Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08F98DAEAE5311F0AA770BC7DAE4EC9C.roa
File: 08F98DAEAE5311F0AA770BC7DAE4EC9C.roa (raw, json)
Hash identifier: 8JCi4MYdIYPRcRjTpcf1RQBgg+x5niR9WMUM698nppQ=
Subject key identifier: 62:47:2C:E2:2D:46:B1:AA:35:8C:57:8F:63:09:1E:30:53:57:86:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A46A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08F98DAEAE5311F0AA770BC7DAE4EC9C.roa
Signing time: Tue 21 Oct 2025 07:53:31 +0000
ROA not before: Tue 21 Oct 2025 07:53:26 +0000
ROA not after: Mon 24 Nov 2025 07:53:26 +0000
asID: 54600
IP address blocks: 154.89.144.0/20 maxlen: 24
154.89.160.0/19 maxlen: 24
154.89.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107626 (0x1a46a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 07:53:26 2025 GMT
Not After : Nov 24 07:53:26 2025 GMT
Subject: CN=68f73bfb-170a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b8:cd:ee:0e:1b:1f:57:58:be:ea:4e:92:1b:
6e:da:38:5f:e1:11:a2:d0:7b:ec:fb:8d:1a:df:23:
a4:73:64:cb:53:83:d0:56:e2:2c:bf:ce:74:70:ab:
b9:a0:2c:07:ec:0b:88:32:d5:cd:2c:5d:2b:7c:57:
d0:dc:74:e9:05:3e:29:c5:54:08:ee:09:9b:c3:0d:
18:21:e3:3a:14:50:c6:f8:cc:1e:df:30:ca:8f:c8:
77:06:2e:6d:7b:83:87:23:8b:4a:de:1c:ac:32:52:
53:f6:79:c8:f6:48:19:77:ab:08:84:07:1b:24:94:
8b:b5:a9:08:9d:01:34:3e:ec:5c:b0:3a:b2:24:3f:
95:61:4e:fc:0c:4c:1a:30:ec:15:60:7f:21:94:8e:
7e:db:b7:aa:b4:dd:37:1e:f0:0c:78:b1:17:2e:d1:
19:fe:8a:be:52:b1:e1:c2:94:07:3e:3f:c6:ec:38:
ec:1b:a0:20:23:36:37:11:de:c2:09:db:af:94:24:
83:f5:2c:8c:d2:09:a5:29:7a:7e:97:b1:a7:89:75:
87:3a:98:05:47:bc:49:7f:3a:8c:fc:57:80:13:26:
66:31:40:9c:92:ef:8a:52:69:0d:d7:fb:b1:67:32:
80:5a:4c:5b:d4:06:c3:25:de:b9:2a:78:11:e4:d7:
c5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:47:2C:E2:2D:46:B1:AA:35:8C:57:8F:63:09:1E:30:53:57:86:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08F98DAEAE5311F0AA770BC7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0-154.89.207.255
Signature Algorithm: sha256WithRSAEncryption
bd:44:eb:77:77:5c:ec:28:fc:9f:1e:91:ac:ad:50:fe:c3:e0:
5c:12:db:c1:5e:93:95:1b:1f:fb:44:b1:45:c5:ec:0d:5f:ec:
e8:e9:93:c8:3e:62:75:da:0b:05:b4:05:24:b5:ed:f6:db:d0:
87:3c:ce:af:04:4f:ba:0b:6f:5d:f1:2e:0c:f1:75:0a:55:7d:
87:3e:96:1c:c4:91:49:b6:40:c7:0c:8d:b8:35:9e:c3:f4:2b:
7c:ea:b6:f6:57:1a:9b:16:66:42:7c:4f:16:0f:c5:74:98:c0:
57:dd:e3:a2:54:8b:99:14:29:4a:3a:b9:ec:85:b4:f2:69:e2:
8d:dd:56:21:38:ed:db:f9:82:87:7c:93:3d:81:3a:f1:d8:c2:
49:88:98:2b:4b:68:5b:44:44:57:df:d0:22:fc:a6:7b:f0:81:
aa:34:8a:b2:44:1d:75:6b:d1:00:ee:bb:ed:d4:4c:d4:43:a2:
16:46:d6:c7:6e:b2:da:21:87:29:06:df:a9:33:a1:83:06:ba:
03:1e:8c:8c:76:20:36:f7:ff:0e:31:35:d8:6b:4e:cb:78:27:
0f:53:89:64:24:cb:08:0b:e8:8b:1c:8d:35:99:ea:e6:a9:e1:
af:9b:96:39:a3:bc:b8:f1:9b:d5:10:c4:4b:c8:03:c1:7e:57:
ea:3b:05:f1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAaRqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMDc1MzI2WhcNMjUxMTI0MDc1MzI2WjAYMRYw
FAYDVQQDEw02OGY3M2JmYi0xNzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx7jN7g4bH1dYvupOkhtu2jhf4RGi0Hvs+40a3yOkc2TLU4PQVuIsv850
cKu5oCwH7AuIMtXNLF0rfFfQ3HTpBT4pxVQI7gmbww0YIeM6FFDG+Mwe3zDKj8h3
Bi5te4OHI4tK3hysMlJT9nnI9kgZd6sIhAcbJJSLtakInQE0PuxcsDqyJD+VYU78
DEwaMOwVYH8hlI5+27eqtN03HvAMeLEXLtEZ/oq+UrHhwpQHPj/G7DjsG6AgIzY3
Ed7CCduvlCSD9SyM0gmlKXp+l7GniXWHOpgFR7xJfzqM/FeAEyZmMUCcku+KUmkN
1/uxZzKAWkxb1AbDJd65KngR5NfF+wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGJH
LOItRrGqNYxXj2MJHjBTV4bwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOEY5OERBRUFFNTMxMUYwQUE3NzBCQzdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaWZADBASaWcAwDQYJ
KoZIhvcNAQELBQADggEBAL1E63d3XOwo/J8ekaytUP7D4FwS28Fek5UbH/tEsUXF
7A1f7Ojpk8g+YnXaCwW0BSS17fbb0Ic8zq8ET7oLb13xLgzxdQpVfYc+lhzEkUm2
QMcMjbg1nsP0K3zqtvZXGpsWZkJ8TxYPxXSYwFfd46JUi5kUKUo6ueyFtPJp4o3d
ViE47dv5god8kz2BOvHYwkmImCtLaFtERFff0CL8pnvwgao0irJEHXVr0QDuu+3U
TNRDohZG1sdustohhykG36kzoYMGugMejIx2IDb3/w4xNdhrTst4Jw9TiWQkywgL
6IscjTWZ6uap4a+bljmjvLjxm9UQxEvIA8F+V+o7BfE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:36:22 2025 by rpki-client