Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA40BAD4A29611F08A91D682DAE4EC9C.roa
File: FA40BAD4A29611F08A91D682DAE4EC9C.roa (raw, json)
Hash identifier: 3bE0W1tBvykGT1xKOxHSeVkm6VISpCTHhv1M8pOQbOw=
Subject key identifier: 46:B9:16:8B:66:75:D9:C4:4D:17:29:5A:33:58:90:85:6B:39:BC:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A271
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA40BAD4A29611F08A91D682DAE4EC9C.roa
Signing time: Mon 06 Oct 2025 09:29:38 +0000
ROA not before: Mon 06 Oct 2025 09:29:33 +0000
ROA not after: Thu 13 Nov 2025 09:29:33 +0000
asID: 272854
IP address blocks: 154.194.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107121 (0x1a271)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 6 09:29:33 2025 GMT
Not After : Nov 13 09:29:33 2025 GMT
Subject: CN=68e38c02-f5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1b:e9:4a:0e:35:6b:93:d5:d8:33:90:2c:49:
8b:8d:1e:41:8c:40:d4:30:fa:2e:27:ce:48:df:95:
51:d1:68:cd:b5:b0:58:c4:c2:33:4d:e6:68:89:2e:
eb:86:20:cb:ea:bf:be:19:98:24:ba:63:1c:40:ae:
f2:ff:a7:4d:a3:2c:60:8c:a3:cc:f8:03:da:64:75:
e3:08:df:0b:d9:88:6e:1f:b7:d8:20:67:e7:13:93:
1e:54:45:f4:50:13:e0:15:a8:a1:96:a9:67:b1:5a:
25:35:be:ea:04:be:04:4e:92:e6:42:f9:5d:ef:44:
74:97:d9:e6:06:0c:a7:63:a0:2b:2e:b8:8f:9e:e2:
51:f8:d2:1f:17:9a:66:84:fb:33:d2:99:2c:24:24:
c3:0c:79:92:7c:8b:3d:c6:71:bf:c1:0f:86:c7:4b:
7a:69:96:35:2b:ee:4c:6e:26:95:fe:73:9a:85:72:
dc:a8:6a:e4:3c:f1:f6:d1:15:75:e9:a9:f9:05:3c:
85:28:3c:7c:2d:7d:24:66:be:18:ab:2e:62:41:fb:
be:79:7a:d9:83:46:5c:3b:fb:6e:51:d4:c0:42:1c:
21:92:02:02:d1:23:f6:65:63:36:57:75:cf:19:fa:
ac:7a:85:35:a3:4b:32:92:0e:78:ec:73:9e:23:4b:
80:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B9:16:8B:66:75:D9:C4:4D:17:29:5A:33:58:90:85:6B:39:BC:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA40BAD4A29611F08A91D682DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.44.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:bf:16:46:6f:fd:fd:9a:6b:38:0b:f9:de:11:fd:70:61:24:
85:39:f2:ae:a8:73:85:2f:d8:2c:40:12:d3:26:bf:86:82:f7:
e4:a6:bb:a0:a2:7f:11:79:cd:1b:44:6c:e9:4e:c0:f7:48:cf:
c2:f3:ed:a0:2a:f7:05:34:da:d5:aa:1d:cc:00:a0:bd:82:11:
6d:89:dd:c6:8b:62:89:c6:d4:6e:95:73:f8:ea:7b:83:97:90:
55:17:5f:6d:25:58:bb:4a:e4:3c:d6:68:47:fd:95:7f:fb:fc:
b3:d0:dc:92:dd:42:81:3c:6c:c2:ab:94:c1:b1:bd:52:df:f1:
e3:2b:e8:6f:ea:a8:2a:01:6e:06:f9:e2:2a:04:1f:41:81:61:
5d:9c:3f:88:d0:b2:51:bf:0b:9f:a8:5b:45:c1:49:de:f3:e4:
e7:0b:df:c0:8f:e6:69:3a:f6:9b:fc:e3:37:6a:6a:76:b1:8c:
22:39:41:a7:80:f5:1e:ed:5f:86:52:b8:47:84:e2:0a:02:97:
ce:9a:09:33:7e:54:6f:6b:5e:7c:7b:21:e9:e4:67:7e:25:1a:
24:7a:53:7c:80:1a:e2:cb:34:fc:19:78:92:4e:c3:01:1b:ed:
a0:24:15:46:8f:51:8d:e1:3c:ba:93:21:74:8f:84:f1:0c:2d:
47:e0:7d:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaJxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDA2MDkyOTMzWhcNMjUxMTEzMDkyOTMzWjAYMRYw
FAYDVQQDEw02OGUzOGMwMi1mNWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqRvpSg41a5PV2DOQLEmLjR5BjEDUMPouJ85I35VR0WjNtbBYxMIzTeZo
iS7rhiDL6r++GZgkumMcQK7y/6dNoyxgjKPM+APaZHXjCN8L2YhuH7fYIGfnE5Me
VEX0UBPgFaihlqlnsVolNb7qBL4ETpLmQvld70R0l9nmBgynY6ArLriPnuJR+NIf
F5pmhPsz0pksJCTDDHmSfIs9xnG/wQ+Gx0t6aZY1K+5MbiaV/nOahXLcqGrkPPH2
0RV16an5BTyFKDx8LX0kZr4Yqy5iQfu+eXrZg0ZcO/tuUdTAQhwhkgIC0SP2ZWM2
V3XPGfqseoU1o0sykg547HOeI0uAxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEa5
FotmddnETRcpWjNYkIVrObzzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTQwQkFENEEyOTYxMUYwOEE5MUQ2ODJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIsMA0GCSqGSIb3DQEB
CwUAA4IBAQDAvxZGb/39mms4C/neEf1wYSSFOfKuqHOFL9gsQBLTJr+Ggvfkprug
on8Rec0bRGzpTsD3SM/C8+2gKvcFNNrVqh3MAKC9ghFtid3Gi2KJxtRulXP46nuD
l5BVF19tJVi7SuQ81mhH/ZV/+/yz0NyS3UKBPGzCq5TBsb1S3/HjK+hv6qgqAW4G
+eIqBB9BgWFdnD+I0LJRvwufqFtFwUne8+TnC9/Aj+ZpOvab/OM3amp2sYwiOUGn
gPUe7V+GUrhHhOIKApfOmgkzflRva158eyHp5Gd+JRokelN8gBriyzT8GXiSTsMB
G+2gJBVGj1GN4Ty6kyF0j4TxDC1H4H1J
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:52 2025 by rpki-client