Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E072668A9D7711F0BB9CCDBADAE4EC9C.roa
File: E072668A9D7711F0BB9CCDBADAE4EC9C.roa (raw, json)
Hash identifier: 0W5VW9uKx8+jfKCoF1P5UJNYEP1Z76IdgseaticaB1Q=
Subject key identifier: DA:E9:90:6A:1C:CB:25:E3:18:80:A0:A6:D6:78:2C:7C:F0:61:86:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A18B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E072668A9D7711F0BB9CCDBADAE4EC9C.roa
Signing time: Mon 29 Sep 2025 21:04:24 +0000
ROA not before: Mon 29 Sep 2025 21:04:20 +0000
ROA not after: Tue 04 Nov 2025 21:04:20 +0000
asID: 151407
IP address blocks: 154.88.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106891 (0x1a18b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 21:04:20 2025 GMT
Not After : Nov 4 21:04:20 2025 GMT
Subject: CN=68daf458-3dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0d:ce:07:00:49:04:58:e2:cb:22:15:b4:4c:
cc:91:0c:58:fd:64:7b:43:e4:bc:b2:9f:87:2e:d5:
97:7a:e4:fb:aa:81:09:5a:0c:80:d0:96:d3:9d:50:
7a:d6:de:57:8f:f1:b2:15:d1:57:70:d8:62:26:32:
d4:68:fd:7b:8e:43:d4:8b:a4:9e:79:7f:da:ff:8f:
74:60:7b:0d:b3:0b:27:ca:5f:90:2b:a6:1f:2a:25:
56:1a:d7:fa:5f:75:de:75:1e:e3:e5:e5:c6:0b:0a:
ca:5e:24:df:51:75:e0:c2:70:57:06:f7:89:36:99:
0c:7f:44:ba:aa:4e:b7:a1:e4:ea:58:7a:84:e3:2a:
41:c6:fd:c3:bf:5b:87:da:e9:bb:3c:12:59:ff:57:
fd:49:ce:45:0d:ed:78:99:97:0b:4d:e6:35:ab:44:
e1:1b:e5:35:89:67:54:1a:68:0d:a3:ae:6b:d5:60:
76:a4:9b:74:3a:06:ab:68:ea:d1:45:07:65:d9:25:
a3:c5:0f:c4:02:b7:b0:9f:ee:a0:da:6a:bd:16:b7:
fb:42:ad:aa:a9:77:9b:39:b5:52:c4:ef:ad:dd:5d:
1f:90:cb:86:cf:e7:44:f5:e7:d9:92:4e:e5:77:e3:
9b:44:31:39:f3:ae:9d:23:cd:92:51:ef:77:ef:ae:
f6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E9:90:6A:1C:CB:25:E3:18:80:A0:A6:D6:78:2C:7C:F0:61:86:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E072668A9D7711F0BB9CCDBADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
68:95:fc:0c:37:01:45:34:0e:3a:6f:0a:b6:5f:20:8b:b9:03:
3e:14:34:d1:9d:45:cf:2e:14:cd:ce:5b:64:07:6b:7d:f0:46:
a8:40:36:b1:01:43:89:9d:16:5d:3e:82:26:58:fb:37:e8:12:
02:70:5d:53:d9:d1:fe:81:94:ed:21:93:f6:1e:1f:bb:45:32:
77:3f:2b:73:8c:8d:6b:95:2a:d5:f4:c8:14:78:53:ba:db:54:
8b:23:92:5e:e5:91:b7:2d:ce:9e:25:53:00:cd:b1:80:97:5d:
a3:ad:bb:92:84:26:3b:c1:48:26:af:87:23:e3:85:c4:56:31:
4e:db:e9:ad:fb:61:e2:35:ea:09:62:bf:78:a4:01:a5:86:d5:
65:c2:02:6c:26:19:0f:1a:9f:4c:80:3e:be:ca:23:2e:26:02:
10:4b:d3:dd:41:26:0c:a3:f8:49:f7:94:45:ab:09:35:22:de:
25:62:04:18:4b:7a:9b:f6:b4:81:6a:91:f4:1e:60:61:15:57:
ad:c2:e2:71:f5:81:e5:9a:bc:0f:2e:af:7b:4d:22:fa:83:41:
76:91:e7:ac:da:11:c9:75:61:c8:9a:07:53:f4:ef:8d:29:8e:
ed:86:00:62:24:a5:3a:52:56:5e:e4:21:3b:f9:ca:bf:20:71:
99:1b:bf:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaGLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI5MjEwNDIwWhcNMjUxMTA0MjEwNDIwWjAYMRYw
FAYDVQQDEw02OGRhZjQ1OC0zZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAug3OBwBJBFjiyyIVtEzMkQxY/WR7Q+S8sp+HLtWXeuT7qoEJWgyA0JbT
nVB61t5Xj/GyFdFXcNhiJjLUaP17jkPUi6SeeX/a/490YHsNswsnyl+QK6YfKiVW
Gtf6X3XedR7j5eXGCwrKXiTfUXXgwnBXBveJNpkMf0S6qk63oeTqWHqE4ypBxv3D
v1uH2um7PBJZ/1f9Sc5FDe14mZcLTeY1q0ThG+U1iWdUGmgNo65r1WB2pJt0Ogar
aOrRRQdl2SWjxQ/EArewn+6g2mq9Frf7Qq2qqXebObVSxO+t3V0fkMuGz+dE9efZ
kk7ld+ObRDE5866dI82SUe937672JQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNrp
kGocyyXjGICgptZ4LHzwYYZLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMDcyNjY4QTlENzcxMUYwQkI5Q0NEQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhAMA0GCSqGSIb3DQEB
CwUAA4IBAQBolfwMNwFFNA46bwq2XyCLuQM+FDTRnUXPLhTNzltkB2t98EaoQDax
AUOJnRZdPoImWPs36BICcF1T2dH+gZTtIZP2Hh+7RTJ3PytzjI1rlSrV9MgUeFO6
21SLI5Je5ZG3Lc6eJVMAzbGAl12jrbuShCY7wUgmr4cj44XEVjFO2+mt+2HiNeoJ
Yr94pAGlhtVlwgJsJhkPGp9MgD6+yiMuJgIQS9PdQSYMo/hJ95RFqwk1It4lYgQY
S3qb9rSBapH0HmBhFVetwuJx9YHlmrwPLq97TSL6g0F2kees2hHJdWHImgdT9O+N
KY7thgBiJKU6UlZe5CE7+cq/IHGZG7/L
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:58 2025 by rpki-client