Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D5E4A2AAE6511F0B701F0BADAE4EC9C.roa
File: 1D5E4A2AAE6511F0B701F0BADAE4EC9C.roa (raw, json)
Hash identifier: clF/EsAS10aKizB5WnQa+lYajAKHpnPBdTrdwx2oTlU=
Subject key identifier: 17:14:B2:7D:2E:41:58:34:EB:DC:BD:0C:73:4E:59:4C:A2:42:C4:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01A486
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D5E4A2AAE6511F0B701F0BADAE4EC9C.roa
Signing time: Tue 21 Oct 2025 10:02:56 +0000
ROA not before: Tue 21 Oct 2025 10:02:51 +0000
ROA not after: Sun 30 Nov 2025 10:02:51 +0000
asID: 18013
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:06:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107654 (0x1a486)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 10:02:51 2025 GMT
Not After : Nov 30 10:02:51 2025 GMT
Subject: CN=68f75a50-fae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:56:60:00:d3:10:7e:e4:54:9a:76:6d:46:27:
83:f1:96:a2:8f:9d:00:6f:fe:ba:a3:ba:d4:02:5b:
60:37:cc:1a:ff:71:9e:3c:45:4d:61:72:c6:b6:1b:
71:a9:4a:5f:4e:95:be:82:78:f9:d8:63:46:66:2b:
2f:80:ed:c9:24:0b:18:cb:00:e2:5f:50:b2:b6:78:
08:a0:a8:98:82:02:9e:1e:e0:e2:ca:6d:b9:db:79:
0d:1f:c7:47:01:f1:20:cd:54:2d:88:82:7d:04:e1:
fd:56:87:5e:7f:a4:da:ea:a0:76:dd:a7:35:56:a1:
9c:d1:99:26:72:65:73:d4:33:15:87:38:fe:09:fe:
ba:47:cc:da:a6:72:9b:1c:27:89:35:b2:0a:ec:e5:
d3:ef:be:e6:95:e6:ca:2e:d0:63:6b:58:7b:0d:5d:
22:e7:d7:eb:c2:6e:d2:18:d3:5f:1c:5c:d5:7b:7a:
8a:c8:85:a8:22:bf:dc:21:87:20:70:3c:b7:df:00:
28:b4:a9:5a:f3:35:9a:92:25:59:52:75:71:bb:8c:
12:de:fa:c3:77:ce:b3:80:cd:d9:c9:a2:91:02:81:
d4:fa:49:d1:c8:25:9c:6f:01:b2:1f:3b:db:4e:f4:
bd:5d:f6:a0:89:83:dc:1f:2c:7e:15:df:42:85:13:
34:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:14:B2:7D:2E:41:58:34:EB:DC:BD:0C:73:4E:59:4C:A2:42:C4:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D5E4A2AAE6511F0B701F0BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c3:dc:7c:e0:f3:ef:20:37:40:c6:f6:09:35:1f:55:a3:6e:f6:
dc:ed:3f:b5:02:b5:81:5f:c4:14:75:20:95:7a:90:36:da:23:
ed:f5:90:bd:8c:ff:74:df:8b:39:48:7d:0b:a1:1b:29:cf:08:
5d:16:f0:aa:0a:9a:2a:db:e7:93:66:66:6b:9c:b7:15:50:fa:
c5:dc:d2:01:25:5a:c0:3f:c7:17:cb:c6:1e:93:1e:7c:a7:3d:
9c:22:35:7a:c8:e3:f5:c6:25:ed:7b:56:16:d9:85:9e:80:7a:
c6:5d:03:20:b9:0f:b4:89:bd:a8:28:51:8b:c7:b4:79:43:eb:
bf:6d:ae:4a:59:e5:f8:56:8e:ea:f1:de:7d:68:ce:76:93:e5:
9b:13:15:49:e2:d0:31:7c:8a:a3:fd:03:77:a0:a8:ed:6b:2c:
b3:c3:dc:7d:6c:31:ac:f1:2c:5a:51:10:a3:ff:28:05:00:af:
a4:23:4a:ac:71:2d:02:19:17:84:09:c9:20:1b:03:27:17:97:
74:2a:81:27:47:88:ba:66:f8:37:23:ad:97:3d:af:73:fb:47:
1a:12:fd:c9:2d:69:90:0b:39:42:51:89:03:d5:f9:e9:05:c5:
d4:c9:4f:07:17:f5:f3:58:4d:64:bc:82:f7:3c:1c:26:06:43:
2d:66:e8:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAaSGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUxMDIxMTAwMjUxWhcNMjUxMTMwMTAwMjUxWjAYMRYw
FAYDVQQDEw02OGY3NWE1MC1mYWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAslZgANMQfuRUmnZtRieD8Zaij50Ab/66o7rUAltgN8wa/3GePEVNYXLG
thtxqUpfTpW+gnj52GNGZisvgO3JJAsYywDiX1CytngIoKiYggKeHuDiym2523kN
H8dHAfEgzVQtiIJ9BOH9Vodef6Ta6qB23ac1VqGc0ZkmcmVz1DMVhzj+Cf66R8za
pnKbHCeJNbIK7OXT777mlebKLtBja1h7DV0i59frwm7SGNNfHFzVe3qKyIWoIr/c
IYcgcDy33wAotKla8zWakiVZUnVxu4wS3vrDd86zgM3ZyaKRAoHU+knRyCWcbwGy
HzvbTvS9XfagiYPcHyx+Fd9ChRM0bQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBcU
sn0uQVg069y9DHNOWUyiQsQoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRDVFNEEyQUFFNjUxMUYwQjcwMUYwQkFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQDD3Hzg8+8gN0DG9gk1H1Wjbvbc7T+1ArWBX8QUdSCVepA22iPt9ZC9
jP9034s5SH0LoRspzwhdFvCqCpoq2+eTZmZrnLcVUPrF3NIBJVrAP8cXy8Yekx58
pz2cIjV6yOP1xiXte1YW2YWegHrGXQMguQ+0ib2oKFGLx7R5Q+u/ba5KWeX4Vo7q
8d59aM52k+WbExVJ4tAxfIqj/QN3oKjtayyzw9x9bDGs8SxaURCj/ygFAK+kI0qs
cS0CGReECckgGwMnF5d0KoEnR4i6Zvg3I62XPa9z+0caEv3JLWmQCzlCUYkD1fnp
BcXUyU8HF/XzWE1kvIL3PBwmBkMtZuir
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:12:18 2025 by rpki-client