Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2271436946211F0B1D42C7FDAE4EC9C.roa
File: D2271436946211F0B1D42C7FDAE4EC9C.roa (raw, json)
Hash identifier: DudEYLV+Mh57bDcAp6415iLMftpzJpYjEmzYY9ICm/w=
Subject key identifier: CF:F8:94:87:DB:16:10:D8:34:54:EB:C1:0E:D3:0C:AA:AC:5F:A5:01
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 019FF7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2271436946211F0B1D42C7FDAE4EC9C.roa
Signing time: Thu 18 Sep 2025 07:41:00 +0000
ROA not before: Thu 18 Sep 2025 07:40:56 +0000
ROA not after: Fri 24 Oct 2025 07:40:56 +0000
asID: 214432
IP address blocks: 154.89.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106487 (0x19ff7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 18 07:40:56 2025 GMT
Not After : Oct 24 07:40:56 2025 GMT
Subject: CN=68cbb78c-6c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:3f:bb:21:a9:c0:85:c8:a9:2f:e8:76:e2:
3e:b4:df:0a:9f:e7:23:ea:1c:d8:eb:ba:8c:13:21:
32:36:78:81:a5:db:f2:4b:61:30:4a:aa:ce:3c:46:
6c:67:de:ad:cd:e2:be:ca:ce:d9:4e:9f:c5:4e:b4:
72:70:75:f9:d5:3f:09:8e:1a:ed:61:8a:c5:a1:ad:
7d:7d:13:02:53:2e:21:1f:42:98:0e:56:15:ca:13:
89:2a:0b:68:83:2e:59:2a:2c:0d:3f:65:5c:42:34:
3a:0c:cf:b8:07:d6:98:b0:69:ca:88:ce:fc:e1:d5:
4a:f8:ab:ef:87:85:86:fd:15:63:3a:ed:b8:9b:c2:
fa:2e:d7:5f:fb:39:b8:01:bb:a0:82:19:dc:26:7d:
18:1c:f8:c7:39:55:0b:27:c0:b3:e1:a5:2c:ad:bf:
88:46:70:9d:19:b0:34:79:f9:41:7e:2c:2b:01:9d:
88:2c:c0:30:26:e5:bf:71:00:82:ef:af:c1:eb:4e:
b0:d7:2c:ff:7f:18:0c:25:11:6b:65:7d:eb:20:a6:
6a:8a:14:f8:9f:1e:79:36:2e:95:05:d9:64:f3:df:
a2:aa:67:ac:54:65:10:ce:4a:18:56:89:25:be:10:
82:d7:8a:94:48:0d:26:bb:2d:e5:20:11:32:ab:2e:
3e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F8:94:87:DB:16:10:D8:34:54:EB:C1:0E:D3:0C:AA:AC:5F:A5:01
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2271436946211F0B1D42C7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
99:30:37:1c:ce:8f:dc:73:c8:bc:44:50:a8:82:32:01:ee:54:
e9:78:ed:0d:a0:0d:ff:07:c4:18:b0:ad:02:5d:89:42:ce:57:
a6:af:a8:42:5f:7e:3c:3c:85:fa:94:f0:2e:3c:fd:27:f8:d3:
45:a7:22:39:44:d7:bf:9b:28:12:26:fb:39:9b:60:d3:7c:1e:
bb:83:66:3a:8e:bd:61:84:17:e0:53:16:90:f5:52:e8:42:e4:
bc:ee:42:9f:93:9f:c8:3a:37:e9:3f:08:31:e0:62:2a:56:2e:
a4:a6:00:f3:de:c8:c7:c3:9f:e9:5c:ef:7e:d0:2d:05:e2:f5:
4c:01:a5:a1:44:4c:40:5a:9a:fd:7c:95:6f:68:be:24:b0:8e:
59:2c:9d:84:ae:71:1b:87:1e:d6:de:cb:f4:6e:44:50:e5:12:
4c:bc:9a:09:3a:ff:78:e3:af:7c:0f:1e:5c:2f:61:19:6a:dc:
67:d1:20:10:60:77:42:03:5e:98:b6:8f:27:47:b9:ef:82:ae:
68:5c:48:0a:5f:f0:26:b4:93:96:10:ec:5a:28:7e:6c:e5:1d:
21:55:d0:bd:19:50:b5:80:45:69:3e:8a:9e:bd:b7:43:d9:1c:
a7:dc:20:53:3a:63:c5:8b:7d:2e:da:91:63:47:68:e9:b2:28:
bd:06:3e:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZ/3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTE4MDc0MDU2WhcNMjUxMDI0MDc0MDU2WjAYMRYw
FAYDVQQDEw02OGNiYjc4Yy02YzNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoio/uyGpwIXIqS/oduI+tN8Kn+cj6hzY67qMEyEyNniBpdvyS2EwSqrO
PEZsZ96tzeK+ys7ZTp/FTrRycHX51T8JjhrtYYrFoa19fRMCUy4hH0KYDlYVyhOJ
Kgtogy5ZKiwNP2VcQjQ6DM+4B9aYsGnKiM784dVK+Kvvh4WG/RVjOu24m8L6Ltdf
+zm4AbugghncJn0YHPjHOVULJ8Cz4aUsrb+IRnCdGbA0eflBfiwrAZ2ILMAwJuW/
cQCC76/B606w1yz/fxgMJRFrZX3rIKZqihT4nx55Ni6VBdlk89+iqmesVGUQzkoY
VoklvhCC14qUSA0muy3lIBEyqy4+mQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM/4
lIfbFhDYNFTrwQ7TDKqsX6UBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjI3MTQzNjk0NjIxMUYwQjFENDJDN0ZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnCMA0GCSqGSIb3DQEB
CwUAA4IBAQCZMDcczo/cc8i8RFCogjIB7lTpeO0NoA3/B8QYsK0CXYlCzlemr6hC
X348PIX6lPAuPP0n+NNFpyI5RNe/mygSJvs5m2DTfB67g2Y6jr1hhBfgUxaQ9VLo
QuS87kKfk5/IOjfpPwgx4GIqVi6kpgDz3sjHw5/pXO9+0C0F4vVMAaWhRExAWpr9
fJVvaL4ksI5ZLJ2ErnEbhx7W3sv0bkRQ5RJMvJoJOv944698Dx5cL2EZatxn0SAQ
YHdCA16Yto8nR7nvgq5oXEgKX/AmtJOWEOxaKH5s5R0hVdC9GVC1gEVpPoqevbdD
2Ryn3CBTOmPFi30u2pFjR2jpsii9Bj7Y
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:01 2025 by rpki-client