Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9E3B652AA9711F096B66F9BDAE4EC9C.roa
File: D9E3B652AA9711F096B66F9BDAE4EC9C.roa (raw, json)
Hash identifier: yqXuYekYCE6FMEaRVySXWHwyLhZ01X1ioKktmBY9/zw=
Subject key identifier: E8:DF:B2:D2:E4:49:31:E4:1A:5C:74:80:95:EE:F9:12:52:24:B9:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A40D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9E3B652AA9711F096B66F9BDAE4EC9C.roa
Signing time: Thu 16 Oct 2025 13:56:02 +0000
ROA not before: Thu 16 Oct 2025 13:55:58 +0000
ROA not after: Fri 23 Jan 2026 13:55:58 +0000
asID: 328608
IP address blocks: 154.88.40.0/24 maxlen: 24
154.91.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107533 (0x1a40d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 16 13:55:58 2025 GMT
Not After : Jan 23 13:55:58 2026 GMT
Subject: CN=68f0f972-c978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3f:93:fd:50:2c:34:34:dc:24:a7:06:6f:cb:
7c:2a:2e:f5:bf:b2:19:e0:39:41:99:6f:22:2c:a0:
23:98:c3:fd:3d:f1:35:22:62:a5:bc:b3:30:b1:0c:
3a:f0:5f:68:27:97:d6:a3:e5:76:2c:5e:30:9b:63:
44:3a:d8:74:47:48:3e:86:62:2f:2d:eb:cf:c2:77:
9f:fd:a1:4e:50:ce:b3:5c:48:c2:ab:f4:7a:9f:15:
98:18:7a:04:44:a8:4f:10:80:8d:3a:0c:66:63:2d:
28:0b:b8:61:60:4c:60:fd:5c:50:7f:33:82:cf:d1:
31:cb:9c:85:a1:9b:2b:94:53:a3:bb:26:6f:0d:99:
da:a3:35:97:4d:12:e9:0a:4e:7c:35:7b:8c:ac:c5:
d0:76:a1:1a:3e:7d:28:d1:75:b9:44:04:d6:f4:b2:
88:e1:d4:16:db:b5:75:66:0d:b7:1b:f2:60:f8:ef:
0d:1d:6c:b2:7b:9d:da:31:5f:3f:d3:9a:68:52:ad:
86:d0:76:a3:65:75:53:fa:0e:fc:b5:70:e4:76:cc:
da:a4:c9:bd:ac:a4:b8:52:2b:cc:92:d9:2f:85:2e:
28:8d:b0:e2:39:06:54:67:1c:67:67:11:01:7d:65:
69:e1:85:2b:60:75:be:bf:68:22:22:21:fe:2b:03:
70:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DF:B2:D2:E4:49:31:E4:1A:5C:74:80:95:EE:F9:12:52:24:B9:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9E3B652AA9711F096B66F9BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.40.0/24
154.91.172.0/22
Signature Algorithm: sha256WithRSAEncryption
20:58:17:04:b1:db:4f:36:bf:0d:3d:55:1b:bf:fb:4d:16:bf:
01:38:e4:fe:89:f4:da:d5:9d:fa:e7:1e:50:dc:0d:26:43:a9:
64:4e:1e:67:40:02:63:d3:60:69:57:2b:06:83:a7:c7:7c:3a:
56:7b:6d:38:3f:51:3d:78:08:4a:a6:38:63:0c:56:14:d6:6f:
97:ca:da:b0:71:60:a8:9a:dc:dc:56:80:5b:6d:7f:6d:7a:d5:
ae:5f:85:06:cf:c2:28:3b:0a:36:e8:5d:74:3b:9f:c5:30:44:
1c:e4:7e:ce:3a:c2:cc:61:ef:49:de:af:d2:b6:a1:f1:0e:e8:
b0:35:cb:65:ec:d0:36:aa:1d:71:c8:41:43:80:37:ac:67:d3:
d5:4e:d8:d0:4e:39:5c:a0:6a:8c:a9:3a:69:44:1b:cd:c4:64:
59:96:41:77:e7:77:e7:33:26:15:08:4b:76:b1:fb:85:c2:cd:
cd:d7:44:e1:84:d1:08:4a:ab:97:ff:c1:2a:ef:9b:22:1c:d7:
bc:22:6b:c6:69:84:d9:93:82:96:74:95:bc:be:91:6a:a9:5e:
d7:98:17:e4:34:cb:1a:e8:f3:e3:3b:a3:60:54:2e:45:88:4e:
ec:45:8f:ac:d1:2b:39:0b:41:8d:df:50:81:b6:28:5e:32:11:
a5:64:0c:9e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaQNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE2MTM1NTU4WhcNMjYwMTIzMTM1NTU4WjAYMRYw
FAYDVQQDEw02OGYwZjk3Mi1jOTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvz+T/VAsNDTcJKcGb8t8Ki71v7IZ4DlBmW8iLKAjmMP9PfE1ImKlvLMw
sQw68F9oJ5fWo+V2LF4wm2NEOth0R0g+hmIvLevPwnef/aFOUM6zXEjCq/R6nxWY
GHoERKhPEICNOgxmYy0oC7hhYExg/VxQfzOCz9Exy5yFoZsrlFOjuyZvDZnaozWX
TRLpCk58NXuMrMXQdqEaPn0o0XW5RATW9LKI4dQW27V1Zg23G/Jg+O8NHWyye53a
MV8/05poUq2G0HajZXVT+g78tXDkdszapMm9rKS4UivMktkvhS4ojbDiOQZUZxxn
ZxEBfWVp4YUrYHW+v2giIiH+KwNw9wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFOjf
stLkSTHkGlx0gJXu+RJSJLlJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUUzQjY1MkFBOTcxMUYwOTZCNjZGOUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlgoAwQCmlusMA0GCSqG
SIb3DQEBCwUAA4IBAQAgWBcEsdtPNr8NPVUbv/tNFr8BOOT+ifTa1Z365x5Q3A0m
Q6lkTh5nQAJj02BpVysGg6fHfDpWe204P1E9eAhKpjhjDFYU1m+XytqwcWComtzc
VoBbbX9tetWuX4UGz8IoOwo26F10O5/FMEQc5H7OOsLMYe9J3q/StqHxDuiwNctl
7NA2qh1xyEFDgDesZ9PVTtjQTjlcoGqMqTppRBvNxGRZlkF353fnMyYVCEt2sfuF
ws3N10ThhNEISquX/8Eq75siHNe8ImvGaYTZk4KWdJW8vpFqqV7XmBfkNMsa6PPj
O6NgVC5FiE7sRY+s0Ss5C0GN31CBtiheMhGlZAye
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:39 2025 by rpki-client