Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/030AFEB6B37E11F09AD0D8F5DAE4EC9C.roa
File: 030AFEB6B37E11F09AD0D8F5DAE4EC9C.roa (raw, json)
Hash identifier: 6RbmEhJIn+jIKT+6WKQJYIlSDJZ7BVxll3WjwKOGmZo=
Subject key identifier: 2D:17:87:FC:B7:60:F7:73:D2:30:EB:D2:27:26:43:51:BC:D1:2F:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A596
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/030AFEB6B37E11F09AD0D8F5DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 21:43:45 +0000
ROA not before: Mon 27 Oct 2025 21:43:40 +0000
ROA not after: Sun 01 Feb 2026 21:43:40 +0000
asID: 328608
IP address blocks: 154.214.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107926 (0x1a596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 21:43:40 2025 GMT
Not After : Feb 1 21:43:40 2026 GMT
Subject: CN=68ffe791-36c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b1:a6:e8:e8:4a:e7:fd:bd:4a:84:f2:e9:72:
2f:9c:f0:75:97:8d:f6:ba:8f:c9:1b:38:4a:65:bd:
f6:6a:28:ab:38:3e:1b:d7:61:5e:17:94:79:52:62:
3b:c8:a7:b7:cb:43:30:83:82:dc:9b:e5:16:46:7a:
1e:26:dc:0d:f2:61:35:6e:95:37:ab:5c:b9:fc:6f:
aa:39:44:d8:e8:70:23:9c:e1:69:f6:cf:fe:1f:6b:
2d:f0:f5:fe:7a:04:c9:25:af:66:d2:e1:b0:d2:87:
19:a6:fe:b3:fc:72:da:49:bb:0d:3b:af:38:08:15:
dc:90:63:e8:38:80:30:8f:a0:af:69:67:cd:c8:47:
7d:75:9b:0f:2d:b4:90:7e:e1:9f:9e:45:42:8d:1f:
7c:59:0a:7f:d4:0d:c7:89:58:e2:a4:89:f7:01:21:
56:b5:10:37:6e:1c:f9:dd:7e:fa:bd:34:d0:eb:14:
c4:9c:74:c2:c8:18:6e:55:5b:ce:0a:9e:c4:ea:ab:
b3:f9:17:9a:c2:40:b0:97:7d:aa:5f:b5:f3:22:8e:
e0:2e:35:24:3a:4d:3b:1e:c0:b3:0b:73:4a:a0:94:
84:e7:6c:f6:ce:9c:f3:23:fe:b2:dd:33:48:80:51:
01:90:68:09:12:b8:01:66:25:33:d8:d4:23:d9:87:
0f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:17:87:FC:B7:60:F7:73:D2:30:EB:D2:27:26:43:51:BC:D1:2F:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/030AFEB6B37E11F09AD0D8F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.192.0/18
Signature Algorithm: sha256WithRSAEncryption
22:61:04:36:e9:ba:86:93:b1:45:ad:9a:aa:cc:25:c3:80:36:
26:e4:32:1a:fa:2f:b5:60:bb:dd:30:76:da:c3:25:b0:76:fd:
cb:e5:c5:96:f0:d9:38:5b:b5:4f:f5:19:5f:8f:63:42:1a:21:
c9:60:e2:10:08:62:70:9c:a7:58:c7:5d:c6:39:72:11:b8:31:
b5:d6:e6:30:82:eb:e1:6b:ce:cf:0d:2b:56:ac:8d:2d:3f:9b:
13:04:69:70:5d:3a:9e:b9:90:53:08:8b:40:9e:bf:73:c4:8c:
50:79:bc:3b:d3:c8:cf:60:df:98:f4:14:4e:bc:05:b7:6a:b1:
88:1e:bd:a9:54:4b:9b:29:ae:86:25:bb:3a:50:bb:d4:e5:c7:
db:3d:84:a5:42:0e:f5:fc:5d:d1:f0:2f:55:f6:ff:02:3f:98:
d4:55:80:7a:d1:38:61:c4:c0:27:b8:ec:36:66:4f:16:9c:06:
45:b8:80:b9:6e:6d:86:3b:82:f0:57:96:49:0a:0f:a9:4c:51:
83:1d:5a:38:c3:e1:52:6d:bf:d9:d1:df:a6:14:1b:f6:a8:f6:
38:84:68:0d:81:4f:9a:c6:7e:74:13:da:36:76:af:64:48:9d:
da:82:39:3e:87:2c:0c:79:91:0a:19:4e:34:90:dc:80:8e:0b:
5b:e4:f3:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaWWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MjE0MzQwWhcNMjYwMjAxMjE0MzQwWjAYMRYw
FAYDVQQDEw02OGZmZTc5MS0zNmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0rGm6OhK5/29SoTy6XIvnPB1l432uo/JGzhKZb32aiirOD4b12FeF5R5
UmI7yKe3y0Mwg4Lcm+UWRnoeJtwN8mE1bpU3q1y5/G+qOUTY6HAjnOFp9s/+H2st
8PX+egTJJa9m0uGw0ocZpv6z/HLaSbsNO684CBXckGPoOIAwj6CvaWfNyEd9dZsP
LbSQfuGfnkVCjR98WQp/1A3HiVjipIn3ASFWtRA3bhz53X76vTTQ6xTEnHTCyBhu
VVvOCp7E6quz+ReawkCwl32qX7XzIo7gLjUkOk07HsCzC3NKoJSE52z2zpzzI/6y
3TNIgFEBkGgJErgBZiUz2NQj2YcP8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC0X
h/y3YPdz0jDr0icmQ1G80S+mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzBBRkVCNkIzN0UxMUYwOUFEMEQ4RjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtbAMA0GCSqGSIb3DQEB
CwUAA4IBAQAiYQQ26bqGk7FFrZqqzCXDgDYm5DIa+i+1YLvdMHbawyWwdv3L5cWW
8Nk4W7VP9Rlfj2NCGiHJYOIQCGJwnKdYx13GOXIRuDG11uYwguvha87PDStWrI0t
P5sTBGlwXTqeuZBTCItAnr9zxIxQebw708jPYN+Y9BROvAW3arGIHr2pVEubKa6G
Jbs6ULvU5cfbPYSlQg71/F3R8C9V9v8CP5jUVYB60ThhxMAnuOw2Zk8WnAZFuIC5
bm2GO4LwV5ZJCg+pTFGDHVo4w+FSbb/Z0d+mFBv2qPY4hGgNgU+axn50E9o2dq9k
SJ3agjk+hywMeZEKGU40kNyAjgtb5PNk
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:47:58 2025 by rpki-client