Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0785D5EEAE5E11F0B037708EDAE4EC9C.roa
File: 0785D5EEAE5E11F0B037708EDAE4EC9C.roa (raw, json)
Hash identifier: NHj5tHuvUnV4xbbBQpYsibWhdTF5b8Q68H/2csyJrX0=
Subject key identifier: 40:6F:38:A8:91:79:37:B1:AC:29:B3:68:C8:D7:E4:F5:01:CA:2C:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A47A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0785D5EEAE5E11F0B037708EDAE4EC9C.roa
Signing time: Tue 21 Oct 2025 09:12:13 +0000
ROA not before: Tue 21 Oct 2025 09:12:08 +0000
ROA not after: Fri 28 Nov 2025 09:12:08 +0000
asID: 3257
IP address blocks: 154.81.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107642 (0x1a47a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 09:12:08 2025 GMT
Not After : Nov 28 09:12:08 2025 GMT
Subject: CN=68f74e6d-608e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:46:89:a6:cc:6b:50:2a:a8:80:da:4d:b0:c3:
7b:ad:71:8c:81:85:f5:1a:eb:76:c3:e4:f6:e7:4f:
ed:57:24:4e:da:e7:33:a0:df:72:9b:18:b1:17:e6:
48:55:ef:d9:a4:17:b5:f7:42:27:6f:81:bd:cc:11:
70:01:11:83:06:77:9d:6f:38:a9:4e:06:7e:ec:a0:
7b:15:60:1c:18:be:44:d2:0c:e0:90:c8:0f:72:89:
89:09:f7:24:c9:17:25:c7:f9:d8:b6:18:b0:ef:cd:
26:33:b3:0d:8b:39:45:f6:b3:0e:39:1c:6f:f4:95:
b3:51:a2:0d:1a:61:06:7f:f9:08:6d:82:68:0a:fa:
ea:0c:26:c5:18:50:1b:8a:7d:e3:78:f8:c2:44:6f:
21:31:1c:94:cd:ba:d7:ae:4e:16:b2:b5:0c:04:fe:
dd:3c:5b:02:37:49:db:74:34:17:b9:3b:b3:a2:4c:
86:e3:0f:ff:a7:a0:a2:30:48:5b:bb:40:82:f9:59:
ed:7a:f6:7f:6e:6b:49:1c:17:81:13:34:34:66:73:
99:50:68:27:b7:b8:e2:76:3a:96:91:b8:6b:d5:60:
95:9b:75:75:03:be:0c:e1:df:82:8b:f5:bc:6a:ae:
85:66:7a:80:26:5b:f4:91:c6:dd:5f:14:61:52:ba:
72:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6F:38:A8:91:79:37:B1:AC:29:B3:68:C8:D7:E4:F5:01:CA:2C:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0785D5EEAE5E11F0B037708EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.50.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d2:74:c2:4c:95:12:1c:5f:b4:23:4b:67:c5:89:57:6f:71:
35:29:1e:da:9a:5e:db:d0:0b:7d:87:28:dc:3b:03:ee:c2:e5:
c8:de:a1:bb:39:51:1a:ca:e3:a0:05:57:0e:d6:e7:92:58:eb:
a3:9c:5f:5f:ee:0b:f9:bb:28:53:67:d7:0b:0a:dc:e3:70:b3:
44:95:f4:74:38:ba:8f:e1:bf:b0:79:2c:db:e3:18:62:d9:e8:
a7:44:2f:aa:99:f7:07:78:69:1b:6e:26:75:c7:06:90:a0:0d:
01:71:85:5a:71:f6:82:ee:ba:3a:31:cf:03:e4:f0:39:0c:36:
6b:84:16:0b:b5:77:37:4d:0f:56:c5:b1:70:ee:57:77:74:7a:
5e:13:9a:4b:6d:fe:53:5a:71:a2:da:ac:b8:26:d9:ba:81:1f:
d4:d1:d6:19:9a:a0:b2:6e:ab:81:35:f1:69:a6:ce:f0:66:62:
4e:e8:c9:5d:12:28:42:47:bd:17:78:49:78:d0:26:3c:30:66:
1f:18:5e:28:b8:f1:ab:d8:ba:2a:a5:06:c0:aa:fc:f2:fc:53:
e1:e8:04:f5:f2:1b:f1:20:4f:97:44:35:c2:a0:53:ff:b9:2b:
6f:d1:6d:b0:82:e8:1a:04:89:a3:d7:60:a3:5f:f6:52:a4:0b:
e2:4d:22:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaR6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMDkxMjA4WhcNMjUxMTI4MDkxMjA4WjAYMRYw
FAYDVQQDEw02OGY3NGU2ZC02MDhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1EaJpsxrUCqogNpNsMN7rXGMgYX1Gut2w+T250/tVyRO2uczoN9ymxix
F+ZIVe/ZpBe190Inb4G9zBFwARGDBnedbzipTgZ+7KB7FWAcGL5E0gzgkMgPcomJ
CfckyRclx/nYthiw780mM7MNizlF9rMOORxv9JWzUaINGmEGf/kIbYJoCvrqDCbF
GFAbin3jePjCRG8hMRyUzbrXrk4WsrUMBP7dPFsCN0nbdDQXuTuzokyG4w//p6Ci
MEhbu0CC+VntevZ/bmtJHBeBEzQ0ZnOZUGgnt7jidjqWkbhr1WCVm3V1A74M4d+C
i/W8aq6FZnqAJlv0kcbdXxRhUrpyBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEBv
OKiReTexrCmzaMjX5PUByiwJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNzg1RDVFRUFFNUUxMUYwQjAzNzcwOEVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlEyMA0GCSqGSIb3DQEB
CwUAA4IBAQBZ0nTCTJUSHF+0I0tnxYlXb3E1KR7aml7b0At9hyjcOwPuwuXI3qG7
OVEayuOgBVcO1ueSWOujnF9f7gv5uyhTZ9cLCtzjcLNElfR0OLqP4b+weSzb4xhi
2einRC+qmfcHeGkbbiZ1xwaQoA0BcYVacfaC7ro6Mc8D5PA5DDZrhBYLtXc3TQ9W
xbFw7ld3dHpeE5pLbf5TWnGi2qy4Jtm6gR/U0dYZmqCybquBNfFpps7wZmJO6Mld
EihCR70XeEl40CY8MGYfGF4ouPGr2LoqpQbAqvzy/FPh6AT18hvxIE+XRDXCoFP/
uStv0W2wgugaBImj12CjX/ZSpAviTSKr
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:45:11 2025 by rpki-client