Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0FA67672B3DE11F0AB9195E4DAE4EC9C.roa
File: 0FA67672B3DE11F0AB9195E4DAE4EC9C.roa (raw, json)
Hash identifier: 0mCxIhAhdTLJHWtYhgSQFN0SyNIJUnhjwrTF+9KW3Kc=
Subject key identifier: D2:7E:9D:60:1E:FB:00:C5:72:1C:27:1C:8D:1B:05:89:02:4A:7A:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A5E0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0FA67672B3DE11F0AB9195E4DAE4EC9C.roa
Signing time: Tue 28 Oct 2025 09:11:18 +0000
ROA not before: Tue 28 Oct 2025 09:11:13 +0000
ROA not after: Thu 04 Dec 2025 09:11:13 +0000
asID: 395793
IP address blocks: 154.200.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108000 (0x1a5e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 09:11:13 2025 GMT
Not After : Dec 4 09:11:13 2025 GMT
Subject: CN=690088b6-17e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:15:31:2f:c0:0f:cb:1e:a8:95:f1:86:c6:11:
32:a8:ec:62:be:48:70:9c:ca:0d:df:e6:ba:d7:cf:
83:6a:e3:19:e2:63:20:d2:8a:c0:c9:d6:a9:fa:7b:
d2:ef:b8:62:34:24:c3:6b:45:fb:bc:f1:93:5d:f4:
3c:06:e8:ba:1b:6c:fa:40:c4:ec:a8:4c:57:24:94:
2e:c9:0b:1a:f7:05:f8:d8:18:94:39:5f:19:c3:15:
26:f0:77:50:f1:c3:0c:ef:2f:6f:8b:e3:83:31:76:
df:ff:5f:86:59:87:12:6f:7d:75:55:cf:ec:3d:95:
0c:d4:1c:1b:cb:75:1f:55:76:8c:a8:cd:25:3f:ae:
c8:af:71:58:2e:5d:59:27:3d:4f:bc:26:42:e5:9a:
65:1f:08:53:f0:c0:0f:1c:6d:c1:d3:b8:76:b3:77:
a6:7e:88:96:f3:1c:f1:80:f6:ba:10:85:d6:8e:17:
2f:c2:ef:34:5c:16:ee:f8:5b:62:30:98:fc:21:13:
7e:12:b3:1c:c7:27:00:ed:68:76:a8:28:0d:39:24:
6c:be:db:c5:51:4f:f1:51:0e:19:e9:6f:29:f9:fa:
87:94:6e:67:7c:c7:2b:c8:dc:f1:fb:f5:25:7f:38:
a0:a7:91:f4:cf:1a:0e:7f:89:a9:cf:7d:6c:1a:03:
4a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7E:9D:60:1E:FB:00:C5:72:1C:27:1C:8D:1B:05:89:02:4A:7A:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0FA67672B3DE11F0AB9195E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.63.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:5f:dc:7f:d6:fa:5f:c2:56:7d:ca:c6:1a:d4:7b:08:30:9f:
1b:7c:23:d7:53:06:50:c1:eb:b7:ad:23:fb:af:98:ed:7d:39:
a3:4a:bd:9b:d4:2d:c2:5b:a0:37:56:a4:cb:03:5d:d6:2e:f4:
ca:b6:17:8c:ea:51:72:6e:0e:4c:d8:d1:a7:c6:f5:49:40:8e:
be:96:1b:51:7b:a0:69:5f:77:e1:d8:b8:54:94:4e:83:34:9b:
f3:26:2d:a4:d3:a1:b1:7f:69:a4:df:4b:20:8f:70:d7:51:49:
b7:04:48:6a:65:10:91:30:32:70:65:18:79:2c:97:f0:21:3a:
b7:92:64:c9:e3:aa:de:b4:5d:c4:bc:a0:3b:33:e5:41:b2:de:
c5:1c:64:7c:e1:5e:50:8d:40:7b:d9:90:99:7b:37:9a:1d:83:
7b:00:f1:0e:40:bf:c2:86:bf:7b:44:ee:ab:ec:de:aa:b9:11:
da:d9:8f:09:a0:cb:03:2c:44:a5:d1:2e:16:ce:e4:a7:a4:3d:
5a:4e:99:cf:b7:39:06:c8:85:1a:8a:6c:c5:bf:e1:9a:76:b0:
34:8d:53:4c:1f:b1:e9:69:bb:26:02:c3:fe:58:d7:a4:f3:a2:
17:da:5c:cb:bf:1c:fd:b7:4e:27:7e:93:62:66:01:5e:e1:75:
e3:1d:d3:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaXgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI4MDkxMTEzWhcNMjUxMjA0MDkxMTEzWjAYMRYw
FAYDVQQDEw02OTAwODhiNi0xN2U1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0BUxL8APyx6olfGGxhEyqOxivkhwnMoN3+a618+DauMZ4mMg0orAydap
+nvS77hiNCTDa0X7vPGTXfQ8Bui6G2z6QMTsqExXJJQuyQsa9wX42BiUOV8ZwxUm
8HdQ8cMM7y9vi+ODMXbf/1+GWYcSb311Vc/sPZUM1Bwby3UfVXaMqM0lP67Ir3FY
Ll1ZJz1PvCZC5ZplHwhT8MAPHG3B07h2s3emfoiW8xzxgPa6EIXWjhcvwu80XBbu
+FtiMJj8IRN+ErMcxycA7Wh2qCgNOSRsvtvFUU/xUQ4Z6W8p+fqHlG5nfMcryNzx
+/Ulfzigp5H0zxoOf4mpz31sGgNKMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNJ+
nWAe+wDFchwnHI0bBYkCSnoDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRkE2NzY3MkIzREUxMUYwQUI5MTk1RTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsg/MA0GCSqGSIb3DQEB
CwUAA4IBAQDLX9x/1vpfwlZ9ysYa1HsIMJ8bfCPXUwZQweu3rSP7r5jtfTmjSr2b
1C3CW6A3VqTLA13WLvTKtheM6lFybg5M2NGnxvVJQI6+lhtRe6BpX3fh2LhUlE6D
NJvzJi2k06Gxf2mk30sgj3DXUUm3BEhqZRCRMDJwZRh5LJfwITq3kmTJ46retF3E
vKA7M+VBst7FHGR84V5QjUB72ZCZezeaHYN7APEOQL/Chr97RO6r7N6quRHa2Y8J
oMsDLESl0S4WzuSnpD1aTpnPtzkGyIUaimzFv+GadrA0jVNMH7HpabsmAsP+WNek
86IX2lzLvxz9t04nfpNiZgFe4XXjHdPV
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:09:07 2025 by rpki-client