Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0A99B70AA9311F0A98F5881DAE4EC9C.roa
File: B0A99B70AA9311F0A98F5881DAE4EC9C.roa (raw, json)
Hash identifier: MSV0Zj0rtr+3oxT9W/51KfDqY0h4JzTAtpEpzx3tQos=
Subject key identifier: 44:8C:24:2E:75:82:03:FC:EF:23:C0:7A:B1:55:0F:02:60:34:5B:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A407
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0A99B70AA9311F0A98F5881DAE4EC9C.roa
Signing time: Thu 16 Oct 2025 13:26:15 +0000
ROA not before: Thu 16 Oct 2025 13:26:10 +0000
ROA not after: Mon 01 Dec 2025 13:26:10 +0000
asID: 57043
IP address blocks: 154.222.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107527 (0x1a407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 13:26:10 2025 GMT
Not After : Dec 1 13:26:10 2025 GMT
Subject: CN=68f0f277-f0e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:66:05:95:46:bb:3f:54:39:21:67:6c:90:04:
95:66:c0:ba:a1:49:8e:43:8e:cd:80:74:e4:81:b0:
b5:bc:6e:4d:58:c6:04:e0:57:ad:29:3b:34:a7:35:
a0:ba:ea:11:4e:1e:52:d7:c2:c0:f2:e2:e9:b1:e9:
ac:45:c3:d1:f2:74:21:68:42:3a:33:e4:e5:88:a9:
4d:d0:47:b4:24:69:93:e2:bb:65:9f:56:35:ec:66:
40:25:fa:a4:8a:64:fd:a8:20:d2:85:e2:ab:f4:a5:
32:ac:f2:03:fa:2d:fe:36:81:bc:2d:1a:8a:69:25:
51:f3:88:56:04:c1:68:72:61:0f:8c:79:f5:6c:0c:
08:09:22:c6:3f:ee:f5:a3:da:93:43:c8:1f:b0:e6:
59:66:15:1b:32:72:fd:3d:55:09:a8:66:87:0c:98:
46:48:c1:d6:57:c6:2d:ad:cf:3e:63:b1:7a:22:f5:
ee:60:71:b5:56:54:8c:fc:36:da:e1:cd:55:dc:5d:
54:41:f9:a6:87:81:e5:f2:51:f5:b6:d4:5d:74:0d:
65:9d:90:89:75:c7:24:96:65:b3:50:6a:40:45:e0:
69:1f:a6:23:dc:3d:fb:07:ec:8c:bd:1b:84:f8:22:
e7:45:8f:59:26:67:5c:46:8f:a7:88:1c:5f:ef:b0:
c2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8C:24:2E:75:82:03:FC:EF:23:C0:7A:B1:55:0F:02:60:34:5B:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0A99B70AA9311F0A98F5881DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.10.0/24
Signature Algorithm: sha256WithRSAEncryption
01:33:c8:dd:44:96:f8:72:c2:95:ea:fc:bf:ff:c8:73:8a:88:
ee:75:05:e0:b4:06:4b:58:0b:24:6a:1e:d5:8c:44:02:db:9a:
99:95:53:aa:1e:43:6f:26:63:0d:cc:5c:0d:0f:a9:1b:6f:40:
37:81:f3:c7:33:eb:ff:05:6d:93:33:83:f4:b0:c1:38:72:26:
75:32:98:10:26:3f:22:89:53:4f:22:7c:a6:44:41:7d:8a:19:
fc:dc:78:87:37:ad:8b:14:1e:7f:83:bf:e7:b9:24:f6:0a:8b:
50:7f:c9:ea:8e:2a:ac:64:23:9c:6e:3b:e4:00:7f:ab:15:15:
f7:2b:c0:21:5d:ee:81:91:49:ac:b9:1f:49:6d:79:75:e0:ec:
1a:38:58:df:b1:13:7c:6b:81:c6:7d:fa:d0:70:49:29:c8:1f:
c1:a0:5e:2f:b1:ca:dd:62:f9:15:ca:40:f5:49:03:ad:00:e2:
fc:24:fe:9f:04:7f:7d:38:d5:e4:a5:09:f7:a8:ac:55:17:9d:
74:95:cc:16:12:de:73:31:19:eb:75:cc:ab:97:66:6e:f6:f4:
af:0a:8d:f7:e3:1a:62:30:58:17:29:b7:06:61:19:91:7b:03:
04:79:ca:59:d9:8b:88:ff:4e:a0:fd:d5:2a:49:10:dd:e5:fc:
82:4c:80:22
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MTMyNjEwWhcNMjUxMjAxMTMyNjEwWjAYMRYw
FAYDVQQDEw02OGYwZjI3Ny1mMGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxWYFlUa7P1Q5IWdskASVZsC6oUmOQ47NgHTkgbC1vG5NWMYE4FetKTs0
pzWguuoRTh5S18LA8uLpsemsRcPR8nQhaEI6M+TliKlN0Ee0JGmT4rtln1Y17GZA
JfqkimT9qCDSheKr9KUyrPID+i3+NoG8LRqKaSVR84hWBMFocmEPjHn1bAwICSLG
P+71o9qTQ8gfsOZZZhUbMnL9PVUJqGaHDJhGSMHWV8Ytrc8+Y7F6IvXuYHG1VlSM
/Dba4c1V3F1UQfmmh4Hl8lH1ttRddA1lnZCJdccklmWzUGpAReBpH6Yj3D37B+yM
vRuE+CLnRY9ZJmdcRo+niBxf77DCDwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFESM
JC51ggP87yPAerFVDwJgNFseMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMEE5OUI3MEFBOTMxMUYwQTk4RjU4ODFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4KMA0GCSqGSIb3DQEB
CwUAA4IBAQABM8jdRJb4csKV6vy//8hziojudQXgtAZLWAskah7VjEQC25qZlVOq
HkNvJmMNzFwND6kbb0A3gfPHM+v/BW2TM4P0sME4ciZ1MpgQJj8iiVNPInymREF9
ihn83HiHN62LFB5/g7/nuST2CotQf8nqjiqsZCOcbjvkAH+rFRX3K8AhXe6BkUms
uR9JbXl14OwaOFjfsRN8a4HGffrQcEkpyB/BoF4vscrdYvkVykD1SQOtAOL8JP6f
BH99ONXkpQn3qKxVF510lcwWEt5zMRnrdcyrl2Zu9vSvCo334xpiMFgXKbcGYRmR
ewMEecpZ2YuI/06g/dUqSRDd5fyCTIAi
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:26 2025 by rpki-client