Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8A67A72AB6011F0AF3D69AEDAE4EC9C.roa
File: C8A67A72AB6011F0AF3D69AEDAE4EC9C.roa (raw, json)
Hash identifier: TRpkjNcyR2ovWNUfq1fbRQWmr4Td0wQ6gB2oDRBJqbQ=
Subject key identifier: 02:17:D7:A4:A8:17:9A:67:97:75:8A:66:00:DF:48:57:D9:38:B0:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A438
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8A67A72AB6011F0AF3D69AEDAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:54:22 +0000
ROA not before: Fri 17 Oct 2025 13:54:17 +0000
ROA not after: Mon 24 Nov 2025 13:54:17 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107576 (0x1a438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 13:54:17 2025 GMT
Not After : Nov 24 13:54:17 2025 GMT
Subject: CN=68f24a8e-a889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:25:88:98:6f:6e:27:0d:72:4b:ae:bf:a1:
e0:31:a4:42:01:c2:ab:2d:3b:19:3d:54:cc:d2:d5:
fc:89:eb:c7:05:a7:c6:36:8b:46:f7:cb:0a:df:de:
5a:55:f5:1e:89:94:05:2f:b8:4a:c6:0e:83:75:b5:
f0:17:af:a7:b0:1d:45:a8:9b:d2:20:37:1f:f2:77:
88:0c:8d:5c:b9:46:5e:94:5e:73:82:44:f7:6d:68:
e2:86:ea:07:ad:49:a1:6e:34:cd:7b:f7:93:47:92:
8d:18:4e:a1:39:36:6d:e8:20:50:f2:8f:8d:54:4e:
8e:8c:98:a3:d2:0d:f5:41:cf:b6:66:68:44:f0:c1:
1e:59:da:31:47:b7:af:3d:b8:18:39:ea:41:53:9d:
20:a4:57:9c:47:92:4d:da:6b:26:94:d4:d4:6e:28:
fa:f6:85:43:3a:57:68:e4:66:b2:56:75:5a:52:74:
cd:7e:c3:53:d6:d3:59:90:bb:79:0f:b1:9a:ce:cc:
1a:4e:d7:c1:e3:eb:8e:83:ae:f3:e8:0f:a3:63:e6:
d0:29:42:64:15:c2:b3:0d:2a:cf:7a:27:22:b5:3a:
a0:f1:f6:bc:94:13:5c:e6:2a:ea:42:d9:fb:b4:08:
04:9a:e1:27:9c:9b:88:43:1b:91:00:b5:91:90:f6:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:17:D7:A4:A8:17:9A:67:97:75:8A:66:00:DF:48:57:D9:38:B0:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C8A67A72AB6011F0AF3D69AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
Signature Algorithm: sha256WithRSAEncryption
75:7d:25:a8:a7:9e:40:47:03:c6:24:33:95:eb:ab:e2:82:e1:
92:07:2c:80:37:22:6a:ee:59:4b:7c:26:9b:73:65:9e:cb:c7:
6b:93:99:a7:4f:10:f0:a4:a0:2a:58:d0:92:ba:f2:8a:a2:7a:
49:c1:92:d3:72:f5:d9:71:3e:59:2c:11:1b:8e:02:5e:1e:e2:
55:40:80:39:a7:a3:44:fb:99:1a:de:79:1f:16:82:79:14:b5:
11:91:c5:37:c7:52:2d:a8:3f:64:36:2b:5d:f1:2b:7f:bd:78:
da:b7:6c:a2:81:eb:62:3f:3f:04:c1:30:9e:8f:64:a1:40:e9:
65:08:ab:38:dd:76:9c:3b:d4:2e:01:b4:97:21:79:b0:7d:d7:
01:5a:be:d8:04:43:77:d2:3e:f1:7a:4a:f1:aa:9a:9b:2d:45:
21:35:0f:ba:53:f3:0c:d7:cc:e8:b4:43:9f:4c:7e:42:4a:98:
90:83:6e:38:58:90:00:48:da:f0:b2:43:74:a3:83:79:3b:88:
bf:54:1c:27:a6:dc:52:5d:78:72:c7:3f:f8:f9:64:a4:f1:0d:
c5:d0:41:49:7b:af:52:88:92:b7:1e:90:3b:cd:5f:fb:74:9f:
74:68:62:8e:97:e3:e6:ca:02:99:c5:bf:0e:cb:59:2f:64:17:
d4:f7:19:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQ4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MTM1NDE3WhcNMjUxMTI0MTM1NDE3WjAYMRYw
FAYDVQQDEw02OGYyNGE4ZS1hODg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwk8liJhvbicNckuuv6HgMaRCAcKrLTsZPVTM0tX8ievHBafGNotG98sK
395aVfUeiZQFL7hKxg6DdbXwF6+nsB1FqJvSIDcf8neIDI1cuUZelF5zgkT3bWji
huoHrUmhbjTNe/eTR5KNGE6hOTZt6CBQ8o+NVE6OjJij0g31Qc+2ZmhE8MEeWdox
R7evPbgYOepBU50gpFecR5JN2msmlNTUbij69oVDOldo5GayVnVaUnTNfsNT1tNZ
kLt5D7GazswaTtfB4+uOg67z6A+jY+bQKUJkFcKzDSrPeicitTqg8fa8lBNc5irq
Qtn7tAgEmuEnnJuIQxuRALWRkPb8ewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAIX
16SoF5pnl3WKZgDfSFfZOLAYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOEE2N0E3MkFCNjAxMUYwQUYzRDY5QUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQB1fSWop55ARwPGJDOV66viguGSByyANyJq7llLfCabc2Wey8drk5mn
TxDwpKAqWNCSuvKKonpJwZLTcvXZcT5ZLBEbjgJeHuJVQIA5p6NE+5ka3nkfFoJ5
FLURkcU3x1ItqD9kNitd8St/vXjat2yigetiPz8EwTCej2ShQOllCKs43XacO9Qu
AbSXIXmwfdcBWr7YBEN30j7xekrxqpqbLUUhNQ+6U/MM18zotEOfTH5CSpiQg244
WJAASNrwskN0o4N5O4i/VBwnptxSXXhyxz/4+WSk8Q3F0EFJe69SiJK3HpA7zV/7
dJ90aGKOl+PmygKZxb8Oy1kvZBfU9xmx
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:39 2025 by rpki-client