Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C42182F6997411F098E2AEBFDAE4EC9C.roa
File: C42182F6997411F098E2AEBFDAE4EC9C.roa (raw, json)
Hash identifier: 3dCZ9f0OtAGrwepEOmJTHftaogKnzuxK6ck8H3rrNxE=
Subject key identifier: FE:FB:04:69:42:ED:E1:86:D8:EB:5E:51:8A:7B:F6:98:6C:2F:19:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0B2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C42182F6997411F098E2AEBFDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 18:32:04 +0000
ROA not before: Wed 24 Sep 2025 18:31:58 +0000
ROA not after: Thu 30 Oct 2025 18:31:58 +0000
asID: 137899
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106674 (0x1a0b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 18:31:58 2025 GMT
Not After : Oct 30 18:31:58 2025 GMT
Subject: CN=68d43924-2a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:9e:34:e5:35:4b:47:ff:22:4e:c6:22:64:
7e:a1:68:5f:37:7c:ab:1d:e6:c5:55:55:b2:15:35:
03:e0:bb:a3:77:8c:1a:a9:31:07:d9:3f:b0:32:d6:
32:65:0d:f4:2f:d7:09:eb:db:8f:6b:8a:90:a0:28:
8a:d2:b5:a7:81:d3:c4:8e:0f:5d:01:26:e3:39:20:
5c:b7:f2:81:45:34:4b:16:ab:d7:04:44:6f:a2:cb:
c9:f5:56:34:d7:f9:fc:3e:e0:d2:52:47:55:12:22:
e8:66:f7:cb:45:cb:3f:5d:6d:de:f8:2a:1a:49:e2:
f3:23:b2:ea:36:6f:24:0f:ad:85:6a:15:33:c7:4c:
67:4b:0b:40:3c:98:5e:83:9f:3b:c7:ba:ea:7e:78:
73:07:ab:01:5f:d8:8a:2d:6e:c2:92:86:98:03:66:
d2:4f:13:33:90:d5:bf:2c:4b:8a:27:be:a4:1d:13:
99:5e:dc:4a:4b:dd:d4:c7:d9:8a:4f:7b:78:b3:8c:
2a:e0:e4:c8:81:7b:14:a8:c1:81:e0:00:1d:74:df:
3e:a6:09:6f:6b:eb:0f:e7:a6:87:7d:18:ae:19:e7:
ba:fc:07:aa:75:20:fd:a6:f8:54:af:47:61:46:d9:
0f:c7:b5:c6:53:de:83:ac:1a:d3:42:dd:e1:c7:0c:
80:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:FB:04:69:42:ED:E1:86:D8:EB:5E:51:8A:7B:F6:98:6C:2F:19:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C42182F6997411F098E2AEBFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
56:d5:2f:49:ff:7d:0e:f4:f9:cc:85:5f:30:ce:62:70:dc:fc:
d8:78:ea:ff:ab:e0:09:de:96:ef:12:3f:2d:0b:42:aa:3a:65:
26:d8:e4:66:f0:a7:10:19:a6:05:0a:28:6e:2e:be:be:2f:53:
a8:04:c6:18:f9:34:4c:98:58:4f:0c:59:a7:19:38:c9:85:f8:
10:6e:88:1c:a6:a0:8c:c0:69:a4:ea:a8:ff:f4:c8:a9:a5:cb:
b7:41:d3:e2:72:04:a8:40:2e:cc:81:0f:d8:09:e4:65:f7:c7:
59:67:f1:c1:33:2e:e6:1d:41:fa:6f:4f:ca:c7:05:a9:7c:0f:
ee:09:6f:90:36:a2:eb:2b:22:c5:ea:a2:41:e8:c7:a3:f9:14:
62:6c:63:8c:cf:c3:7a:e9:6c:45:b0:3b:77:78:13:a0:01:23:
99:7f:7f:d9:f4:fd:46:77:1f:5f:61:18:65:59:44:6b:00:b0:
eb:e0:c5:86:19:b1:e4:db:b7:ad:01:ed:05:9e:9f:59:e7:08:
27:49:40:0c:6b:34:88:22:48:71:40:bd:35:a4:14:6c:ef:ea:
71:be:a1:e5:cf:00:73:6e:1e:e1:f8:37:ae:37:e5:e4:39:a5:
5e:70:44:8d:d2:07:86:34:12:56:e8:cd:02:2b:c3:56:41:0b:
42:b1:6f:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaCyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MTgzMTU4WhcNMjUxMDMwMTgzMTU4WjAYMRYw
FAYDVQQDEw02OGQ0MzkyNC0yYTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxFGeNOU1S0f/Ik7GImR+oWhfN3yrHebFVVWyFTUD4Lujd4waqTEH2T+w
MtYyZQ30L9cJ69uPa4qQoCiK0rWngdPEjg9dASbjOSBct/KBRTRLFqvXBERvosvJ
9VY01/n8PuDSUkdVEiLoZvfLRcs/XW3e+CoaSeLzI7LqNm8kD62FahUzx0xnSwtA
PJheg587x7rqfnhzB6sBX9iKLW7CkoaYA2bSTxMzkNW/LEuKJ76kHROZXtxKS93U
x9mKT3t4s4wq4OTIgXsUqMGB4AAddN8+pglva+sP56aHfRiuGee6/AeqdSD9pvhU
r0dhRtkPx7XGU96DrBrTQt3hxwyAZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP77
BGlC7eGG2OteUYp79phsLxnwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDIxODJGNjk5NzQxMUYwOThFMkFFQkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBW1S9J/30O9PnMhV8wzmJw3PzYeOr/q+AJ3pbvEj8tC0KqOmUm2ORm
8KcQGaYFCihuLr6+L1OoBMYY+TRMmFhPDFmnGTjJhfgQbogcpqCMwGmk6qj/9Mip
pcu3QdPicgSoQC7MgQ/YCeRl98dZZ/HBMy7mHUH6b0/KxwWpfA/uCW+QNqLrKyLF
6qJB6Mej+RRibGOMz8N66WxFsDt3eBOgASOZf3/Z9P1Gdx9fYRhlWURrALDr4MWG
GbHk27etAe0Fnp9Z5wgnSUAMazSIIkhxQL01pBRs7+pxvqHlzwBzbh7h+DeuN+Xk
OaVecESN0geGNBJW6M0CK8NWQQtCsW9C
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:20 2025 by rpki-client