92:17:1f:64:6c:91:51:4e:fc:
3c:b6:f7:85:f0:24:4a:07:c1:c1:48:f0:3b:57:4b:
64:65:2a:37:ca:37:4a:27:41:bc:57:d8:74:de:5b:
1f:00:b9:20:d6:63:7c:96:cd:01:ff:b3:41:ca:02:
46:e9:f1:1e:96:fd:16:87:f2:79:e5:98:a3:c2:d7:
01:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:66:53:1C:B9:AB:8C:9A:D1:00:B1:AB:FC:26:51:7C:66:BF:DA:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF589E5899ED11F0AA9E65DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.140.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:c9:8c:cc:8b:b1:74:c6:59:52:53:5e:5c:d8:1d:32:36:ac:
fb:98:fd:b4:ce:da:f9:7d:08:d2:04:53:c9:69:92:b1:c5:bb:
03:32:b9:d4:fb:f3:67:83:6e:43:61:f8:90:47:53:61:23:30:
b1:42:2b:88:8c:11:6c:15:91:31:63:85:5f:6e:fa:c7:40:8a:
bb:3f:e3:9e:86:89:8b:aa:82:2f:2f:f5:e1:8b:c1:92:bd:c5:
ef:9a:c6:e6:25:fa:c5:57:22:e3:02:b5:15:32:9a:c7:f8:64:
1d:91:b0:6d:b1:b8:6c:53:a1:90:a1:76:ec:23:75:51:e2:c5:
e1:60:94:4e:f4:d4:05:f1:d0:87:92:7c:15:74:43:e7:ed:d9:
c4:99:84:9a:ec:a6:83:fe:be:5a:de:a1:44:5c:27:58:6c:a2:
e5:3d:40:d6:b8:cd:3d:9f:f7:da:d3:c9:3c:0f:9b:cf:70:75:
2c:35:24:0d:91:8e:a0:f3:4b:15:fa:e4:49:14:93:cf:e4:9f:
09:c9:8f:14:29:aa:0d:fb:d2:d3:b5:eb:61:2a:1e:60:bc:83:
76:fe:98:da:8e:e4:4c:cc:15:42:e8:c8:1e:e0:17:0f:0a:30:
ec:10:87:c1:86:25:c7:7c:99:b1:ff:d2:7a:3d:58:22:fb:c8:
99:32:15:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaDpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI1MDg1NzMzWhcNMjUxMTE1MDg1NzMzWjAYMRYw
FAYDVQQDEw02OGQ1MDQwMi00OWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwCuetc2R4eh6nQ7aj/UXbvIsrEVT0Ql5azzeQo4n0WLgxRWd2aA1oXPC
q+j6mvLT9/nLKZgCshsLI/Zn71P3o6ZVXfLTMYPpuyvDr0hBrV0T47dJbCYDZSd0
AXVLbeKyhFpVlfLW6JZpY+9atxV0iD7tUwUSBq/NOX5Ru4u9+CV2eQ5rHhpOEw00
707PYa1IxnD7Go9OfKAbYsidlmaer3qpUCjggwqpTVsJ5/qe/Z4gd9+L/t43o1eS
Fx9kbJFRTvw8tveF8CRKB8HBSPA7V0tkZSo3yjdKJ0G8V9h03lsfALkg1mN8ls0B
/7NBygJG6fEelv0Wh/J55ZijwtcBowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLpm
Uxy5q4ya0QCxq/wmUXxmv9qpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjU4OUU1ODk5RUQxMUYwQUE5RTY1REJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2MMA0GCSqGSIb3DQEB
CwUAA4IBAQAeyYzMi7F0xllSU15c2B0yNqz7mP20ztr5fQjSBFPJaZKxxbsDMrnU
+/Nng25DYfiQR1NhIzCxQiuIjBFsFZExY4VfbvrHQIq7P+OehomLqoIvL/Xhi8GS
vcXvmsbmJfrFVyLjArUVMprH+GQdkbBtsbhsU6GQoXbsI3VR4sXhYJRO9NQF8dCH
knwVdEPn7dnEmYSa7KaD/r5a3qFEXCdYbKLlPUDWuM09n/fa08k8D5vPcHUsNSQN
kY6g80sV+uRJFJPP5J8JyY8UKaoN+9LTtethKh5gvIN2/pjajuRMzBVC6Mge4BcP
CjDsEIfBhiXHfJmx/9J6PVgi+8iZMhU2
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:41 2025 by rpki-client