Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0B33A489DD611F0A59B80B1DAE4EC9C.roa
File: E0B33A489DD611F0A59B80B1DAE4EC9C.roa (raw, json)
Hash identifier: KotaZ+LWDHbi+Y2UE/acv0iNhrHvkhZ/3JKi//RLMpY=
Subject key identifier: 01:C0:00:96:45:5F:DF:68:7A:89:18:00:C0:0B:34:C0:AC:A1:EC:01
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0B33A489DD611F0A59B80B1DAE4EC9C.roa
Signing time: Tue 30 Sep 2025 08:24:27 +0000
ROA not before: Tue 30 Sep 2025 08:24:22 +0000
ROA not after: Wed 07 Oct 2026 08:24:22 +0000
asID: 141356
IP address blocks: 154.92.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106946 (0x1a1c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 30 08:24:22 2025 GMT
Not After : Oct 7 08:24:22 2026 GMT
Subject: CN=68db93bb-f647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ce:99:b8:8e:0b:8d:4a:8d:60:4f:a2:22:b8:
93:7a:a0:06:26:17:38:73:da:50:c6:48:11:a3:6c:
31:b1:93:9f:02:4d:18:5a:5a:37:6f:bf:bd:18:2b:
82:36:5b:99:16:3b:37:97:bd:ae:ad:1c:08:d1:ab:
aa:04:6b:ea:ac:74:39:86:8d:0a:1a:ea:19:4a:31:
cc:90:fa:74:e9:92:d9:98:74:18:c3:4b:27:1c:20:
60:3a:42:1a:fe:cb:b0:b5:d1:93:8a:a4:7a:f9:ed:
44:a0:5e:03:e3:81:58:d8:be:37:d4:d3:db:21:31:
61:12:7e:5c:1b:97:ba:7a:cb:87:50:78:ad:77:5e:
79:c2:c3:64:f6:89:b7:a1:44:11:3a:43:bc:f7:2d:
48:13:18:0d:06:17:92:6e:21:9c:ac:c1:3d:79:16:
58:53:cc:5f:dd:d0:ff:65:9e:ee:bb:da:d8:3e:d2:
89:3f:9e:87:e0:a8:ed:9a:c9:94:48:f0:9c:58:42:
98:3c:c4:ef:bc:4a:25:e2:52:85:03:15:eb:b2:3b:
c6:83:21:d1:1c:79:48:1c:ea:df:f8:2b:7c:f8:16:
20:e3:88:98:6c:8c:fd:ab:bf:f1:01:a4:44:91:91:
5c:68:ef:6a:59:08:c3:30:6a:95:a1:0b:b7:64:30:
87:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C0:00:96:45:5F:DF:68:7A:89:18:00:C0:0B:34:C0:AC:A1:EC:01
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0B33A489DD611F0A59B80B1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.108.0/22
Signature Algorithm: sha256WithRSAEncryption
71:b7:08:3b:1a:3a:6d:b0:49:52:ca:8d:d9:d0:2b:e4:5f:24:
ff:01:c3:92:72:36:67:e3:e5:20:f1:46:b2:1d:0b:14:bf:a1:
cb:fb:95:03:51:ec:9a:b2:11:b7:d0:fa:20:ea:ef:fc:85:28:
27:d0:46:f1:20:33:84:d5:04:f4:cb:20:13:06:ef:47:9e:01:
0e:23:01:98:5f:3d:48:64:ad:b5:7e:9a:bd:d3:b9:28:26:9a:
48:29:34:d6:c5:5b:b1:a7:d1:e9:eb:f8:7e:db:00:f9:91:8e:
e0:32:49:11:b1:92:a0:ec:05:91:3f:f2:73:36:9f:5f:aa:67:
c7:dc:56:63:3a:e7:1a:ce:95:e5:c3:5f:97:04:3c:d2:cc:06:
3f:0e:00:f7:9c:06:a5:2e:be:e3:c2:b8:46:92:9f:60:ae:17:
3e:08:54:0a:2a:c3:f8:d1:90:de:e1:50:88:b4:ee:3c:0b:93:
68:bd:64:15:d0:d5:44:5b:00:75:9c:a4:f7:2f:70:e7:88:63:
87:08:99:66:7d:1c:60:22:9f:98:71:b2:cc:32:65:fd:92:b4:
62:b4:d9:21:f1:b5:fd:ea:fd:d4:c7:58:48:58:3d:78:bf:00:
a1:46:4d:f5:2b:bb:e8:a4:2b:df:32:b0:f5:18:80:f3:98:53:
b9:70:3a:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaHCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTMwMDgyNDIyWhcNMjYxMDA3MDgyNDIyWjAYMRYw
FAYDVQQDEw02OGRiOTNiYi1mNjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA786ZuI4LjUqNYE+iIriTeqAGJhc4c9pQxkgRo2wxsZOfAk0YWlo3b7+9
GCuCNluZFjs3l72urRwI0auqBGvqrHQ5ho0KGuoZSjHMkPp06ZLZmHQYw0snHCBg
OkIa/suwtdGTiqR6+e1EoF4D44FY2L431NPbITFhEn5cG5e6esuHUHitd155wsNk
9om3oUQROkO89y1IExgNBheSbiGcrME9eRZYU8xf3dD/ZZ7uu9rYPtKJP56H4Kjt
msmUSPCcWEKYPMTvvEol4lKFAxXrsjvGgyHRHHlIHOrf+Ct8+BYg44iYbIz9q7/x
AaREkZFcaO9qWQjDMGqVoQu3ZDCHlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAHA
AJZFX99oeokYAMALNMCsoewBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMEIzM0E0ODlERDYxMUYwQTU5QjgwQjFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlxsMA0GCSqGSIb3DQEB
CwUAA4IBAQBxtwg7GjptsElSyo3Z0CvkXyT/AcOScjZn4+Ug8UayHQsUv6HL+5UD
UeyashG30Pog6u/8hSgn0EbxIDOE1QT0yyATBu9HngEOIwGYXz1IZK21fpq907ko
JppIKTTWxVuxp9Hp6/h+2wD5kY7gMkkRsZKg7AWRP/JzNp9fqmfH3FZjOucazpXl
w1+XBDzSzAY/DgD3nAalLr7jwrhGkp9grhc+CFQKKsP40ZDe4VCItO48C5NovWQV
0NVEWwB1nKT3L3DniGOHCJlmfRxgIp+YcbLMMmX9krRitNkh8bX96v3Ux1hIWD14
vwChRk31K7vopCvfMrD1GIDzmFO5cDrK
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:42 2025 by rpki-client