Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F36E1E229DE111F0958B7DF6DAE4EC9C.roa
File: F36E1E229DE111F0958B7DF6DAE4EC9C.roa (raw, json)
Hash identifier: Rhibtd7Nllqbk0BOkX81f0jFrAHoTa6AL9D2DBzlk3o=
Subject key identifier: 78:0A:66:94:FC:7B:AF:EE:B7:40:0F:D1:80:24:3A:91:B7:E2:88:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A1CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F36E1E229DE111F0958B7DF6DAE4EC9C.roa
Signing time: Tue 30 Sep 2025 09:43:43 +0000
ROA not before: Tue 30 Sep 2025 09:43:38 +0000
ROA not after: Wed 12 Nov 2025 09:43:38 +0000
asID: 57043
IP address blocks: 154.86.2.0/24 maxlen: 24
154.86.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106956 (0x1a1cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 30 09:43:38 2025 GMT
Not After : Nov 12 09:43:38 2025 GMT
Subject: CN=68dba64f-1e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:0b:e4:3f:ec:5c:24:ac:4f:07:b5:2a:fe:66:
8d:51:6e:4e:70:81:17:26:7f:bb:f8:31:7c:91:3a:
50:70:43:13:ff:3e:82:bd:ce:be:df:08:75:13:33:
77:b7:5b:a1:0d:23:af:d8:80:45:ed:13:c1:92:5d:
a4:87:4d:be:f5:8e:58:16:68:26:ea:a0:90:a6:44:
51:03:98:48:5d:91:9e:68:5a:df:d2:87:08:ac:1a:
99:77:dc:f5:aa:a2:f8:ca:9e:18:a4:c5:a7:7c:7d:
30:21:70:57:44:bb:00:dd:ba:19:9b:a3:c1:51:c0:
8a:61:a6:0a:70:cb:5d:b7:af:28:26:ef:2b:2a:e0:
a2:48:30:25:a5:9c:ff:f4:44:f3:f3:52:b1:d8:98:
3a:98:f6:7f:40:14:2c:c9:c7:73:99:af:cc:cf:85:
00:bd:1c:3c:c9:92:2b:c0:c8:7e:06:59:c9:ed:82:
2c:3d:1c:13:dc:71:0a:b2:9a:89:f9:db:d8:03:78:
e6:06:83:37:cc:34:24:f2:2b:63:3b:d6:09:9a:07:
07:7d:c4:53:bc:2f:38:90:d4:d2:db:1c:4b:bb:37:
7f:a6:62:04:5f:25:b4:ef:c8:80:73:f9:69:f3:a7:
94:6e:38:07:22:a3:68:02:c5:fc:7d:1e:c3:07:51:
6e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0A:66:94:FC:7B:AF:EE:B7:40:0F:D1:80:24:3A:91:B7:E2:88:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F36E1E229DE111F0958B7DF6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.2.0/23
Signature Algorithm: sha256WithRSAEncryption
d6:69:71:bd:62:ce:3c:aa:e2:72:ff:d6:91:75:da:5a:36:ed:
f1:37:a1:24:1f:c8:f3:0a:35:f7:cb:cc:48:a3:20:fe:af:68:
06:cb:ce:e6:cd:5c:e1:b1:ac:f3:26:b1:49:ed:8a:19:62:00:
06:24:ce:93:24:f5:fb:88:88:1e:c5:bc:de:0a:36:b3:de:d2:
47:20:d0:3b:1d:bb:4d:58:8c:09:fe:7e:97:cb:90:db:fd:07:
75:e8:0a:cd:54:3d:e6:37:80:33:cd:5e:82:62:23:5d:b5:7c:
f9:c8:43:ca:a2:19:e2:8e:66:ac:46:53:38:b7:42:ea:ba:cf:
65:ee:92:40:18:2d:b0:d6:29:17:dc:7f:6f:ca:a2:8e:04:4b:
bc:87:97:4f:5b:8c:d5:49:b1:cc:8d:e3:75:b2:4a:e0:43:7a:
ae:b2:2f:93:0b:27:47:3f:64:a1:96:a7:63:88:19:f3:7a:fe:
e0:56:2f:5c:ba:81:63:50:57:07:a4:12:bd:33:26:34:24:e3:
ad:0b:d5:ce:70:59:48:81:cb:1a:99:b5:5f:c3:d0:11:05:8a:
81:5c:03:86:c6:8b:57:29:ef:0e:10:40:bb:28:ce:bb:78:a4:
3d:85:a0:56:dc:04:03:11:d0:93:ca:1a:6e:92:42:ae:20:b8:
51:2d:83:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaHMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTMwMDk0MzM4WhcNMjUxMTEyMDk0MzM4WjAYMRYw
FAYDVQQDEw02OGRiYTY0Zi0xZTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9gvkP+xcJKxPB7Uq/maNUW5OcIEXJn+7+DF8kTpQcEMT/z6Cvc6+3wh1
EzN3t1uhDSOv2IBF7RPBkl2kh02+9Y5YFmgm6qCQpkRRA5hIXZGeaFrf0ocIrBqZ
d9z1qqL4yp4YpMWnfH0wIXBXRLsA3boZm6PBUcCKYaYKcMtdt68oJu8rKuCiSDAl
pZz/9ETz81Kx2Jg6mPZ/QBQsycdzma/Mz4UAvRw8yZIrwMh+BlnJ7YIsPRwT3HEK
spqJ+dvYA3jmBoM3zDQk8itjO9YJmgcHfcRTvC84kNTS2xxLuzd/pmIEXyW078iA
c/lp86eUbjgHIqNoAsX8fR7DB1FuMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHgK
ZpT8e6/ut0AP0YAkOpG34oj4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMzZFMUUyMjlERTExMUYwOTU4QjdERjZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlYCMA0GCSqGSIb3DQEB
CwUAA4IBAQDWaXG9Ys48quJy/9aRddpaNu3xN6EkH8jzCjX3y8xIoyD+r2gGy87m
zVzhsazzJrFJ7YoZYgAGJM6TJPX7iIgexbzeCjaz3tJHINA7HbtNWIwJ/n6Xy5Db
/Qd16ArNVD3mN4AzzV6CYiNdtXz5yEPKohnijmasRlM4t0Lqus9l7pJAGC2w1ikX
3H9vyqKOBEu8h5dPW4zVSbHMjeN1skrgQ3qusi+TCydHP2ShlqdjiBnzev7gVi9c
uoFjUFcHpBK9MyY0JOOtC9XOcFlIgcsambVfw9ARBYqBXAOGxotXKe8OEEC7KM67
eKQ9haBW3AQDEdCTyhpukkKuILhRLYP0
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:27 2025 by rpki-client