Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8BA64AC998C11F0893F7CD9DAE4EC9C.roa
File: F8BA64AC998C11F0893F7CD9DAE4EC9C.roa (raw, json)
Hash identifier: LPMAHJ/OCgr+cGqyvDeC502MCbEBmDttKSAvi8uN7B0=
Subject key identifier: D3:18:2C:2D:E3:E2:F1:1C:B1:61:55:CA:E9:A3:F7:27:84:17:F1:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A0CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8BA64AC998C11F0893F7CD9DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 21:25:20 +0000
ROA not before: Wed 24 Sep 2025 21:25:15 +0000
ROA not after: Tue 21 Oct 2025 21:25:15 +0000
asID: 141883
IP address blocks: 154.214.32.0/19 maxlen: 24
154.216.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106702 (0x1a0ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 24 21:25:15 2025 GMT
Not After : Oct 21 21:25:15 2025 GMT
Subject: CN=68d461c0-5596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:43:3c:03:44:38:bb:b2:9e:3b:05:c4:e6:37:
18:6b:33:5a:f2:44:9c:b8:f0:cb:1a:4e:11:e8:58:
0d:5f:c6:77:68:3c:1c:a2:bb:6c:b7:24:7c:75:e9:
b4:40:0d:7a:cd:94:c9:46:ef:01:53:fc:6b:c8:9c:
8a:e8:5b:5f:1f:86:df:e3:77:90:c4:37:d7:a4:7f:
79:1b:d6:b4:74:54:6b:e8:31:04:58:8a:a1:5b:8b:
60:12:9d:69:a5:cf:a4:86:94:8d:92:e3:25:24:61:
ed:88:9f:c8:32:c2:00:86:5e:c6:eb:ac:ab:7a:6d:
5c:8c:71:af:67:24:ed:eb:b7:6d:ca:0f:b1:e7:90:
6c:c8:41:b5:a0:c7:77:4a:17:0c:07:c5:be:12:ec:
2a:a2:d4:3d:2e:55:70:f8:af:90:98:2c:56:18:45:
61:8f:eb:4f:56:55:bc:d1:6c:75:82:9e:8b:b1:d5:
dd:52:76:58:f7:51:4d:11:6f:82:a8:46:01:e9:fb:
b7:6b:ec:e9:73:01:88:42:d4:3a:7e:a8:95:04:25:
bb:17:c5:8b:3f:a4:6b:02:1e:da:87:6c:a2:52:2e:
bd:8a:ab:eb:3c:8c:28:5a:64:56:dd:7f:fb:52:59:
de:6b:e6:70:a2:91:b8:06:02:c9:00:b1:54:c5:33:
61:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:18:2C:2D:E3:E2:F1:1C:B1:61:55:CA:E9:A3:F7:27:84:17:F1:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F8BA64AC998C11F0893F7CD9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
25:26:af:26:73:d9:cb:ce:cd:f9:ce:30:71:2f:ba:2b:e2:ae:
31:38:8c:ea:7c:78:69:f9:ca:b9:53:f3:a4:81:29:8e:67:8d:
dc:10:84:36:08:ad:72:c2:97:b4:03:e0:0b:e4:1f:79:08:ff:
78:47:d2:b1:b8:13:99:12:ab:53:84:fd:9a:4a:46:69:9a:bf:
a7:42:1a:e0:4c:3f:30:35:54:bd:2e:c0:18:84:b2:ab:e4:4a:
77:c2:05:f8:a9:a9:4c:5d:2c:3e:c8:a1:04:7a:ae:24:3b:32:
48:9d:d6:b0:ba:8a:31:0a:b2:8c:9b:b4:39:5e:37:97:50:40:
b9:4f:f0:a0:a8:bc:df:5e:03:8c:aa:9a:69:a5:c7:4e:ee:c7:
83:01:6d:73:c6:35:04:f2:91:83:31:a1:d3:e2:83:6f:d7:7e:
e4:5b:08:8c:63:40:8f:a4:01:90:1c:d2:dc:3e:05:5a:28:bb:
15:bb:f4:59:ca:13:52:f2:5c:75:e1:92:62:d7:40:45:ea:19:
80:ce:61:a8:dd:a9:01:0b:36:ad:52:8c:05:17:90:68:2d:43:
24:4f:f7:34:c3:ba:46:76:4c:56:53:85:a6:cd:03:a9:2f:ff:
81:d5:81:ad:b9:f4:10:d2:a6:c2:98:5d:75:d6:7f:d2:c9:e8:
89:42:e2:7e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAaDOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwOTI0MjEyNTE1WhcNMjUxMDIxMjEyNTE1WjAYMRYw
FAYDVQQDEw02OGQ0NjFjMC01NTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq0M8A0Q4u7KeOwXE5jcYazNa8kScuPDLGk4R6FgNX8Z3aDwcortstyR8
dem0QA16zZTJRu8BU/xryJyK6FtfH4bf43eQxDfXpH95G9a0dFRr6DEEWIqhW4tg
Ep1ppc+khpSNkuMlJGHtiJ/IMsIAhl7G66yrem1cjHGvZyTt67dtyg+x55BsyEG1
oMd3ShcMB8W+EuwqotQ9LlVw+K+QmCxWGEVhj+tPVlW80Wx1gp6LsdXdUnZY91FN
EW+CqEYB6fu3a+zpcwGIQtQ6fqiVBCW7F8WLP6RrAh7ah2yiUi69iqvrPIwoWmRW
3X/7Ulnea+ZwopG4BgLJALFUxTNhgwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFNMY
LC3j4vEcsWFVyumj9yeEF/HaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GOEJBNjRBQzk5OEMxMUYwODkzRjdDRDlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQAlJq8mc9nLzs35zjBxL7or4q4xOIzqfHhp+cq5U/OkgSmO
Z43cEIQ2CK1ywpe0A+AL5B95CP94R9KxuBOZEqtThP2aSkZpmr+nQhrgTD8wNVS9
LsAYhLKr5Ep3wgX4qalMXSw+yKEEeq4kOzJIndawuooxCrKMm7Q5XjeXUEC5T/Cg
qLzfXgOMqppppcdO7seDAW1zxjUE8pGDMaHT4oNv137kWwiMY0CPpAGQHNLcPgVa
KLsVu/RZyhNS8lx14ZJi10BF6hmAzmGo3akBCzatUowFF5BoLUMkT/c0w7pGdkxW
U4WmzQOpL/+B1YGtufQQ0qbCmF111n/SyeiJQuJ+
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:58 2025 by rpki-client