Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB8A2CBEAB5B11F09F371B90DAE4EC9C.roa
File: EB8A2CBEAB5B11F09F371B90DAE4EC9C.roa (raw, json)
Hash identifier: EOwQqO3oYQH10pf33Mv0d1+Ft8jd6bnFUMzkRxTp5pc=
Subject key identifier: F3:EB:70:7F:22:88:FC:C6:33:0E:79:97:8C:1F:9C:D7:94:8A:21:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A42C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB8A2CBEAB5B11F09F371B90DAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:19:33 +0000
ROA not before: Fri 17 Oct 2025 13:19:28 +0000
ROA not after: Mon 24 Nov 2025 13:19:28 +0000
asID: 139923
IP address blocks: 154.89.151.0/24 maxlen: 24
154.89.152.0/23 maxlen: 24
154.89.157.0/24 maxlen: 24
154.95.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107564 (0x1a42c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 17 13:19:28 2025 GMT
Not After : Nov 24 13:19:28 2025 GMT
Subject: CN=68f24265-d75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:41:fb:ca:84:ab:02:9a:59:58:4b:af:e0:88:
07:98:7a:d6:95:10:76:4a:83:de:f6:a7:e5:bc:b2:
7b:e1:d5:7d:b1:88:94:3a:6e:d9:6d:4c:aa:50:65:
f2:d7:78:a2:cb:3d:fc:f2:3d:94:54:1c:f8:27:52:
cd:0f:0a:ac:9b:3c:dd:94:82:5d:6c:6b:95:56:54:
66:d2:be:cb:d9:91:b9:dd:3d:38:74:05:e4:02:33:
2f:d9:b4:d5:fe:38:fc:36:54:fd:43:82:7d:34:d4:
58:dd:8b:7b:02:98:14:76:8d:50:30:de:92:ed:52:
1f:e8:1e:83:91:e0:b9:ff:eb:68:75:ff:e2:cd:fd:
1b:ec:0d:d3:f5:2d:ad:39:0e:e7:03:a1:8c:de:3c:
05:19:c4:d0:62:ce:60:74:36:e2:92:64:a2:4a:c6:
cb:10:6e:35:ea:06:df:be:6b:92:f6:32:d7:8f:4d:
f1:d3:a1:4c:6a:df:53:ba:4b:ea:ff:57:bc:bb:92:
11:07:b3:8e:c9:28:54:23:cf:cc:d0:a9:8b:fc:36:
ab:82:88:d9:49:aa:b1:ea:3d:d1:ba:71:64:b5:20:
05:ac:84:6c:06:88:52:83:3d:87:cc:0d:40:02:7f:
d0:92:b4:56:4a:56:b3:42:5c:16:0c:01:9a:4f:42:
af:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EB:70:7F:22:88:FC:C6:33:0E:79:97:8C:1F:9C:D7:94:8A:21:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB8A2CBEAB5B11F09F371B90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.151.0-154.89.153.255
154.89.157.0/24
154.95.24.0/24
Signature Algorithm: sha256WithRSAEncryption
17:3b:30:04:59:1e:ed:67:dc:61:09:d7:ec:1a:13:e5:de:b1:
ad:91:84:94:96:d9:ff:24:ad:53:b4:2d:3b:76:22:53:7e:ab:
e9:06:89:cb:2e:0e:32:66:31:28:ee:ce:bb:97:38:f5:76:08:
8c:fa:95:1a:8a:21:23:37:75:22:86:a9:08:ec:c4:e5:d4:8d:
aa:eb:f5:ab:b9:76:6c:05:82:68:d1:bf:6d:0b:52:5c:a0:b8:
04:03:17:65:c6:70:e7:ae:e7:30:25:3a:28:94:f2:9e:1f:ea:
ae:bd:4f:0a:30:c2:2d:1a:5f:21:0c:c9:f6:73:b9:6b:f5:26:
7d:1e:54:b5:b8:6f:98:88:be:ff:67:0b:44:68:b5:b9:1a:74:
61:e5:30:4b:88:eb:37:6e:22:5a:e1:32:f4:af:b2:53:76:b5:
c0:1e:81:a9:c8:2e:ac:cb:f5:0f:ac:41:e8:3c:19:31:df:0f:
f4:3a:6e:80:ea:49:ee:d4:1f:88:72:16:bf:bb:b2:fb:eb:c8:
0a:c0:c4:1c:5d:8f:45:3b:57:dd:40:5f:4a:20:52:41:64:42:
51:be:2f:b6:26:1e:93:ef:4d:b3:3f:54:11:52:5b:6c:d8:4f:
0e:77:91:95:bd:ad:98:06:7d:7a:ce:38:41:3a:2c:10:4a:5c:
98:5c:e5:67
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAaQsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDE3MTMxOTI4WhcNMjUxMTI0MTMxOTI4WjAYMRYw
FAYDVQQDEw02OGYyNDI2NS1kNzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA30H7yoSrAppZWEuv4IgHmHrWlRB2SoPe9qflvLJ74dV9sYiUOm7ZbUyq
UGXy13iiyz388j2UVBz4J1LNDwqsmzzdlIJdbGuVVlRm0r7L2ZG53T04dAXkAjMv
2bTV/jj8NlT9Q4J9NNRY3Yt7ApgUdo1QMN6S7VIf6B6DkeC5/+todf/izf0b7A3T
9S2tOQ7nA6GM3jwFGcTQYs5gdDbikmSiSsbLEG416gbfvmuS9jLXj03x06FMat9T
ukvq/1e8u5IRB7OOyShUI8/M0KmL/DargojZSaqx6j3RunFktSAFrIRsBohSgz2H
zA1AAn/QkrRWSlazQlwWDAGaT0KveQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFPPr
cH8iiPzGMw55l4wfnNeUiiFRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQjhBMkNCRUFCNUIxMUYwOUYzNzFCOTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACaWZcDBAGaWZgDBACa
WZ0DBACaXxgwDQYJKoZIhvcNAQELBQADggEBABc7MARZHu1n3GEJ1+waE+Xesa2R
hJSW2f8krVO0LTt2IlN+q+kGicsuDjJmMSjuzruXOPV2CIz6lRqKISM3dSKGqQjs
xOXUjarr9au5dmwFgmjRv20LUlyguAQDF2XGcOeu5zAlOiiU8p4f6q69Twowwi0a
XyEMyfZzuWv1Jn0eVLW4b5iIvv9nC0RotbkadGHlMEuI6zduIlrhMvSvslN2tcAe
ganILqzL9Q+sQeg8GTHfD/Q6boDqSe7UH4hyFr+7svvryArAxBxdj0U7V91AX0og
UkFkQlG+L7YmHpPvTbM/VBFSW2zYTw53kZW9rZgGfXrOOEE6LBBKXJhc5Wc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:14 2025 by rpki-client