Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E197A68E955111F0968AB281DAE4EC9C.roa
File: E197A68E955111F0968AB281DAE4EC9C.roa (raw, json)
Hash identifier: axJR28R7aSoBjv0Slf8Ejxg36gh6XUDJq5eIaRB5oug=
Subject key identifier: 8A:0C:31:C1:D9:37:31:CE:85:FD:FC:D6:13:AE:AB:7F:87:51:E4:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A02F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E197A68E955111F0968AB281DAE4EC9C.roa
Signing time: Fri 19 Sep 2025 12:12:16 +0000
ROA not before: Fri 19 Sep 2025 12:12:10 +0000
ROA not after: Mon 26 Oct 2026 12:12:10 +0000
asID: 214483
IP address blocks: 154.202.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106543 (0x1a02f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 19 12:12:10 2025 GMT
Not After : Oct 26 12:12:10 2026 GMT
Subject: CN=68cd48a0-5a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:93:b5:79:1d:9d:58:a5:5e:85:4c:70:ee:1b:
f5:57:80:85:99:be:a3:21:f7:a2:75:3b:8a:f2:f1:
f7:e4:83:f5:6c:b5:54:1a:cb:f3:b7:9c:56:d7:45:
d6:5a:7e:f0:37:4d:6a:4e:12:30:73:7a:88:90:9d:
42:0d:80:01:a3:1d:87:76:89:1b:f3:a8:ab:53:44:
e3:57:41:f0:8c:5a:9e:9b:2b:1a:f2:34:4a:f0:90:
cb:2b:ea:93:4f:c7:0e:5c:d6:91:f9:ec:30:16:6c:
7f:ac:54:d9:a0:59:41:0b:71:42:e6:87:74:5e:a5:
1c:5f:ea:32:e3:d1:07:69:bc:16:1e:36:e7:70:23:
79:a3:aa:ae:e5:78:54:94:2b:3b:6c:e2:5a:38:18:
82:c3:e8:46:75:22:88:1d:94:50:21:e2:81:81:5b:
09:64:40:52:db:65:23:fe:92:cb:e8:50:c4:77:d1:
93:c0:58:28:62:e6:0f:83:61:a8:b4:24:6b:5c:14:
91:e0:f7:f1:13:49:95:4e:8d:15:6d:9d:05:2e:6e:
e6:d9:31:80:40:01:eb:4d:bc:81:e2:0b:27:86:5e:
12:61:bb:d3:2c:43:a3:55:c2:bb:a7:77:79:c0:db:
39:c6:e0:83:ea:a5:74:6f:a6:2d:64:a0:a3:74:fe:
d7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0C:31:C1:D9:37:31:CE:85:FD:FC:D6:13:AE:AB:7F:87:51:E4:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E197A68E955111F0968AB281DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.128.0/21
Signature Algorithm: sha256WithRSAEncryption
06:3a:f5:e7:c3:9d:9f:7d:4b:47:1e:66:b0:12:8e:76:31:31:
08:df:97:d9:e0:a6:3d:51:82:a6:d5:43:b1:a4:f8:75:47:41:
81:6b:fe:32:26:a9:61:b6:15:ed:d9:a1:b8:4b:ae:77:43:da:
48:66:86:b1:a0:fe:ef:82:9a:18:e4:be:04:2c:dd:11:9a:0c:
41:a7:7f:d0:cb:09:66:9b:44:85:b5:73:06:5d:dc:44:c8:7b:
95:bb:62:b0:6d:09:42:e4:87:54:6d:ca:a2:66:f3:91:80:cf:
df:4f:6d:45:55:a7:e0:92:b1:79:ba:84:59:6f:44:c3:a7:b2:
c7:22:8b:48:71:fd:92:a5:ee:4b:41:73:bb:78:45:f4:45:b8:
f6:8e:0f:3f:31:4a:78:6c:48:3e:33:3c:45:97:7d:dc:34:d3:
69:88:d6:ce:ca:5c:88:83:17:9f:79:56:9e:b6:bf:c1:ff:9c:
2c:75:4f:17:9e:6a:0a:aa:cd:f9:86:fe:fc:3b:25:f7:4b:d2:
2b:2a:87:08:f3:2f:d4:0f:11:84:14:f1:66:0d:3e:4e:ee:3c:
f7:79:4b:41:68:9d:7a:ed:65:e0:61:a7:a8:d1:80:d4:c9:c3:
03:86:40:6e:ed:5b:03:4a:e1:47:7c:99:3e:05:1c:92:a0:6d:
7c:f0:dc:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaAvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTE5MTIxMjEwWhcNMjYxMDI2MTIxMjEwWjAYMRYw
FAYDVQQDEw02OGNkNDhhMC01YTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyZO1eR2dWKVehUxw7hv1V4CFmb6jIfeidTuK8vH35IP1bLVUGsvzt5xW
10XWWn7wN01qThIwc3qIkJ1CDYABox2Hdokb86irU0TjV0HwjFqemysa8jRK8JDL
K+qTT8cOXNaR+ewwFmx/rFTZoFlBC3FC5od0XqUcX+oy49EHabwWHjbncCN5o6qu
5XhUlCs7bOJaOBiCw+hGdSKIHZRQIeKBgVsJZEBS22Uj/pLL6FDEd9GTwFgoYuYP
g2GotCRrXBSR4PfxE0mVTo0VbZ0FLm7m2TGAQAHrTbyB4gsnhl4SYbvTLEOjVcK7
p3d5wNs5xuCD6qV0b6YtZKCjdP7XZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIoM
McHZNzHOhf381hOuq3+HUeSJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMTk3QTY4RTk1NTExMUYwOTY4QUIyODFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsqAMA0GCSqGSIb3DQEB
CwUAA4IBAQAGOvXnw52ffUtHHmawEo52MTEI35fZ4KY9UYKm1UOxpPh1R0GBa/4y
JqlhthXt2aG4S653Q9pIZoaxoP7vgpoY5L4ELN0RmgxBp3/Qywlmm0SFtXMGXdxE
yHuVu2KwbQlC5IdUbcqiZvORgM/fT21FVafgkrF5uoRZb0TDp7LHIotIcf2Spe5L
QXO7eEX0Rbj2jg8/MUp4bEg+MzxFl33cNNNpiNbOylyIgxefeVaetr/B/5wsdU8X
nmoKqs35hv78OyX3S9IrKocI8y/UDxGEFPFmDT5O7jz3eUtBaJ167WXgYaeo0YDU
ycMDhkBu7VsDSuFHfJk+BRySoG188NxV
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:39 2025 by rpki-client