Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AC4A53EB2ED11F0AFD345D2DAE4EC9C.roa
File: 1AC4A53EB2ED11F0AFD345D2DAE4EC9C.roa (raw, json)
Hash identifier: o9NlyOIZ9VNOqmSft0JVyLm6+4pzW+fGNVZ4bO9lbGM=
Subject key identifier: E7:16:73:06:BA:ED:62:C3:A6:99:B4:1E:97:41:69:EF:7D:32:5B:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A4EE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AC4A53EB2ED11F0AFD345D2DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 04:26:28 +0000
ROA not before: Mon 27 Oct 2025 04:26:21 +0000
ROA not after: Sun 30 Nov 2025 04:26:21 +0000
asID: 32043
IP address blocks: 154.95.6.0/23 maxlen: 24
154.95.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107758 (0x1a4ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 27 04:26:21 2025 GMT
Not After : Nov 30 04:26:21 2025 GMT
Subject: CN=68fef474-fafb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fb:34:aa:b9:a1:dd:3a:e9:21:78:4f:d4:87:
d0:05:86:c8:9c:41:b4:e7:e3:73:2c:32:b1:f7:77:
ce:d0:f2:43:7c:78:e9:53:e4:9f:6f:de:9a:8b:9d:
f4:aa:c5:58:ec:7f:0a:f7:ac:08:a3:bb:58:c5:a8:
51:b7:65:8a:0c:03:bc:b2:8e:ea:40:3b:5a:60:28:
68:6e:5a:7a:84:1a:b3:31:d6:f9:0d:75:79:8f:ea:
ee:b0:a8:3a:5d:4a:2e:53:ff:2f:3f:c2:98:23:37:
8e:00:13:e6:0f:55:36:b3:d4:4e:54:fa:14:a7:30:
a1:37:bb:a9:e3:69:fe:c6:44:a6:35:51:71:da:a0:
85:61:96:60:01:97:a7:6d:09:1c:6f:57:4e:61:9f:
7d:ef:76:e5:99:29:73:75:d4:d4:57:e5:d0:14:eb:
ea:97:e1:f5:7a:a5:81:3d:b9:0e:c8:94:2c:8c:00:
04:07:03:f1:dd:1c:32:a6:58:d4:1f:d1:47:bf:53:
7f:30:d5:62:19:10:3d:3a:5f:74:ef:d3:b4:cc:dd:
a8:27:ed:93:28:34:da:37:01:a6:fe:4b:02:73:d3:
87:f7:5c:7c:d2:2c:d5:a6:df:22:8b:59:9b:98:7d:
ff:9f:c8:94:ec:c8:81:0b:b5:48:f9:83:ab:a6:c5:
7a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:16:73:06:BA:ED:62:C3:A6:99:B4:1E:97:41:69:EF:7D:32:5B:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AC4A53EB2ED11F0AFD345D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.6.0-154.95.9.255
Signature Algorithm: sha256WithRSAEncryption
36:37:3c:d8:be:c1:58:9c:7f:30:46:a7:b8:b2:72:da:29:73:
5c:72:d2:47:0a:c7:83:e0:41:73:73:66:0a:ce:89:96:49:54:
d5:27:a4:a3:c3:36:59:aa:21:06:0f:dc:99:c9:70:3e:55:27:
55:ed:8e:49:d3:0a:49:8d:08:62:d9:a3:f7:e8:83:ba:57:ae:
d1:6d:a6:24:c6:01:61:33:92:56:76:34:79:6b:fd:2a:04:91:
62:49:c8:6c:76:a8:b9:6d:e0:35:90:52:bb:9a:e4:fa:0a:70:
fa:41:4e:51:2d:f5:f4:c2:a2:72:8b:16:20:67:b4:c4:96:a1:
d6:51:e9:00:a3:e8:5e:a2:39:3d:e1:71:6c:3e:43:58:8c:15:
c6:aa:0c:32:77:48:7f:38:86:34:38:26:4b:f3:8b:6c:60:ae:
1e:10:31:ef:5c:56:c4:bc:2a:a5:50:11:b3:ab:b4:05:9d:52:
f0:49:b6:ba:75:e5:67:c1:29:6d:5f:ae:64:74:1f:78:a2:1c:
1e:04:43:dc:a4:83:44:2e:01:ba:07:c5:f2:3c:a3:b8:a4:3d:
64:6d:71:b4:3d:4d:ce:20:19:6d:f8:08:44:1d:d7:71:79:0a:
0b:09:bb:30:26:3f:82:23:ab:5c:09:f9:ca:7d:a7:26:12:51:
6c:99:ec:76
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAaTuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDI3MDQyNjIxWhcNMjUxMTMwMDQyNjIxWjAYMRYw
FAYDVQQDEw02OGZlZjQ3NC1mYWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyfs0qrmh3TrpIXhP1IfQBYbInEG05+NzLDKx93fO0PJDfHjpU+Sfb96a
i530qsVY7H8K96wIo7tYxahRt2WKDAO8so7qQDtaYChoblp6hBqzMdb5DXV5j+ru
sKg6XUouU/8vP8KYIzeOABPmD1U2s9ROVPoUpzChN7up42n+xkSmNVFx2qCFYZZg
AZenbQkcb1dOYZ9973blmSlzddTUV+XQFOvql+H1eqWBPbkOyJQsjAAEBwPx3Rwy
pljUH9FHv1N/MNViGRA9Ol9079O0zN2oJ+2TKDTaNwGm/ksCc9OH91x80izVpt8i
i1mbmH3/n8iU7MiBC7VI+YOrpsV6IwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOcW
cwa67WLDppm0HpdBae99MluOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUM0QTUzRUIyRUQxMUYwQUZEMzQ1RDJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGaXwYDBAGaXwgwDQYJ
KoZIhvcNAQELBQADggEBADY3PNi+wVicfzBGp7iyctopc1xy0kcKx4PgQXNzZgrO
iZZJVNUnpKPDNlmqIQYP3JnJcD5VJ1XtjknTCkmNCGLZo/fog7pXrtFtpiTGAWEz
klZ2NHlr/SoEkWJJyGx2qLlt4DWQUrua5PoKcPpBTlEt9fTConKLFiBntMSWodZR
6QCj6F6iOT3hcWw+Q1iMFcaqDDJ3SH84hjQ4Jkvzi2xgrh4QMe9cVsS8KqVQEbOr
tAWdUvBJtrp15WfBKW1frmR0H3iiHB4EQ9ykg0QuAboHxfI8o7ikPWRtcbQ9Tc4g
GW34CEQd13F5CgsJuzAmP4Ijq1wJ+cp9pyYSUWyZ7HY=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:22:31 2025 by rpki-client