Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3059ECEAB3511F0BEFC16A0DAE4EC9C.roa
File: D3059ECEAB3511F0BEFC16A0DAE4EC9C.roa (raw, json)
Hash identifier: Voc3WOBu03yNsZxgTAyC4zJCFmq1ldjhPy1+Fx7VHI0=
Subject key identifier: 67:12:F4:99:46:12:A0:1A:61:5B:F4:18:39:16:7A:3D:EE:FC:57:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A41A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3059ECEAB3511F0BEFC16A0DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 08:46:51 +0000
ROA not before: Fri 17 Oct 2025 08:46:45 +0000
ROA not after: Mon 24 Nov 2025 08:46:45 +0000
asID: 61414
IP address blocks: 154.217.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107546 (0x1a41a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 08:46:45 2025 GMT
Not After : Nov 24 08:46:45 2025 GMT
Subject: CN=68f2027b-b422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:41:79:6a:21:7a:b6:79:bc:6d:cb:81:ea:e9:
7c:46:60:67:83:43:ea:03:18:38:e4:df:0b:8b:dd:
62:d0:b4:8d:58:ab:0a:ff:93:21:8d:6c:e6:2d:59:
9a:22:7e:cc:f7:5e:55:a7:c1:7f:dc:e6:7b:79:aa:
45:3d:9f:f1:b6:74:07:0e:e2:fa:33:b1:3f:97:2c:
1d:30:17:90:a1:7a:e6:4c:0a:7c:98:7d:ea:64:c6:
f0:9b:e1:52:9b:51:e2:71:4b:5f:67:98:ff:c7:3b:
17:e9:d6:b5:65:a5:d2:4e:f0:99:2a:b3:e0:e6:40:
1f:b9:54:1a:18:50:ab:9b:3b:ee:f9:f9:5f:2b:ac:
87:b0:76:81:19:c5:86:49:c9:6e:8e:bb:cc:93:3c:
3a:f5:79:b7:aa:8d:62:48:9f:0d:0c:cf:7c:79:9c:
fb:37:45:ef:4d:66:c5:a2:59:18:d7:87:f8:06:8e:
b5:b1:c1:18:cf:d1:01:66:7e:6d:89:02:b3:16:4d:
01:45:fc:88:ab:a9:a1:71:ff:e6:86:89:d2:21:04:
2c:4f:af:94:72:7f:5a:4b:d7:4e:d4:16:e2:21:22:
34:aa:39:f0:c2:87:b0:7e:87:7a:20:c0:5a:8a:0a:
0e:f3:87:1f:d8:f7:d8:d9:4d:9e:67:ad:9b:de:73:
7e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:12:F4:99:46:12:A0:1A:61:5B:F4:18:39:16:7A:3D:EE:FC:57:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3059ECEAB3511F0BEFC16A0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.248.0/21
Signature Algorithm: sha256WithRSAEncryption
52:02:f9:81:d5:f7:1d:16:d2:6e:b1:c8:33:fd:02:3e:29:8f:
21:85:0e:89:f6:94:e6:b0:6c:9e:7a:1b:b9:1f:5b:35:e3:cf:
97:12:88:44:b5:ac:d6:ba:2c:3a:72:47:7c:a8:78:df:b0:b8:
76:eb:82:94:1e:5d:34:9c:99:f9:58:03:d5:54:2c:98:d1:93:
b7:65:e7:dd:05:82:68:17:c8:15:0b:07:a0:1d:5b:be:fa:ee:
b6:35:f8:fa:a5:c4:97:2b:0f:14:78:d6:d7:b0:c0:e8:2a:9c:
63:ca:89:7e:d2:35:f5:df:56:ef:67:9d:61:66:34:89:ee:d4:
b4:28:67:4f:d6:dc:b8:e1:7a:e0:5b:2f:cc:b0:55:f4:18:7a:
62:3e:c6:6d:83:1e:6b:ab:d9:40:7f:6c:7f:c6:e6:9d:22:49:
9f:e8:4d:af:54:b6:6b:99:4a:84:d1:27:76:c7:11:23:11:c8:
5d:80:06:67:d0:7d:4e:50:54:11:ba:9f:18:00:69:9c:8b:9a:
ce:a5:87:4e:2b:e3:6f:d1:95:7c:6a:29:19:57:89:89:9b:be:
a7:64:70:68:ae:10:0d:0a:52:6c:6f:64:26:b6:7b:64:bd:c8:
ee:3b:71:82:28:aa:7a:8c:93:20:18:26:a5:7d:f0:45:3c:b8:
19:f4:d3:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaQaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MDg0NjQ1WhcNMjUxMTI0MDg0NjQ1WjAYMRYw
FAYDVQQDEw02OGYyMDI3Yi1iNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8UF5aiF6tnm8bcuB6ul8RmBng0PqAxg45N8Li91i0LSNWKsK/5MhjWzm
LVmaIn7M915Vp8F/3OZ7eapFPZ/xtnQHDuL6M7E/lywdMBeQoXrmTAp8mH3qZMbw
m+FSm1HicUtfZ5j/xzsX6da1ZaXSTvCZKrPg5kAfuVQaGFCrmzvu+flfK6yHsHaB
GcWGSclujrvMkzw69Xm3qo1iSJ8NDM98eZz7N0XvTWbFolkY14f4Bo61scEYz9EB
Zn5tiQKzFk0BRfyIq6mhcf/mhonSIQQsT6+Ucn9aS9dO1BbiISI0qjnwwoewfod6
IMBaigoO84cf2PfY2U2eZ62b3nN+fwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGcS
9JlGEqAaYVv0GDkWej3u/Fd2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzA1OUVDRUFCMzUxMUYwQkVGQzE2QTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtn4MA0GCSqGSIb3DQEB
CwUAA4IBAQBSAvmB1fcdFtJuscgz/QI+KY8hhQ6J9pTmsGyeehu5H1s148+XEohE
tazWuiw6ckd8qHjfsLh264KUHl00nJn5WAPVVCyY0ZO3ZefdBYJoF8gVCwegHVu+
+u62Nfj6pcSXKw8UeNbXsMDoKpxjyol+0jX131bvZ51hZjSJ7tS0KGdP1ty44Xrg
Wy/MsFX0GHpiPsZtgx5rq9lAf2x/xuadIkmf6E2vVLZrmUqE0Sd2xxEjEchdgAZn
0H1OUFQRup8YAGmci5rOpYdOK+Nv0ZV8aikZV4mJm76nZHBorhANClJsb2Qmtntk
vcjuO3GCKKp6jJMgGCalffBFPLgZ9NOd
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:00 2025 by rpki-client